News & Analysis as of July 25, 2025

Regulatory Requirements

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

Skadden, Arps, Slate, Meagher & Flom LLP on 7/24/2025

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

ICO Annual Report Provides Insight Into Data Protection Risks for Businesses

Paul Hastings LLP on 7/22/2025

The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more

CHINA: DPOs Must Be Registered Before 29 August 2025

DLA Piper on 7/21/2025

While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more

SEC Withdraws Proposed Cyber-Related Rule Applicable to Broker-Dealers And Signals SolarWinds Settlement on the Horizon

Alston & Bird on 7/21/2025

The Securities and Exchange Commission (SEC) recently announced the withdrawal of several Biden-era regulations, including a proposed rule that would have required a broad range of platforms and financial intermediaries (such...more

FAR 2.0 Part 39 in Arcade Mode—How Federal IT Acquisition Just Hit Reset

McCarter & English Blog: Government Contracts... on 7/21/2025

For those who grew up gripping a joystick and dodging alien fire in Defender, riding ostriches through floating platforms in Joust, or crossing a hectic freeway in Frogger, winning wasn’t about memorizing rules; it was about...more

Have You Enrolled in EDGAR Next? Enrollment Deadline Approaching

ArentFox Schiff on 7/21/2025

In September 2024, the US Securities and Exchange Commission (SEC) adopted rule changes to its Electronic Data Gathering, Analysis, and Retrieval (EDGAR) file access and account management system (EDGAR Next), which went into...more

[Webinar] Top 5 Game-Changing Regulatory Shifts Impacting Financial Compliance and Board Accountability - September 24th, 1:00 pm...

American Conference Institute (ACI) on 7/18/2025

Don’t miss this complimentary webinar spotlighting the five most pressing regulatory developments reshaping compliance in Canada’s financial sector. From board-level liability, to shifting enforcement priorities, get up to...more

Decoding the Regulation of “Important Data” in China and the U.S.: Similarities and Differences, Compliance Obligations, and...

Dacheng on 7/18/2025

With the rapid development of informatization, how to better safeguard national security in an increasingly complex information environment has become a critical consideration in digital legislation. A key issue within this...more

AI Summaries in Google Discover: Rethinking Information Governance, Discovery, and Security

HaystackID on 7/18/2025

In a bold initiative to integrate AI across various platforms, Google has launched AI-generated summaries in its Discover product, a personalized news feed widely accessible on Android and iOS devices. These AI summaries...more

Inside the SK Telecom Data Breach: What Happened and What Companies Can Learn

Alston & Bird on 7/17/2025

In April 2025, SK Telecom—South Korea’s largest mobile carrier—formally notified regulators of a significant data breach that compromised sensitive SIM card data belonging to nearly 27 million users. Following an...more

Key Business Litigation & Transaction Trends Every Executive Must Know in 2025

Segal McCambridge on 7/17/2025

As we continue to navigate 2025, business leaders face an increasingly complex legal landscape shaped by technological advancements, evolving regulations, and dynamic market conditions. Understanding these emerging trends is...more

Key lessons on the False Claims Act for government contractors after Raytheon’s $8.4 million settlement

Clark Hill PLC on 7/16/2025

Government contractors should be on high alert following the recent announcement that Raytheon Company, its parent RTX Corporation, and Nightwing Group, LLC, have agreed to pay $8.4 million to resolve allegations of violating...more

Navigating Cloud Forensics in Complex Investigations

J.S. Held on 7/16/2025

Introduction: Understanding Cloud Data in the Modern Digital Landscape - In today’s hyper-connected digital world, we interact with vast amounts of data, much of which isn’t stored locally on our devices but instead...more

GPAI Code of Practice – Final Version Published by European Commission

DLA Piper on 7/15/2025

The European Commission has published the final version of a general-purpose AI (“GPAI”) Code of Practice. We took a deeper look into it and prepared a short summary to help you understand what the GPAI Code of Practice is,...more

EU RTS on subcontracting ICT services supporting critical or important functions under DORA published in OJ

A&O Shearman on 7/15/2025

Commission Delegated Regulation (EU) 2025/532 has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to regulatory...more

EU Releases General-Purpose AI Code of Practice

Baker Botts L.L.P. on 7/14/2025

On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more

The EU’s New Cybersecurity Law for the Space Sector

Skadden, Arps, Slate, Meagher & Flom LLP on 7/9/2025

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

NIS 2: Strengthening Europe’s Cyber Defenses

Morrison & Foerster LLP on 7/8/2025

European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more

#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath

Thomas Fox - Compliance Evangelist on 7/7/2025

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more

FERC Moves To Bolster Cybersecurity

Davis Wright Tremaine LLP on 7/3/2025

On June 26, FERC approved a new reliability standard (CIP-015-1) proposed by the North American Electric Reliability Corporation ("NERC") to enhance cybersecurity of the nation's bulk electric system ("BES"). In a related...more

Cyber Resilience Is Key: The Never-Ending Delays of NIS2 Implementation

King & Spalding on 7/2/2025

The European Union’s ("EU") NIS2 Directive (Directive (EU) 2022/2555) capitalizes on the success of its predecessor, NIS, the first horizontal minimum harmonization cyber security and resilience frameworks at the EU level....more

EU Delegated Regulation on threat-led penetration testing published in OJ

A&O Shearman on 6/30/2025

Commission Delegated Regulation (EU) 2025/1190 of 13 February has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to...more

The 2025 TPRM Study: Key Findings and Recommendations

Mitratech Holdings, Inc on 6/27/2025

The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more

#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.

Thomas Fox - Compliance Evangelist on 6/23/2025

[Webinar] Operationalizing AI: Governance, Culture, Bias, Privacy, Data and Cyber Security Considerations - June 24th, 1:00 pm -...

American Conference Institute (ACI) on 6/13/2025

This complimentary webinar will delve into the real-life aspects of implementation – with a focus on organizational preparedness and proactive strategic foresight. Join us as we discuss how to design and roll out a...more

168 Results

View per page

Page: of 7

Compliance › Cybersecurity › Regulatory Requirements

"My best business intelligence, in one easy email…"