Crypto's Capital Markets Revolution: Insights From GSR's Josh Riezman — The Crypto Exchange Podcast
10 For 10: Top Compliance Stories For the Week Ending August 23, 2025
Daily Compliance News: August 22, 2025, The WADA Returns Edition
Enhancing Card Partnerships and Compliance: A Conversation With Matthew Goldman — Payments Pros – The Payments Law Podcast
Institutional Adoption, Tax Challenges, and What's Next for Crypto in the US — Insights from KPMG's Tony Tuths - The Crypto Exchange Podcast
10 For 10: Top Compliance Stories For the Week Ending August 9, 2025
Daily Compliance News: August 5, 2025, The Staying Focused Edition
Wild Times for the Community Reinvestment Act
10 For 10: Top Compliance Stories For the Week Ending, July 26, 2025
Compliance Tip of the Day: Citibank and Continuous Monitoring
Daily Compliance News: July 24, 2025, The In Phone Hell Edition
Wire Fraud Litigants Beware: Fourth Circuit Ruling Protects the Banks — The Consumer Finance Podcast
Top challenges with Compliance Management
Daily Compliance News: July 15, 2025, The Fighting Workplace Bullying Edition
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
The Capital Ratio Podcast | Entering the US Banking Market
Point-of-Sale Finance Series: Banking on Lending Models — The Consumer Finance Podcast
Great Women in Compliance: GWIC X EC Q2 2025 - Exploring Compliance Innovations
2023 CRA Rule Repeal: Lessons to be Learned
In late May 2025, the Securities Industry and Financial Markets Association (SIFMA), together with the American Bankers Association, Bank Policy Institute, Independent Community Bankers of America, and Institute of...more
DORA (Digital Operational Resilience Act) is an EU regulation that sets rules for how financial entities manage ICT (Information and Communication Technology) risks. It covers areas like cyber resilience, incident reporting,...more
The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
Financial institutions are now required to notify the Federal Trade Commission about any security breach that involves the information of 500 customers or more. The breach must be reported no later than 30 days after it is...more
The Digital Operational Resilience Act (DORA) is an EU regulatory framework, aimed at enhancing the financial sector’s ability to withstand and recover from ICT (information and communication technology) disruptions....more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
On March 11, the Governor of Indiana signed SB 220 (the “Act”) which will add cyber incident notification guidelines for financial institutions. The Act defined the term "corporation" as the following entities organized in...more
The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more
The New York State Department of Financial Services (“NYDFS”), which regulates financial services institutions including banks, insurance companies, and mortgage brokers, finalized an amendment to its Cybersecurity Regulation...more
On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
On April 13, the Financial Stability Board (FSB) released a series of recommendations for achieving “greater convergence” in cyber-incident reporting (CIR). Issued at the request of the G-20, the final report draws from FSB’s...more
Federally insured credit unions are now required to report a cyber incident to the National Credit Union Administration (NCUA) Board within 72 hours. This final rule was unanimously approved by the NCUA on February 17, 2023...more
The NCUA stated the new rule, which was approved on Feb. 16, 2023, aims to mitigate cyber incidents “that [lead] to a substantial loss of confidentiality, integrity, or availability of a network or member information system...more
On Nov. 9, 2022, the New York State Department of Financial Services (NYDFS) published a proposed second amendment to its cybersecurity regulation. This follows its pre-proposed amendment that was published on July 29. ...more
On July 29, 2022, the New York Department of Financial Services (DFS) released Draft Amendments to its Part 500 Cybersecurity Rules. These changes are open for a preliminary public comment until August 18, and then an...more
Recently, the Federal Reserve Board (Fed) published its annual Cybersecurity and Financial System Resilience report describing measures it has taken to strengthen cybersecurity in the financial services sector, including the...more
Cybersecurity and technology governance remain a top area of focus for the SEC and FINRA, as the regulators continue to concentrate on improving the overall cybersecurity posture and resiliency of the financial sector. FINRA...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
In This Issue. The Consumer Financial Protection Bureau (CFPB) announced a new initiative focused on financial issues faced by rural communities and also updated its examination procedures to cover unfair discrimination; the...more
On Nov. 18, 2021, federal bank regulatory agencies approved a final rule requiring banking organizations to notify regulators of “any significant computer-security incident” as soon as possible and no later than 36 hours...more
SEC Commission Elad Roisman recently spoke about cybersecurity threats and challenges facing the agency’s registrants, including public companies and financial institutions. One source of challenges (our words, not Roisman’s)...more