AI Today in 5: August 18, 2025, The AI Music Episode
12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
2 Gurus Talk Compliance: Episode 57 — The Tom on His Highhorse Edition
The LathamTECH Podcast — Turning a London Eye Toward International Tech Growth
AI Today in 5: August 11, 2025, The ACHILLES Project Episode
AI Today in 5: August 8, 2025, The Don’t Wait Episode
Fierce Competition Podcast | Antitrust Collusion in Labor Markets: Enforcement Trends on Both Sides of the Atlantic
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Compliance Tip of the Day: M&A – International Issues
Episode 381 -- NAVEX's 2025 Annual Hotline Report
From the Editor’s Desk: Compliance Week’s Insights and Reflections from July to August 2025
Daily Compliance News: July 28, 2025, The Where is Grasshopper when you need him Edition
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
The Capital Ratio Podcast | Entering the US Banking Market
10 For 10: Top Compliance Stories For the Week Ending June 14, 2025
Daily Compliance News: June 9, 2025, The Repugnant Edition
The LathamTECH Podcast — Where Digital Assets Slot Into a Shifting Fintech Regulatory Landscape: Insights From the US, UK, and EU
Daily Compliance News: May 21, 2025, The I Want You Back Edition
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
Our monthly regulatory newsletter monitors all relevant developments regarding German and European regulatory law in English language. BMF: Draft bill for the Banking Directive Implementation and Bureaucracy Relief Act...more
The European Banking Authority (EBA) published single rulebook Q&A relating to the Digital Operational Resilience Act (DORA). The answers to the questions were given by the joint European Supervisory Authorities....more
The European Supervisory Authorities (ESAs) recently published a comprehensive guide (Guide) on the oversight of critical information and communications technology (ICT) third-party service providers (CTPPs) under the EU...more
The EU has introduced Delegated Regulation (EU) 2025/1190, establishing the first harmonized standards for threat-led penetration testing ("TLPT") across the financial sector. The regulation aims to strengthen the cyber...more
- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more
The Digital Operational Resilience Act ("DORA") is the EU's latest legislative effort to enhance digital operational resilience across the financial sector through a harmonised set of rules for managing information and...more
Commission Delegated Regulation (EU) 2025/1190 of 13 February has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to...more
The European Parliament's Committee on Economic and Monetary Affairs (ECON) has released a draft report (dated 14 May) and motion for a European Parliament resolution on the impact of artificial intelligence (AI) on the...more
As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more
Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more
The European Commission (EC) has announced that it has opened infringement procedures by sending a letter of formal notice to 13 Member States (Belgium, Bulgaria, Denmark, Greece, Spain, France, Latvia, Lithuania, Malta,...more
The EU Digital Operational Resilience Act (DORA) took effect on 17 January 2025 after a two-year implementation period. DORA sets out new requirements for financial entities (FEs) and their information technology and...more
The European Securities and Markets Authority (ESMA) has published official translations of its guidelines on situations in which a third-country firm is deemed to solicit clients established or situated in the EU and...more
Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
The European Commission (EC) has adopted a Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities...more
The Markets in Crypto-Assets Regulation (Regulation (EU) 2023/1114) (henceforth “MiCA”), which entered into force in June 2023, seeks to establish a comprehensive regulatory framework for crypto-assets across the EU. However,...more
The European Supervisory Authorities (“ESAs”) published a roadmap to designate critical ICT third-party service providers (“CTPPs”) under the Digital Operational Resilience Act (“DORA”). To designate an ICT third-party...more
The European Commission has published a letter (dated 21 January 2025) addressed to the Joint Committee of the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) the ESAs...more
The European Insurance and Occupational Pensions Authority recently published the European Commission’s response (Q&A 2999) on the question of which services fall under the definition of “ICT services” under Article 3(21) of...more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
Firms involved in implementing changes to comply with new rules under the EU Digital Operational Resilience Act (DORA) have questioned whether financial services provided by other regulated firms may fall within the...more
The European Banking Authority has announced that it has repealed its guidelines on major incident reporting under the revised Payment Services Directive due to the application of harmonized incident reporting under the...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more