The Digital Omnibus Package, presented by the European Commission (EC) on November 19, 2025, comprises both the Digital Omnibus on the Data Acquis and the Digital Omnibus on AI (“AI Omnibus”)....more
4/10/2026
/ Artificial Intelligence ,
Data Privacy ,
Digital Services ,
EU ,
European Commission ,
Innovative Technology ,
Machine Learning ,
Proposed Amendments ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Reform
The European Commission (Commission) published a proposal for a new Digital Networks Act (DNA), and a revised Cybersecurity Act, aiming to reshape the EU regulatory framework for digital connectivity, telecoms, and...more
2/6/2026
/ Competition ,
Cybersecurity ,
EU ,
European Commission ,
Information and Communication Technology (ICT) ,
Infrastructure ,
New Legislation ,
Proposed Legislation ,
Regulatory Reform ,
Satellites ,
Spectrum ,
State Aid ,
Supply Chain ,
Telecommunications
On November 17 2025, the Council of the European Union (Council) adopted a new regulation, intended to improve cooperation between national EU data protection authorities (DPAs) and speed up the process of handling...more
12/23/2025
/ Cross-Border ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Legislation ,
New Regulations ,
Regulatory Reform ,
Regulatory Requirements
On November 5 2025, the European Commission commenced a seven-month long, multi-stakeholder process to develop a voluntary code of practice (the Code) facilitating compliance with transparency obligations under Article 50 of...more
12/23/2025
/ AI Act ,
Artificial Intelligence ,
Deep Fake ,
Disclosure Requirements ,
Emerging Technologies ,
EU ,
European Commission ,
New Legislation ,
New Regulations ,
Public Consultations ,
Regulatory Oversight ,
Regulatory Requirements ,
Stakeholder Engagement ,
Transparency
On September 26 2025, the European Commission published the ‘Draft Guidance Article 73 AI Act – Incident Reporting’ (the Draft Guidance). The Draft Guidance is intended to help providers and deployers of High-Risk AI Systems...more
On July 10 2025, the EU Artificial Intelligence Office (the AI Office) issued the final version of the General Purpose AI Code of Practice (GPAI Code). The GPAI Code is a non-binding set of guidelines created by independent...more
As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
4/1/2025
/ AI Act ,
Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Enforcement ,
EU ,
European Commission ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector
The integration of AI in the workplace is revolutionising HR. From recruitment to performance analysis, AI use cases can streamline HR processes and enhance productivity. However, the deployment of AI by employers also brings...more
3/18/2025
/ AI Act ,
Artificial Intelligence ,
Bias ,
Employees ,
Employer Liability Issues ,
Employment Policies ,
EU ,
Human Resources Professionals ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
UK
What are we really talking about and what are the legal implications under the EU AI Act?
The rapid evolution of artificial intelligence (AI) has led to significant opportunities and challenges, especially in the realm of...more
The European Union Artificial Intelligence Act (AI Act) entered into force on 1 August 2024. The AI Act establishes a risk-based approach to AI, prohibiting certain practices that are deemed unacceptable, such as social...more
2/6/2025
/ Artificial Intelligence ,
Compliance ,
Data Protection ,
Enforcement Actions ,
EU ,
European Commission ,
Healthcare ,
Regulation ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025.
The regulation aims to strengthen the digital operational resilience of the financial sector...more
12/20/2024
/ Bank Service Providers ,
Cryptoassets ,
Data Management ,
Digital Operational Resilience Act (DORA) ,
EU ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
Fund Managers ,
Insurance Industry ,
Payment Systems ,
Regulatory Agenda ,
Regulatory Requirements ,
Request For Information ,
Risk Management ,
Third-Party Service Provider
Companies deploying high-risk artificial intelligence (AI) systems must prepare to conduct Fundamental Rights Impact Assessment (FRIA) by 2 August 2026. In this edition of our “Zooming in on AI” series we explain what this...more
When the AI Act was first proposed by the European Commission in 2021, the concept of “general purpose AI” was nowhere to be found. These rules were introduced during the legislative process to align the AI Act to the...more
The EU Artificial Intelligence Act (“AI Act”) exemplifies a highly advanced risk-based approach to European regulation. One of its distinguishing features is the detailed classification of various risk levels associated with...more
11/12/2024
/ Artificial Intelligence ,
Digital Services ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
Transparency
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
10/30/2024
/ Artificial Intelligence ,
Automated Systems ,
Data Protection ,
Distributors ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Importers ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Technology Sector ,
Transparency
In a significant ruling (dated 9 September 2024), The Hague District Court (Court) has sided with Bunq B.V. (Bunq), dismissing part of the customer's GDPR access request. This decision highlights that a financial entity’s...more
AI-driven technology has emerged as a cornerstone of our present and future daily lives, revolutionising the way transactions and interactions are organised.
With the increased use of AI systems, there is also an...more
10/22/2024
/ Artificial Intelligence ,
Corporate Governance ,
Data Protection ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Stakeholder Engagement ,
Technology Sector
This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more
10/21/2024
/ Artificial Intelligence ,
Consumer Protection Laws ,
Data Protection ,
Enforcement Actions ,
EU ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Legislative Agendas ,
Liability ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
UK ,
United States
Rapid and accelerating developments in artificial intelligence have prompted governments around the world to consider how AI should be regulated and used responsibly by businesses, without stifling innovation.
This is...more
10/17/2024
/ Artificial Intelligence ,
Capital Markets ,
Data Protection ,
EU ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Intellectual Property Protection ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Technology Sector ,
UK ,
White Collar Crimes
Many governments are grappling with the question of how to regulate artificial intelligence to ensure it is adopted safely and used responsibly without hampering innovation. Governments have generally indicated similar...more
10/8/2024
/ Artificial Intelligence ,
Bank of England ,
Bergdorf Goodman ,
Data Collection ,
Data Processors ,
Data Selling ,
Documentation ,
EU ,
European Banking Authority (EBA) ,
European Securities and Markets Authority (ESMA) ,
Financial Conduct Authority (FCA) ,
Financial Industry Regulatory Authority (FINRA) ,
Financial Institutions ,
Financial Services Industry ,
Information Governance ,
Machine Learning ,
MiFID II ,
Personal Data ,
Popular ,
Privacy Laws ,
Prudential Regulation Authority (PRA) ,
Regulatory Agenda ,
Regulatory Standards ,
Risk Management ,
Third-Party ,
Training ,
Transparency ,
UK
One of the key aspects of the EU AI Act (“AI Act”)[1] is linked to the qualification of providers and deployers and the nuances which help distinguish between the two categories of stakeholders. What would this mean in...more
The Artificial Intelligence Act (AI Act) entered into force on 1 August 2024 and is the world's first comprehensive legal framework for AI regulation. As companies start incorporating AI tools into their business, products...more
EU Regulation 2024/1689, also known as the Artificial Intelligence Act (AI Act), enters into force as of 1 August 2024. But when will it become applicable?
The AI Act sets out a harmonized legal framework for the...more
8/5/2024
/ Artificial Intelligence ,
Compliance ,
Corporate Governance ,
Data Protection ,
EU ,
Innovative Technology ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
Investors are targeting AI developers and buying proprietary data sets to build new AI businesses. Here we explain how to manage risk in this fast-evolving space.
When MIT named generative AI as one of its breakthrough...more
12/15/2023
/ Acquisitions ,
Artificial Intelligence ,
Computer Programmers ,
Copyright Infringement ,
EU ,
Financial Sponsors ,
Intellectual Property Protection ,
Investment ,
Machine Learning ,
Mergers ,
Risk Management ,
Software Developers ,
Technology Sector