GRC Report Staff

The U.S. Department of Homeland Security (DHS) has announced the addition of several textile companies from the People’s Republic of China (PRC) to the Uyghur Forced Labor Prevention Act (UFLPA) Entity List. This action, effective November 1, 2024, will prevent goods from 78 PRC-based companies from entering the United States, reinforcing the U.S. commitment to fighting forced labor and the atrocities against Uyghurs and other ethnic minorities in the Xinjiang Uyghur Autonomous Region (XUAR).

The Consumer Financial Protection Bureau (CFPB) has put Meta Platforms, Inc. on notice. The federal agency is considering legal action against the social media giant over allegations that it improperly obtained consumers’ financial data from third parties and funneled that information into its highly profitable targeted advertising operations.

The European Banking Authority (EBA) has just dropped a comprehensive look into how financial firms are handling Principal Adverse Impact (PAI) disclosures under the Sustainable Finance Disclosure Regulation (SFDR). This 2024 report shows progress on some fronts but also highlights areas where firms are falling short on compliance and best practices. For risk and compliance pros, this report sheds light on what firms are up against in meeting sustainability reporting standards and offers practical insights into how compliance frameworks are shifting to keep up with rising regulatory demands.

The Federal Communications Commission (FCC) has joined forces with the California Privacy Protection Agency (CPPA) through a newly announced Memorandum of Understanding (MOU). This partnership signals a renewed commitment to protecting individuals' data as digital threats become increasingly sophisticated. With the CPPA’s exclusive focus on privacy and the FCC’s broad regulatory powers, both agencies are set to enhance their collaborative efforts to ensure consumers are informed and safeguarded in today’s complex digital landscape.

As the call for transparency in environmental, social, and governance (ESG) practices intensifies, a recent survey by Ernst & Young (EY) uncovers a troubling reality: both investors and finance leaders are increasingly skeptical about the credibility of nonfinancial reporting. This growing skepticism, exacerbated by perceptions of greenwashing and inconsistent data, highlights the critical role that ESG and governance, risk, and compliance (GRC) professionals must play in elevating reporting standards.

Global data protection authorities have issued a follow-up joint statement highlighting new measures for social media companies to enhance protections for personal information, as mass data scraping continues to pose risks, particularly in the age of artificial intelligence. This latest statement reflects insights from recent discussions between 17 data protection authorities and some of the largest social media platforms, deepening the collaboration initially sparked by a joint statement on data scraping in 2023.

In a world where sustainability is no longer just a buzzword, asset managers find themselves facing complex, often thorny challenges around environmental, social, and governance (ESG) data. The Dutch Authority for the Financial Markets (AFM) recently put this into focus with an in-depth study, pulling back the curtain on the hurdles asset managers face in risk management and compliance tied to ESG.