Insights

With the Corporate Sustainability Reporting Directive (CSRD) looming like a back-to-school deadline, KPMG’s latest findings reveal who’s ready for the ESG exam—and who might be cramming at the last minute. The stakes are high, as companies not only face the pressure of ticking all the regulatory boxes but also the challenge of proving to increasingly discerning stakeholders that their sustainability efforts are more than just hot air. Those who are prepared are stepping up to the podium, while the less prepared scramble to catch up, knowing that in this high-stakes game, there’s no room for half-measures or last-minute cramming.

In today’s rapidly evolving business landscape, risk management is no longer just about avoiding pitfalls—it's about navigating the uncertain waters of opportunity and danger with agility and resilience. The modern approach to risk management is about mastering the art of navigating through an intricate web of opportunities and threats with both agility and resilience. This new paradigm recognizes that risk is not just a challenge to be mitigated but an integral component of strategic decision-making. In an environment characterized by relentless change and uncertainty—driven by technological advancements, global interconnectedness, and shifting market dynamics—organizations must develop a proactive and adaptive risk management strategy. This means anticipating potential disruptions, seizing emerging opportunities, and building organizational resilience to bounce back stronger from setbacks. Effective risk management today requires a dynamic, forward-thinking approach that not only protects against adverse events but also leverages risks as catalysts for growth and innovation. By integrating risk management into the core of their strategic operations, organizations can better navigate the complex terrain of the modern business world, ensuring long-term success and sustainability.

The Dutch Data Protection Authority (DPA), in cooperation with the French data protection authority CNIL, has imposed a colossal €290 million fine on Uber B.V. and Uber Technologies Inc. The penalty, announced on August 26, 2024, stems from Uber's unauthorized transfer of European drivers' personal data to the United States without implementing sufficient safeguards—a violation of the General Data Protection Regulation (GDPR).

Texas Attorney General Ken Paxton has filed a lawsuit against industry titan General Motors (GM) over the company's alleged unlawful collection and sale of driver data. This action comes as part of a broader data privacy and security initiative launched by Paxton to aggressively enforce Texas privacy laws.

Organizations today are increasingly turning to their internal audit teams to bridge the widening gap between risk demands and risk management capacity. A recent survey conducted by AuditBoard sheds light on this shift, revealing that the role of internal audit is expanding significantly as companies seek to bolster their resilience against emerging threats.

In the world of governance, risk management, and compliance, policies are not just procedural formalities—they are the bedrock upon which organizations build their operational integrity. Properly designed and implemented, policies ensure that processes, transactions, and behaviors align with the organization’s objectives, mitigating risks and upholding values. But as vital as they are, policies can also be a double-edged sword: when poorly managed, they expose organizations to significant legal liabilities.

The latest annual benchmark study on environmental, social, and governance (ESG) policies and compliance conducted by Corporate Counsel in partnership with Morrison Foerster has revealed several notable trends in how organizations and their legal departments are approaching ESG.