FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
AI Discrimination and Emerging Best Practices – Part 2 - The Good Bot Podcast
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
Jane Barratt, Financial Data Exchange (FDX) co-board chair, joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt to share the role FDX will play as the first standard setting organization (SSO) approved by the CFPB pursuant...more
The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more
New York State’s Department of Financial Services is warning all regulated entities has released a Cybersecurity Regulation Updates and Reminder warning all companies that all regulated entities without a full exception that...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
On February 7, the union representing CFPB employees published a notice expressing concerns regarding the recent addition of certain DOGE employees to the CFPB’s email directory and their presence in offices. ...more
Following our recent client alert, learn more about PCI DSS 4.0 coming into effect and its impact on organizations in 2025. Mark Schreiber, Brian Long, and Sam Genovese share further insights from working with clients on...more
On January 8, the CFPB issued an order recognizing a company as a standard-setting body under its Personal Financial Data Rights rule, marking the first such recognition since the rule’s October 2024 release. The rule...more
On December 3, the Office of the Comptroller of the Currency (OCC) issued version 1.1 of the “Unfair or Deceptive Acts or Practices and Unfair, Deceptive, or Abusive Acts or Practices” booklet of the Comptroller’s Handbook,...more
Financial institutions that are regulated and supervised by the Office of the Comptroller of the Currency (OCC) should know that the OCC has recently updated its booklet on Unfair or Deceptive Acts or Practices (UDAP) and...more
The Bank of England published the findings of its third joint survey with the U.K. Financial Conduct Authority on the use of Artificial Intelligence and machine learning in financial services. The survey aims to build on...more
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
Orrick Partner Beth McGinn joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt for our second episode focused on the proposed American Privacy Rights Act and its potential impact on the financial services industry. Beth...more
In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more
Covered financial institutions now face heightened expectations in relation to cybersecurity governance, risk assessment, and incident reporting. The New York State Department of Financial Services’ (DFS) amendments (the...more
On October 27, 2023, the Federal Trade Commission (“FTC”) approved an amendment to the Safeguards Rule that requires non-banking financial institutions (e.g., mortgage companies, mortgage brokers, and creditors) to notify the...more
The Federal Trade Commission (FTC) recently adopted a final rule amending its Standards for Safeguarding Customer Information (commonly referred to as the “Safeguards Rule”) to require financial institutions to report certain...more
Non-bank financial institutions will have a new data breach disclosure requirement effective May 13, 2024. The Federal Trade Commission (FTC) recently updated the Gramm-Leach-Bliley Safeguards Rule (“Safeguards Rule”), adding...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
The Federal Trade Commission has approved an amendment to the Safeguards Rule under the Gramm-Leach-Bliley Act that creates a new data privacy regulatory reporting requirement for non-banking financial entities. Covered...more
On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
On October 27, the Federal Trade Commission (“FTC”) unanimously voted to amend the Safeguards Rule to require non-banking financial institutions to report data breaches and security events to the Agency. This amendment will...more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
The privacy legal and regulatory landscape is changing quickly in the United States – particularly for financial institutions, which hold significant volumes of consumer data and are already subject to a complicated universe...more
Most Financial Services Institutions (FSIs) have digital technology at their core. And a primary responsibility for most FSIs is “cyber-connect” customers – be they organizations or individuals – with their money simply and...more