Top challenges with Compliance Management
Solicitors General Insights: The Tale of Two Washingtons — Regulatory Oversight Podcast
The Capital Ratio Podcast | Entering the US Banking Market
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Solicitors General Insights: The Legal Frontlines in Iowa and Indiana — Regulatory Oversight Podcast
Cannabis Law Now Podcast - Cannabis in the Show Me State: An Interview with BeLeaf Medical's Mitch Meyers
2 Gurus Talk Compliance – Episode 54 – The FCPA is Back On Edition
Compliance Tip of the Day: Board Oversight on Internal Controls
Healthcare Enterprise Risk Management
Understanding MALPB Charters: A Collaborative Approach to Banking Innovation — Payments Pros – The Payments Law Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The fatal flaws in the 2023 CRA rule
Evolving AI Legislation: Federal Policies, Task Forces, and Proposed Laws — The Good Bot Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
From Cell Phones to Tractors: The Right to Repair Movement Drives On — Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Solicitors General Insights: A Deep Dive With Mississippi and Tennessee Solicitors General — Regulatory Oversight Podcast
Leadership and Innovation at the Illinois AG's Office — Regulatory Oversight Podcast
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — Payments Pros – The Payments Law Podcast
The Spanish Data Protection Authority (“AEPD“) has published its 2024 annual report, which includes the AEPD’s awareness-raising activities; the collaboration and inspection activities of the Spanish authorities; relevant...more
Brazil intends to regulate AI through Bill No. 2,338/2023 ("Brazil's Proposed AI Regulation"), although there are currently no specific codified laws, statutory rules or regulations in Brazil that directly regulate AI....more
In this crossover episode of The Consumer Finance Podcast and Regulatory Oversight, Chris Willis, Kim Phan, and Stephen Piepgrass provide insights on a new joint privacy task force among several state AGs, known as the...more
On May 8 2025, the Swiss Federal Data Protection and Information Commissioner (FDPIC) confirmed that the Federal Act on Data Protection (FADP) is directly applicable to AI-supported data processing. The FDPIC clarified...more
Active in the fintech landscape since 2017, the dedicated Walkers’ team are recognised as global leaders in this dynamic sector - Fluent in six important jurisdictions of choice, we take a jurisdiction agnostic approach,...more
What happens when data protection collides with the relentless pace of digital innovation? That’s the question the European Data Protection Board (EDPB) seemed to confront head-on in 2024, a year marked by unprecedented...more
The Spanish Government has published the Preliminary Draft Act for the proper use and governance of Artificial Intelligence (the "Draft Act"), which aims to complement and develop the framework set out by the AI Regulation....more
On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
The EU Digital Operational Resilience Act (DORA) took effect on 17 January 2025 after a two-year implementation period. DORA sets out new requirements for financial entities (FEs) and their information technology and...more
The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more
More than four years after an industry trade association first filed its challenge to a November 2020 ballot initiative in Massachusetts, a federal judge issued an order in Alliance for Automotive Innovation v. Campbell...more
Every year, the Financial Industry Regulatory Authority (FINRA) issues an Annual Regulatory Report in an effort to provide FINRA Member Firms with insight into findings from FINRA’s regulatory operations programs. The Annual...more
How should multiple claimants seek compensation for alleged data misuse? It had originally been thought that the answer might be a representative action; an “opt-out” procedure enabling a single claimant to bring proceedings...more
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
Turkey has published multiple guidelines on the use of AI in various sectors; Turkish government expected to enact AI-specific regulation in the near future. Laws/Regulations directly regulating AI (the “AI Regulations”) ...more
Saudi Arabia is yet to enact AI Regulations, relying on guidelines to establish practice standards and general principles. Laws/Regulations directly regulating AI (the “AI Regulations”) There are currently no AI...more
Nigeria's draft National AI Policy underway and will pave the way for a comprehensive national AI strategy. Laws/Regulations directly regulating AI (the “AI Regulations”) There is currently no specific law or...more
The US relies on existing federal laws and guidelines to regulate AI but aims to introduce AI legislation and a federal regulation authority. Laws/Regulations directly regulating AI (the “AI Regulations”) Currently,...more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
On February 9, 2024, California’s Third District Court of Appeals reinstated the California Privacy Protection Agency’s (“CPPA”) ability to enforce the California Privacy Rights Act of 2020 (“CPRA”) regulations. The CPRA...more
At Cornell University, institutional review board (IRB) members meet with the chief information security officer and a liaison to the general counsel’s office. Their regular attendance has been “really critical,” said IRB...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
A significant number of federal legislative proposals that focus on online child safety have been introduced. If enacted, they would modify online providers’ obligations to remove and report child sexual exploitation (CSE)...more
We previously reported on regulators’ increased attention to the use of big data systems, including external consumer data and information sources, algorithms and predictive models. Recent announcements in Colorado, Louisiana...more