On Nov. 11, 2020, the European Data Protection Board (EDPB) published eagerly anticipated guidance in the wake of the July 2020 European Court of Justice’s (ECJ) decision in Schrems II, outlining a process for ensuring data...more
11/23/2020
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
On Oct. 30, 2020, the United Kingdom’s data protection authority, the Information Commissioner’s Office (ICO), in connection with France’s Commission nationale de l’informatique et des libertés (CNIL), announced the largest...more
11/5/2020
/ British Airways ,
CNIL ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marriott ,
Popular
This past July, a decision by the European Court of Justice (ECJ) struck down the European Union-United States Privacy Shield framework (EU-U.S. Privacy Shield), one mechanism through which companies could transfer personal...more
10/1/2020
/ Binding Corporate Rules ,
Breach of Contract ,
Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
European Court of Justice (ECJ) ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
Standard Contractual Clauses ,
Switzerland
On July 16, the European Court of Justice (ECJ or the Court) struck down the EU-U.S. Privacy Shield program. The ruling invalidated an earlier European Commission (Commission) decision (Privacy Shield adequacy determination)...more
Following extensive consultations, the European Commission’s High-Level Expert Group on AI released ethics guidelines on the use of artificial intelligence. Three broad principles emerged from those guidelines, suggesting...more
We recently discussed the topic of risk management as it relates to artificial intelligence (AI) in financial services, and suggested certain tips for the financial services sector. This article is the first of a series that...more
5/2/2019
/ Algorithmic Trading ,
Artificial Intelligence ,
CFTC ,
EU ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
MiFID II ,
Policies and Procedures ,
Popular ,
Registered Investment Advisors ,
Risk Management ,
Robo-Advisors ,
Securities and Exchange Commission (SEC) ,
Securities Traders
Until recently, whistleblowing raised many concerns in France and other European countries. Reporting on colleagues’ behavior, even if unlawful, was seen as risky business that could lead to dismissals and criminal sanctions...more
This Update highlights key legal and policy developments in cybersecurity and privacy law that may impact important trends for 2019 and beyond. A central takeaway from 2018 is that regulators in the U.S. and abroad are...more
1/28/2019
/ California Consumer Privacy Act (CCPA) ,
Carpenter v US ,
CLOUD Act ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Google ,
Hackers ,
International Data Transfers ,
Marriott ,
Microsoft ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Power Plants ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC) ,
Stored Communications Act
On April 23 2018, the European Commission published a proposal for a Directive (the proposal or the Directive) on whistleblower protections in response to a request from the European Parliament...more
OCIE Highlights Frequent Topics for Compliance Deficiencies for Investment Advisers -
On Feb. 7, 2017, the Securities and Exchange Commission’s (SEC’s) Office of Compliance Inspections and Examinations (“OCIE”) published...more
3/2/2017
/ Books & Records ,
Chief Compliance Officers ,
Covered Agreement ,
Custody Rule ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Enforcement Actions ,
Ethics ,
EU ,
Filing Requirements ,
Financial Institutions ,
Financial Services Industry ,
Form ADV ,
Insurance Industry ,
Investment Adviser ,
Investment Advisers Act of 1940 ,
NYDFS ,
OCIE ,
Registered Investment Companies (RICs) ,
Regulatory Oversight ,
Reinsurance ,
Risk Alert ,
Rule 204-2 ,
Securities and Exchange Commission (SEC) ,
Strict Compliance
Private Fund Advisers, Robo-Advisers, ETFs Among SEC, FINRA Exam Priorities for 2017 -
As the new year begins, U.S. regulators highlighted the areas – some new and some familiar – which will be the focus of their...more
2/2/2017
/ Bail-In Provisions ,
Bank Recovery and Resolution Directive (BRRD) ,
Banks ,
Benefit Plan Sponsors ,
Cybersecurity ,
Department of Financial Services ,
Employee Retirement Income Security Act (ERISA) ,
ETFs ,
EU ,
Financial Industry Regulatory Authority (FINRA) ,
Insurance Industry ,
Investment Adviser ,
NYDFS ,
Private Funds ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC)