DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025. The regulation aims to strengthen the digital operational resilience of the financial sector...more
The European Commission’s adoption on 23 October 2024 of the two regulations (Regulations) supplementing the [the Regulation on digital operational resilience for the financial sector Publications Office (europa.eu)] (DORA)...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
The European Union (EU) Artificial Intelligence Act (AI Act), Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending...more
With under six months to go until the European Union Digital Operational Resilience Act (DORA) becomes applicable on 17 January 2025, DORA implementation projects are running full steam ahead. DORA lays down uniform...more
The European Banking Authority and European Securities and Markets Authority have published joint guidelines on the suitability of members of the management body, and on the assessment of shareholders and members with...more
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more
The announcement in 2021 of the intention to implement new rules directly targeting the types of tech service provider relied on by most financial institutions may be a necessary corrective given the heavy market...more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
The EU regulation on digital operational resilience for the financial sector (DORA) was published in the Official Journal of the European Union on 27 December 2022. It entered into force on 16 January 2023 and will apply from...more
In mid-December the European Union (EU) enacted new legislation aiming at harmonizing, and tightening, information technology (IT) security rules in the financial sector: Regulation (EU) 2022/2554 on digital operational...more
Dem Senators Urge CFPB Focus on P2P Payment Platforms - A group of Democratic U.S. senators sent a letter to the Consumer Financial Protection Bureau (CFPB) urging the agency to take a harder look at peer-to-peer (P2P)...more
The financial sector is greatly dependent on information and communication technologies (ICT). The importance of ensuring remote access to financial services increased to an even greater extent during the COVID-19 pandemic,...more
In December 2019, we published a blog post introducing open banking; here, we provide an update for 2020. To briefly summarize, open banking comprises a set of rules which permit third-party providers (TPPs) of financial...more
Request to Pay: Pay.UK launches rules and standards framework - Pay.UK has launched the Request to Pay Framework — the message standards, rules, and terms and conditions for the development of Request to Pay services. The...more
On 5 December 2019 the Bank of England (Bank), UK Prudential Regulation Authority (PRA) and UK Financial Conduct Authority (FCA) published coordinated consultation papers and policy on new requirements to strengthen...more
Insights from Latham’s flagship event: Managing the risk and promise of digitisation in financial services - The financial services industry is leading the way in outsourcing, with contract values in excess of US$10.7...more
On 12 January 2016, the long-awaited revised Payment Services Directive (“PSD2”) came into force in Europe. This replaces the Payment Services Directive (“PSD”) that has been in place since 2007. The deadline for EU member...more