Point-of-Sale Finance Series: Understanding the Development and Regulation of Buy Now, Pay Later Products — The Consumer Finance Podcast
Enhancing Card Partnerships and Compliance: A Conversation With Matthew Goldman — Payments Pros – The Payments Law Podcast
Regulatory Rollback: CFPB’s Withdrawal of Informal Guidance Sparks New Litigation Dynamics – The Consumer Finance Podcast
Sunday Book Review: August 10, 2025, The More Books from The Ethicsverse Library Edition
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Wild Times for the Community Reinvestment Act
Suluki Secrets: Behind the Scenes of Reasonable Investigations — FCRA Focus Podcast
The Current State of the Holder Rule: Friend or Foe? — Moving the Metal: The Auto Finance Podcast
Regulatory Rollback: Legal Challenges and Opportunities in Earned-Wage Access — Payments Pros – The Payments Law Podcast
Regulatory Rollback: Legal Challenges and Opportunities in Earned-Wage Access — The Consumer Finance Podcast
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
Compliance Tip of the Day: Avoiding CCO Liability
2 Gurus Talk Compliance: Episode 55 – The From Worse to Worser Edition
Balch’s Consumer Finance Compass: How Standing Can Make or Break Certification for Class Action Lawsuits in Debt Collection
Top challenges with Compliance Management
Sittenfeld v. United States – Campaign Contributions as Crimes?
From Banks to FinTech: The Evolution of Small Business Lending — The Consumer Finance Podcast
From Banks to FinTech: The Evolution of Small Business Lending — Payments Pros – The Payments Law Podcast
The Capital Ratio Podcast | Entering the US Banking Market
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
La Superintendencia Financiera de Colombia (SFC), publicó el 6 de agosto de 2025, la Circular Externa 009 de 2025 por medio de la cual se amplía el plazo que inicialmente se había otorgado a las entidades sometidas a la...more
The European Supervisory Authorities (ESAs) recently published a comprehensive guide (Guide) on the oversight of critical information and communications technology (ICT) third-party service providers (CTPPs) under the EU...more
The Digital Operational Resilience Act ("DORA") is the EU's latest legislative effort to enhance digital operational resilience across the financial sector through a harmonised set of rules for managing information and...more
The surge in adoption of digital technologies and AI is rapidly changing the business, investment and security environments. The global demand for improved and increased digital infrastructure capacity, resilience, speed and...more
Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more
COMPETITION - Opinion of Advocate General Medina of 03 April 2025 in Case C-21/24; CP Vs. Nissan Iberia, S.A. Re: Reference for a preliminary ruling - Competition - Principle of effectiveness - Compensation for harm caused...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
The European Commission has published a letter (dated 21 January 2025) addressed to the Joint Committee of the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) the ESAs...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
Digital Operational Resilience Act (DORA) aims to harmonize provisions related to cybersecurity and information and communication technology (ICT) risk management in the financial sector. Its scope covers nearly all entities...more
Background - The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more
On November 21, the Supreme Court of Virginia entered a published order reversing a 14-3 en banc decision of the Court of Appeals of Virginia addressing the applicability of Virginia’s criminal laws regulating cybercrime. The...more
The EU’s Digital Operational Resilience Act (DORA) comes into force from 17 January 2025. Under DORA, in-scope regulated financial services (FS) businesses operating in the EU (Firms) face new cybersecurity requirements and...more
The New York State Department of Financial Services (“NYDFS”) has urged organizations to exercise caution when hiring remote employees due to an increase in individuals located in the Democratic People’s Republic of Korea...more
The Digital Operational Resilience Act (DORA) is an EU regulatory framework, aimed at enhancing the financial sector’s ability to withstand and recover from ICT (information and communication technology) disruptions....more
The Digital Operational Resilience Act (“DORA”), an EU regulation designed to bolster the resilience of financial entities against Information and Communications Technology (“ICT”) risks, entered into force on January 16,...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
With under six months to go until the European Union Digital Operational Resilience Act (DORA) becomes applicable on 17 January 2025, DORA implementation projects are running full steam ahead. DORA lays down uniform...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more
OFAC has been busy and not so busy — what do I mean? OFAC is administering a complex set of coordinated sanctions against Russia, in close coordination with the EU and the UK....more
Starting January 17, 2025, financial entities based in the European Union must have in place processes and policies, as well as mandatory contract provisions with their third-party technology vendors, that comply with the...more
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more