AI and the False Claims Act
Disparate Impact & Enforcement Rollbacks: What’s the Tea in L&E?
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
A New Brand of Uncertainty? — PE Pathways Podcast
The Rise of OTAs in Defense Contracting: Opportunities, Risks, and What Contractors Need to Know
Breaking the Cycle: Flooding, Infrastructure, and Climate Law in Practice
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Understanding BBB Ratings: Building Trust and Mitigating Risks — Regulatory Oversight Podcast
Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
False Claims Act Insights - The Mathematics of Nuclear FCA Verdicts
PODCAST: Williams Mullen's Benefits Companion - Cost, Care and Captives: A Mid-Size Employer’s Guide to Benefit Trends
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
Avoiding a Bored Board
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
LathamTECH in Focus: Tech Deals: The Emerging Focus of FDI Regulators?
Podcast - Tips for Maintaining FTC Compliance When Using AI
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
The Presumption of Innocence Podcast: Episode 66 - Tariff Uncertainty and Compliance Risks for Businesses
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
On January 28, 2025, FINRA published its Annual Regulatory Oversight Report (the Report). The Report highlights emerging risk areas and recent developments, common compliance deficiencies, and best practices for member firms....more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
As part of Data Privacy Awareness Week, Ward and Smith is spotlighting the most common types of data breaches that businesses encounter. In Part 1, we explored the industries most vulnerable to cyberattacks, highlighting the...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
It is no secret that ransomware dominates headlines, and cybersecurity incidents have become part of our everyday language. However, the criminal “business model” behind ransomware keeps evolving. Originally published in...more
After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks....more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
Keypoint: The New York Department of Financial Services (NYDFS) circulated an industry letter offering guidance to NYDFS “Covered Entities” for assessing and managing AI-related cybersecurity risks, including threats...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an Industry Letter that discusses the cybersecurity risks associated with the use of artificial intelligence (AI) and outlines strategies to...more
The COVID-19 pandemic has significantly reshaped the facilities management (FM) outsourcing landscape. Companies have transitioned from fully office-based work to home-based work, and now to hybrid models, prompting a...more
The Cyber and Analytics Unit within the Member Supervision program of the Financial Industry Regulatory Authority, Inc. (“FINRA”) recently published a cybersecurity advisory regarding increasing cybersecurity risks at...more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more
Most people know what a deepfake is but have not put much thought into how it could affect business operations. Deepfakes are videos, pictures, or audio that have been convincingly manipulated to misrepresent a person saying...more