In our previous alert we mentioned a joint letter from the Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA) to the UK Government on their strategic approach to artificial intelligence (AI) and...more
11/6/2024
/ Artificial Intelligence ,
Bank of England ,
Banking Sector ,
Banks ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
Financial Stability Board ,
FinTech ,
Machine Learning ,
Prudential Regulation Authority (PRA) ,
Risk Assessment ,
Risk Mitigation ,
UK
On 7 December 2023, the Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA) published a joint consultation paper titled ”CP26/23 - Operational resilience: Critical third parties to the UK financial...more
In our previous alert, we discussed the emerging trends for regulating artificial intelligence (AI) in financial services and mentioned a joint paper published by the Prudential Regulation Authority (PRA) and Financial...more
In our previous alert, we noted the speech made by Nikhil Rathi, CEO of the UK Financial Conduct Authority (FCA), which built on the points made in a joint paper published by the Bank of England (BoE) and FCA on artificial...more
10/12/2023
/ Artificial Intelligence ,
Bank of England ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
Information Reports ,
Joint Statements ,
Machine Learning ,
Prudential Regulation Authority (PRA) ,
Risk Assessment ,
Risk Management ,
UK
In a recent speech, Nikhil Rathi, CEO of the UK Financial Conduct Authority (FCA), set out the FCA’s latest views on the role of artificial intelligence (AI) in financial services. The speech highlights many benefits but also...more
7/28/2023
/ Artificial Intelligence ,
Competition ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Crimes ,
Deep Fake ,
Financial Conduct Authority (FCA) ,
Financial Institutions ,
Financial Services Industry ,
FinTech ,
Identity Theft ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Risk Assessment ,
Scams ,
SMCR ,
UK
On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-US Data Privacy Framework (“DPF”), the revamped transatlantic framework designed to support transfers of personal data from the EU to...more
7/19/2023
/ Adequacy Requirement ,
Binding Corporate Rules ,
Certification Requirements ,
Data Privacy ,
EU ,
Executive Orders ,
Framework Agreement ,
International Data Transfers ,
Personal Data ,
Privacy Framework ,
Standard Contractual Clauses ,
Switzerland ,
UK
The Digital Markets, Competition, and Consumers Bill (the DMCC) was introduced in the House of Commons on 25 April 2023, and the second reading was held on 17 May. The DMCC aims to cover two main topics: (a) digital markets...more
The Department for Science, Innovation and Technology published a white paper on 29 March 2023 titled "AI Regulation: A Pro-Innovation Approach", which sets out the UK Government’s proposals to regulate artificial...more
On June 4, 2021, the European Commission (the “EC”) abolished the old Standard Contractual Clauses (the “Old SCCs”) and published a new more flexible set of clauses (the “New SCCs”) for companies that wish to export personal...more
The European Securities and Markets Authority (“ESMA”) Final Report Guidelines on outsourcing to cloud service providers (“the Guidelines”) came into force on 31 July 2021 and apply to all cloud outsourcing arrangements...more
1/19/2022
/ Audits ,
Cloud Service Providers (CSPs) ,
EU ,
European Securities and Markets Authority (ESMA) ,
Exit Strategies ,
Financial Services Industry ,
Information Security ,
Investment Firms ,
Outsourcing ,
Termination ,
UK
The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more
8/27/2021
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Transfers ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Impact Assessments ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
The UK Information Commissioner’s Office (“ICO”) has published a letter sent to the U.S. Securities and Exchange Commission. The ICO confirms that it is possible for SEC regulated UK firms to transfer personal data to the...more
3/23/2021
/ Brokers ,
Financial Institutions ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Investment Management ,
Personal Data ,
Public Interest ,
Securities and Exchange Commission (SEC) ,
UK
The world is facing a significant public health crisis that requires a strong response and common approach. Governments and scientists around the world are relying on automated data processing and digital technologies as part...more
The UK Supreme Court held, in the case of Elgizouli v Secretary of State for the Home Department [2020] UKSC 10, that the Home Secretary breached the Data Protection Act 2018 (DPA), the UK data protection legislation which...more
Good news for employers who can take some comfort in the UK Supreme Court’s judgment – in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents) [2020] UKSC 12 – which held that Morrisons was not liable...more