News & Analysis as of

Compliance Third-Party Service Provider

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Holland & Hart - The Benefits Dial

Both Sides Now… Must Be Alert to Cybersecurity

Holland & Hart - The Benefits Dial on

by Becky Achten New guidance from the Employee Benefits Security Administration (EBSA) affirms that both sides—retirement plans and welfare plans—must take steps to secure participant data from cybercrime. In 2021 the...more

WilmerHale

Obligations for Deployers, Providers, Importers and Distributors of High-Risk AI Systems in the European Union’s Artificial...

WilmerHale on

In this blog post, we will focus on obligations that the European Union’s Artificial Intelligence Act (AI Act) sets for deployers, providers, importers and distributors regarding high-risk AI systems....more

Walkers

Personal Information Protection Act deep dive

Walkers on

The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more

Goodwin

ESA Publications on Digital Operational Resilience: A Reminder That DORA is Less Than Six Months Away and Will Apply to US and UK...

Goodwin on

The publication by the Joint Committee of the European Supervisory Authorities (ESAs) on (a) 17 July 2024 of the second batch of implementing materials and (b) 26 July 2024 of the sub-contracting of information and...more

BakerHostetler

FTC Continues Focus on Disclosure of Health Information to Third-Party Technologies

BakerHostetler on

A recently announced settlement with online alcohol addiction treatment service Monument Inc. demonstrates the Federal Trade Commission’s (FTC) continued focus on the use and disclosure of health data. The proposed settlement...more

Esquire Deposition Solutions, LLC

Actionable Advice When Sharing Client Data with Vendors

Esquire Deposition Solutions, LLC on

We’ve previously written on the need for law firms to scrutinize the data security protections in place at all third-party vendors who have access to client confidential information. Clearly, that’s still good advice....more

Dorsey & Whitney LLP

CTA Compliance Obligations for CTA Participants: Reporting Companies, Beneficial Owners, and Third-Party Preparers

Dorsey & Whitney LLP on

In an evolving (and somewhat disjointed) process, FinCEN has been providing guidance to persons and entities that are responsible for filing required beneficial ownership information (“BOI”) reports to FinCEN, as well as to...more

Greenberg Glusker LLP

Best Practices for Apps & Websites to Avoid Claims Under the California Invasion of Privacy Act (CIPA)

Greenberg Glusker LLP on

Amid little clarity from courts, wiretap claims targeting the use of data analytics tools are becoming increasingly common. Here are ways to stay compliant and avoid costly litigation....more

Integreon

Unleashing the Power of GenAI in Contracts Management: 3 Easy Ways to Start and Benefit

Integreon on

Corporate interest in AI, particularly generative AI (genAI), has surged dramatically. For many legal teams, there is pressure all the way from the C-suite to start using this new technology. However, the process of...more

Venable LLP

Considerations for Handling AI Licensing and Related Data in Tech Contracts: A Customer’s Perspective

Venable LLP on

Artificial intelligence (AI) tools continue to proliferate, with many aiming to automate processes and increase productivity. But customers of these tools or customers of vendors who use them must understand what’s going on...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

The Volkov Law Group

A Deeper Dive into Supply Chain Transparency & Accountability

The Volkov Law Group on

The sheer proliferation of supply chain transparency and accountability regulations at international scale itself warrants a closer look at the level of scrutiny required of organizations with complex, multi-faceted, global,...more

Mitratech Holdings, Inc

Compliance Down Under: Understanding Australian Regulation CPS 230

Mitratech Holdings, Inc on

The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more

King & Spalding

FinCEN Proposes Rule to Extend Bank Secrecy Act Obligations to Certain Investment Advisers

King & Spalding on

The Proposed Rule Would Subject Certain Investment Advisers to a Broad Range of AML/CFT Obligations and Represents a Significant Development for the Sector - Regulators have long considered the lack of anti-money...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

Q&A: Four State Data Privacy Compliance Insights for 2024

Hinshaw & Culbertson - Privacy, Cyber & AI... on

With the first month of 2024 now behind us, it is time for organizations to start seriously considering key comprehensive state data privacy compliance obligations for 2024. In total, seven states passed data privacy laws...more

BCLP

Joining the Dots - Will the UK’s New Critical Third Party Rules Truly Move the Dial for Financial Institutions?

BCLP on

The announcement in 2021 of the intention to implement new rules directly targeting the types of tech service provider relied on by most financial institutions may be a necessary corrective given the heavy market...more

Parker Poe Adams & Bernstein LLP

The Increasing Importance of Cybersecurity Readiness in the Municipal Bond Market: How Public Institutions Can Respond

Parker Poe Adams & Bernstein LLP on

In today's evolving world of security and data privacy, K-12 schools, universities, local governments, and hospitals are increasingly finding themselves on the same list: vulnerable to the threat of a cyberattack....more

Barnea Jaffa Lande & Co.

Legal Guide for Implementing AI Tools in Organizations

Barnea Jaffa Lande & Co. on

Examining AI tools: Before deciding to purchase and implement AI tools in an organization, one must consider various aspects, including privacy issues, discrimination, copyright protection, and suppliers and contracts. The...more

Benesch

FCC Set to Upend Lead Generation Industry

Benesch on

On November 22, 2023, the Federal Communications Commission (FCC) issued a proposed rule that will completely upend the landscape of lead generation and digital marketing for consumer retailers and sellers. The proposed rule...more

Eversheds Sutherland (US) LLP

CFPB previews consumer data portability rule meant to accelerate US open banking adoption

Eversheds Sutherland (US) LLP on

On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more

A&O Shearman

DOJ Cracks Down on Third Party Information Benchmarking

A&O Shearman on

On September 28, 2023, the Department of Justice (DOJ) launched a civil suit against a benchmarking service provider that signals a crack-down on benchmarking involving the exchange of competitively sensitive information. ...more

Latham & Watkins LLP

China’s New AI Regulations

Latham & Watkins LLP on

China’s regulations aim to address risks related to artificial intelligence and introduce compliance obligations on entities engaged in AI-related business. This Client Alert discusses what technologies and entities are...more

Guidepost Solutions LLC

The SEC has new Cybersecurity Rules. Are you prepared and ready?

Guidepost Solutions LLC on

On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions.  Additionally,...more

Eversheds Sutherland (US) LLP

SEC adopts new rules to expand public company disclosure relating to cybersecurity by year end

Eversheds Sutherland (US) LLP on

On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more

Epiq

Deepfakes Bring Deep Risk

Epiq on

Most people know what a deepfake is but have not put much thought into how it could affect business operations. Deepfakes are videos, pictures, or audio that have been convincingly manipulated to misrepresent a person saying...more

91 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide