DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
Clark Hill’s Financial Services and Regulatory Compliance Group has authored a whitepaper for debt settlement companies considering engaging a third-party payment processor for managing accounts and handling financial...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025. The regulation aims to strengthen the digital operational resilience of the financial sector...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
The European Commission’s adoption on 23 October 2024 of the two regulations (Regulations) supplementing the [the Regulation on digital operational resilience for the financial sector Publications Office (europa.eu)] (DORA)...more
The Cyber and Analytics Unit within the Member Supervision program of the Financial Industry Regulatory Authority, Inc. (“FINRA”) recently published a cybersecurity advisory regarding increasing cybersecurity risks at...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
Banking regulators have issued a joint statement outlining the potential risks that financial institutions face in arrangements with third parties to deliver bank deposit products and services and examples of risk management...more
The Monetary Authority of Singapore (MAS) has recently finalised its proposals on mandating reference checks. The finalised proposals are substantially in line with those initially proposed in its Consultation Paper on...more
Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more
The financial sector is greatly dependent on information and communication technologies (ICT). The importance of ensuring remote access to financial services increased to an even greater extent during the COVID-19 pandemic,...more
In December 2019, we published a blog post introducing open banking; here, we provide an update for 2020. To briefly summarize, open banking comprises a set of rules which permit third-party providers (TPPs) of financial...more
Key developments of interest over the last month include: Brazil: The Central Bank of Brazil has confirmed that open banking regulations will begin to be implemented from November 2020. The implementation will consist of...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
In an Industry Letter, the New York State Department of Financial Services (NYDFS) is requesting assurance that New York State regulated institutions have preparedness plans in place to address operational risk, and it is...more
On 5 December 2019 the Bank of England (Bank), UK Prudential Regulation Authority (PRA) and UK Financial Conduct Authority (FCA) published coordinated consultation papers and policy on new requirements to strengthen...more
The Financial Stability Board (FSB) published on December 9, 2019, its report on financial institutions’ increasing reliance on third parties to provide cloud computing services (the Report)....more
Insights from Latham’s flagship event: Managing the risk and promise of digitisation in financial services - The financial services industry is leading the way in outsourcing, with contract values in excess of US$10.7...more