We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
58 In the complex and highly regulated financial services environment, the cost of poor data management is staggering, estimated to cost businesses billions annually in operational inefficiencies, regulatory fines, and missed...more
Last month, the Federal Trade Commission issued guidance on the updated Safeguards Rule in the form of a set of Frequently Asked Questions for Automobile Dealers. Although directed to auto dealers, the FAQs are a useful...more
The European Central Bank (ECB) has published its Guide on outsourcing cloud services to cloud service providers (the "Guide") clarifying how banks are expected to comply with obligations under the EU Digital Operational...more
Don’t miss this complimentary webinar spotlighting the five most pressing regulatory developments reshaping compliance in Canada’s financial sector. From board-level liability, to shifting enforcement priorities, get up to...more
With the seemingly never-ending updates to B2B contracts for compliance with new (and amended) comprehensive state privacy laws, the U.S. Department of Justice’s bulk data transfer rule, and artificial intelligence (AI)...more
Recently issued guidance from the Federal Trade Commission (FTC) addresses frequently asked questions about the application of the agency’s Safeguards Rule, 16 C.F.R. § 314.1 et seq., to new car dealers since the 2023...more
Welcome to your weekly update from the A&O Shearman Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions....more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more
On May 8, 2025, the governor of Montana signed into law SB 297, which amends the Montana Consumer Data Privacy Act (MCDPA). The amendments become effective on October 1, 2025. Among other things, SB 297: • amends the...more
The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more
Global Capability Centers (GCCs) have become strategic hubs for multinational corporations, financial institutions and other organizations because they can provide centralized control over high-value technology and...more
Active in the fintech landscape since 2017, the dedicated Walkers’ team are recognised as global leaders in this dynamic sector - Fluent in six important jurisdictions of choice, we take a jurisdiction agnostic approach,...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
The EU Digital Operational Resilience Act (DORA) took effect on 17 January 2025 after a two-year implementation period. DORA sets out new requirements for financial entities (FEs) and their information technology and...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more
New York State’s Department of Financial Services is warning all regulated entities has released a Cybersecurity Regulation Updates and Reminder warning all companies that all regulated entities without a full exception that...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
Every year, the Financial Industry Regulatory Authority (FINRA) issues an Annual Regulatory Report in an effort to provide FINRA Member Firms with insight into findings from FINRA’s regulatory operations programs. The Annual...more
The Financial Markets Standards Board has published the final version of its standard for sharing standard settlement instructions. The standard establishes core principles which set out expected practices for the sharing of...more
Following our recent client alert, learn more about PCI DSS 4.0 coming into effect and its impact on organizations in 2025. Mark Schreiber, Brian Long, and Sam Genovese share further insights from working with clients on...more
Last week, the Consumer Financial Protection Bureau (CFPB or Bureau) released its latest Supervisory Highlights report, focusing on the use of advanced technologies in credit scoring models. ...more
Digital Operational Resilience Act (DORA) aims to harmonize provisions related to cybersecurity and information and communication technology (ICT) risk management in the financial sector. Its scope covers nearly all entities...more
DORA, the first EU regulation designed to establish a unified and robust digital resilience standard for the financial sector, becomes directly applicable on January 17, 2025, introducing significant penalties and...more