We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Don’t miss this complimentary webinar spotlighting the five most pressing regulatory developments reshaping compliance in Canada’s financial sector. From board-level liability, to shifting enforcement priorities, get up to...more
On January 14, Governor Kathy Hochul announced new proposals to protect New York consumers as part of her 2025 State of the State. Her proposals included legislation to: (i) combat algorithmic price discrimination by...more
The Bank of England published the findings of its third joint survey with the U.K. Financial Conduct Authority on the use of Artificial Intelligence and machine learning in financial services. The survey aims to build on...more
On November 12, the CFPB released a report analyzing federal and state-level privacy protections for consumer financial data. The current federal framework for financial data privacy relies on the Gramm-Leach-Bliley Act...more
On October 23, one bank and two banking industry groups challenged the CFPB’s 1033 Rule that would mandate banks to share sensitive customer data, such as transaction history, account balances, and account and routing numbers...more
In April 2024, the UK government reiterated its vision for open finance, with UK Economic Secretary Bim Afolami (MP) announcing the creation of the Open Finance Taskforce at the 2024 Innovate Finance Global Summit. The...more
On November 1, the New York Department of Financial Services (NYDFS) amended its cybersecurity regulations to set additional notification, administrative, training and technical requirements. The Amended Cybersecurity...more
The latest UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) proposals for improving diversity and inclusion in financial services include requiring firms to report on six new inclusion metrics....more
On November 1, 2023, the New York State Department of Financial Services (“NYDFS”) issued its Second Amendment (the “Amendment”) to its Cybersecurity Requirements for Financial Services Companies adopted in 2017, codified in...more
Post six in our blog series on the UK Financial Conduct Authority and Prudential Regulation Authority proposals to improve diversity and inclusion (D&I) in UK financial services considers the D&I data firms would be required...more
The latest post in our blog series looking at the UK Financial Conduct Authority and Prudential Regulation Authority proposals to improve diversity and inclusion (D&I) in the financial services industry focusses on data...more
The UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) are consulting on proposals to introduce a new financial services regulatory framework on diversity and inclusion (D&I) in the financial...more
In 2017, the New York Department of Financial Services (“NYDFS”) enacted a landmark regulation requiring financial services institutions such as banks and insurance companies in the state to meet substantial cybersecurity...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the...more
On Oct. 19, 2023, the Consumer Financial Protection Bureau (CFPB) released a Notice of Proposed Rulemaking (NPRM) on Personal Financial Data Rights, which would change the way financial institutions hold and distribute...more
The UK financial services regulators are setting out to move the dial when it comes to diversity and inclusion (D&I) in the financial services sector. D&I strategies, targets and disclosures are all included in their new...more
On April 20, the Kansas governor signed SB 44 to enact the Kansas financial institutions information security act. The Act establishes information security standards for covered entities, and applies to credit service...more
As organizations in the financial sector continue to migrate IT and business services to the cloud and adopt other cloud offerings, it is important that financial institutions understand the risks associated with each. A U.S....more
The New York Department of Financial Services (NYDFS) has published a proposal to amend its cybersecurity rules, which will require regulated companies to notify the NYDFS of a third-party cybersecurity incident within 72...more
Continuing a trend it has been pursuing, the CFPB on Thursday used a non-rulemaking circular (Consumer Financial Protection Circular 2022-04) to state that its UDAAP authority extends its enforcement authority to situations...more
Broadly, there are two sets of rules governing obtaining authorizations to debit consumers’ bank accounts. One is Regulation E (12 C.F.R. Part 210). The other are the Operating Rules & Guidelines (the “Nacha Rules”),...more
The U.K. Financial Conduct Authority has published a feedback statement relating to the call for input on accessing and using wholesale data. In the feedback statement, the FCA summarizes the responses received and the FCA's...more
Data Aggregators Launch Open Finance Data Security Standard - A group of data aggregator fintechs and security and compliance companies recently released a new data security standard for the open finance industry – the...more
Federal banking regulators issued a final rule that impacts how banks and other regulated entities report certain data incidents. Those subject to these new reporting requirements include U.S. banks and bank service...more