Point-of-Sale Finance Series: Understanding the Development and Regulation of Buy Now, Pay Later Products — The Consumer Finance Podcast
Enhancing Card Partnerships and Compliance: A Conversation With Matthew Goldman — Payments Pros – The Payments Law Podcast
Regulatory Rollback: CFPB’s Withdrawal of Informal Guidance Sparks New Litigation Dynamics – The Consumer Finance Podcast
Sunday Book Review: August 10, 2025, The More Books from The Ethicsverse Library Edition
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Wild Times for the Community Reinvestment Act
Suluki Secrets: Behind the Scenes of Reasonable Investigations — FCRA Focus Podcast
The Current State of the Holder Rule: Friend or Foe? — Moving the Metal: The Auto Finance Podcast
Regulatory Rollback: Legal Challenges and Opportunities in Earned-Wage Access — Payments Pros – The Payments Law Podcast
Regulatory Rollback: Legal Challenges and Opportunities in Earned-Wage Access — The Consumer Finance Podcast
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
Compliance Tip of the Day: Avoiding CCO Liability
2 Gurus Talk Compliance: Episode 55 – The From Worse to Worser Edition
Balch’s Consumer Finance Compass: How Standing Can Make or Break Certification for Class Action Lawsuits in Debt Collection
Top challenges with Compliance Management
Sittenfeld v. United States – Campaign Contributions as Crimes?
From Banks to FinTech: The Evolution of Small Business Lending — The Consumer Finance Podcast
From Banks to FinTech: The Evolution of Small Business Lending — Payments Pros – The Payments Law Podcast
The Capital Ratio Podcast | Entering the US Banking Market
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
The European Supervisory Authorities (ESAs) recently published a comprehensive guide (Guide) on the oversight of critical information and communications technology (ICT) third-party service providers (CTPPs) under the EU...more
The EU has introduced Delegated Regulation (EU) 2025/1190, establishing the first harmonized standards for threat-led penetration testing ("TLPT") across the financial sector. The regulation aims to strengthen the cyber...more
Regulation (EU) 2025/1355 of the European Central Bank (ECB) adopted on 2 July has been published in the Official Journal of the European Union. This Regulation recasts and replaces Regulation (EU) No 795/2014, updating the...more
- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more
RUSSIA SANCTIONS - UK Lowers Oil Price Cap on Seaborn Russian Crude Oil, OFSI publishes related FAQs: On July 18, 2025, the UK Government, alongside the EU, announced that it will lower to Oil Price Cap on seaborne Russian...more
The Digital Operational Resilience Act ("DORA") is the EU's latest legislative effort to enhance digital operational resilience across the financial sector through a harmonised set of rules for managing information and...more
The European Banking Authority (EBA) has published its spring 2025 risk assessment report alongside a press release, outlining key developments and emerging risks within the European Union/European Economic Area (EU/EEA). The...more
Commission Delegated Regulation (EU) 2025/1190 of 13 February has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to...more
As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more
Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more
The EU Digital Operational Resilience Act (DORA) took effect on 17 January 2025 after a two-year implementation period. DORA sets out new requirements for financial entities (FEs) and their information technology and...more
Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more
Investing in Europe: Is it a good time to do so? Opinions differ. The EU financial sector has experienced significant growth in recent years, driven by technological advancements and evolving consumer preferences, but there...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
The European Commission (EC) has adopted a Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities...more
The European Supervisory Authorities (“ESAs”) published a roadmap to designate critical ICT third-party service providers (“CTPPs”) under the Digital Operational Resilience Act (“DORA”). To designate an ICT third-party...more
The Global Foreign Exchange Committee (GFXC) has published the updated version of the FX Global Code of Conduct (dated December 2024), which supersedes the previous version (from July 2021). Updates have been made to...more
The European Insurance and Occupational Pensions Authority recently published the European Commission’s response (Q&A 2999) on the question of which services fall under the definition of “ICT services” under Article 3(21) of...more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
Firms involved in implementing changes to comply with new rules under the EU Digital Operational Resilience Act (DORA) have questioned whether financial services provided by other regulated firms may fall within the...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (“DORA”), which establishes a uniform set of requirements relating to the security of network and information systems supporting financial...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more