Plan for Success: Navigating Pension De-Risking
False Claims Act Insights - Be Careful What You Wish For: HHS-OIG Advisory Opinions
Paddle's Payment Predicament: Unpacking FTC's Compliance Crackdown — Payments Pros – The Payments Law Podcast
AI Today in 5: August 22, 2025, The Angst Episode
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
Daily Compliance News: August 22, 2025, The WADA Returns Edition
Regulatory Ramblings: Episode 76 - The Digital Future: The US GENIUS Act and Hong Kong Stablecoins Ordinance / The Hong Kong Web3 Blueprint: Building a Web 3 International Financial Hub Report
Point-of-Sale Finance Series: Understanding the Development and Regulation of Buy Now, Pay Later Products — The Consumer Finance Podcast
Understanding BBB Ratings: Strategic Approaches to Consumer Complaints — Regulatory Oversight Podcast
Compliance Tip of the Day: Co-Thinking with AI
Joint Venture Eligibility Refresher on Requirements for Government Contractors
Compliance into the Weeds: Two Cyber Security Cases for the Compliance Professional
The Road to Regulation: Vehicle Service Contracts Explained — Moving the Metal: The Auto Finance Podcast
AI Today in 5: August 12, 2025, The Creating Billionaires Episode
Compliance Tip of the Day - The ROI of Compliance
AI Today in 5: August 11, 2025, The ACHILLES Project Episode
Taxing Intelligence: AI's Role in Modern Tax Administration
Podcast - An Overview of State Attorney General Consumer Protection Enforcement
LathamTECH in Focus: Move Fast, Stay Compliant
Work This Way: A Labor & Employment Law Podcast | Compliance Clarity for Federal Contractors with Joan Moore and Mim Munzel of Arbor Consulting Group
We’re back with a deeper dive into the 2025 Data Security Incident Response Report, which features insights and metrics from more than 1,250 incidents in 2024. This episode dives into AI law, regulation, and guidance from...more
In a sweeping move to bolster national security and safeguard sensitive information, the U.S. Department of Justice (DOJ) has introduced a transformative regulation: the Bulk Data Transfer Rule. ...more
In a move to further bolster data privacy, China’s State Administration for Market Regulation and the Standardization Administration of China jointly issued a national standard, GB/T 45574-2025, Data Security Technology –...more
The EU Data Act (the Act), entered into force on January 11, 2024 but most of its provisions will apply from September 12, 2025. For any organization that designs, manufactures, or uses connected products, provides related...more
On July 10, 2025, the European Commission (EC) published the final version of the General-Purpose AI Code of Practice (Code). This voluntary instrument provides guidance on how providers of general-purpose AI models (GPAI),...more
On April 11, North Dakota enacted HB 1127 (the “Act”), amending the regulatory framework for financial institutions within the state by establishing a new chapter focused on data security programs. The Act amends various...more
Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
On Monday, March 24, 2025, the General Services Administration (GSA) launched FedRAMP 20x, as an effort to automate parts of the program and create collaboration with the industry to improve authorization process for cloud...more
WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more
Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill (the “CI Bill”) on March 19, 2025. This landmark legislation aims to enhance cybersecurity and minimize disruptions...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
On March 20, 2025, the new Federal Law for the Protection of Personal Data held by Private Parties (LFPDPPP of 2025) was published in the Official Gazette of the Federation. The LFPDPPP of 2025 entered into force on March 21,...more
The European Securities and Markets Authority (ESMA) has published official translations of the guidelines on the maintenance of systems and security access protocols for offerors and persons seeking admission to trading of...more
The wireless industry has revolutionized the way we connect, from facilitating teleworking, distance learning, and telemedicine to allowing the American public to interact virtually in almost all other aspects of their daily...more
A groundbreaking new regulatory regime, imposing rules unlike any in existing U.S. law, may surprise many companies due to its sudden adoption and complexity. This article tries to simplify the changing regulatory landscape,...more
On February 5, Delaware joined 21 jurisdictions who adopted guidance similar to the NAIC Model Bulletin on the Use of Artificial Intelligence (AI) Systems by Insurers in 2024, and four additional jurisdictions have otherwise...more
Cyberattacks on healthcare organizations are on the rise, with the number of affected individuals nearly tripling between 2022 and 2024, according to data compiled by the Department of Health and Human Services Office for...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
In all our work with clients, my evaluation and expectations around compliance readiness come down to one point: Governance. This can mean a variety of things when it comes to a compliance program, but overall, we boil it...more
President-elect Donald Trump’s campaign and post-election transition have given several strong indications of how the new administration is likely to approach artificial intelligence (AI) policy during his second term, which...more
The US privacy legal landscape continues to expand in 2024, with most of the momentum led by state laws. ...more
Who may be interested: Investment Companies; Investment Advisers; Broker-Dealers; Transfer Agents - The SEC adopted amendments to Regulation S-P imposing new data privacy and security requirements on broker-dealers,...more
On May 9, 2024, Governor Wes Moore signed into law the Maryland Online Data Privacy Act of 2024 (“MODPA”). MODPA will take effect on October 1, 2025, but will not apply to personal data processing activities occurring before...more
We have now reached the 180-day mark since the White House Executive Order (EO) on the Safe, Secure and Trustworthy Development of AI and we are seeing a flurry of mandated actions being completed. See here for a summary of...more