Data Driven Compliance: The Failure to Prevent Fraud Offense: Insights for US General Counsels with Mike DeBernardis
Daily Compliance News: August 20, 2025, The Boss is Back Edition
The LathamTECH Podcast — Turning a London Eye Toward International Tech Growth
AI Today in 5: August 8, 2025, The Don’t Wait Episode
Data Driven Compliance: Understanding the ECCTA and Its Impact with Jonathan Armstrong
Compliance Tip of the Day: M&A – International Issues
From the Editor’s Desk: Compliance Week’s Insights and Reflections from July to August 2025
Data Driven Compliance: Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden
Everything Compliance: Episode 158, The No to Corruption in Ukraine Edition
Data Driven Compliance: Understanding the UK’s New Failure to Prevent Fraud Offense with Sam Tate
Daily Compliance News: July 25, 2025, The New Sheriff in Town Edition
Everything Compliance: Episode 157, The Q2 2025 Great Women in Compliance Edition
The Capital Ratio Podcast | Entering the US Banking Market
Great Women in Compliance: GWIC X EC Q2 2025 - Exploring Compliance Innovations
An Ounce of Prevention Podcast | The International Anti-Corruption Prosecutorial Taskforce and the Future of Global Enforcement
The LathamTECH Podcast — Where Digital Assets Slot Into a Shifting Fintech Regulatory Landscape: Insights From the US, UK, and EU
10 For 10: Top Compliance Stories For the Week Ending May 24, 2025
Daily Compliance News: May 23, 2025, The Gutless Wonders Edition
Daily Compliance News: May 21, 2025, The I Want You Back Edition
Everything Compliance: Episode 153, The CW 25 Edition
On July 16 2025, the ICO published its annual report and financial statements for the period from April 1 2024 to March 31 2025 (the Report)....more
Welcome to your weekly update from the A&O Shearman Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. ECCTA: identity verification requirements from November 18,...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The UK’s data protection regulator, the Information Commissioner’s Office (ICO), has recently announced investigations into three companies in connection with the use of children’s personal information. In a statement on...more
In December 2019, the UK Information Commissioner’s Office (ICO) imposed a fine of £275,000 on Doorstep Dispensaree Limited (DDL) for multiple contraventions of the GDPR. On December 9 2024, five years on and three judgments...more
This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more
Rather than specifically regulating artificial intelligence (AI), the UK government has opted to rely on the existing web of laws and regulations applying to technology across a spectrum of sectors in its jurisdiction. But...more
The European Data Protection Board (EDPB) adopted a draft report of the work undertaken by the Cookie Banner Taskforce (the Report). The Report describes how regulators apply cookie legislation in handling certain types of...more
The Age Appropriate Design Code (“AADC”) - more commonly known as the Children’s Code - has been heralded as the world’s first code to protect children online. Compliance with the AADC became mandatory for in-scope businesses...more
When the regulator has decided to investigate your organisation following a data breach, the remit for the investigation will be wide-ranging and go beyond the narrow circumstances of the breach. Recent decisions shed useful...more
On April 15, 2020, the Information Commissioner’s Office (ICO), the U.K.’s data protection authority, issued further guidance on its regulatory approach during the global COVID-19 pandemic. Following its March note that we...more
Key to recent ICO decisions has been the ICO’s assessment of the extent and quality of communications with affected individuals and the regulator itself. It is clear the ICO sees certain behaviours (such as the setting up of...more
In this part of our briefing series, we cover how prior regulatory enforcement action affects the assessment of sanctions and some pitfalls associated with undertaking internal security audits. Who is this relevant for?...more
The decision to appeal a regulatory finding is never taken lightly. By the time a regulator has completed its investigation and notified a company of its intention to fine, the company will have invested significant time and...more
What insights into cyber security norms can organisations glean from the UK ICO’s recent enforcement decisions, most of which have been released since the GDPR came into force? Final fines are still awaited on the UK’s...more
Recent UK enforcement actions highlight the risks to companies of relying on third-party providers to obtain marketing consents from individuals on their behalf. A claims management company has been separately fined by both...more
GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect. The ICO has stretched its...more
British Data Protection Authority Flexes GDPR Enforcement Muscles - No longer is the bark of sanctions for lax data protection practices worse than its bite. The Information Commissioner’s Office (ICO)—the United Kingdom's...more
Prior to the “Brexit” vote in 2016, the pro-Brexit campaign, Vote Leave, sent almost 200,000 unsolicited texts in violation of the Privacy and Electronic Communications Regulations (PECR), according to a recent settlement it...more
In an ironic twist, the British Information Commissioner’s Office (ICO) recently fined a Brexit advocacy group for violating regulations issued under an EU directive. The fines, totaling £120,000, were levied against...more
Cathay Pacific, the Hong Kong airline, is the latest airline to face a cyber-attack; in this case, one that has resulted in the theft of personal data of up to 9.4 million passengers. The hackers gained "unauthorised access"...more
The U.K. data protection authority recently fined a lead generation company £90,000 ($118,000) for a 2017 unsolicited email marketing campaign. The company, Boost Finance Ltd, sent over 4 million emails promoting pre-paid...more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
The 56 Dean Street Clinic, which is operated by the Chelsea and Westminster NHS Trust and specializes in HIV and other sexual health services, has apologized for the error which revealed (to all 780 recipients) the full names...more