Fintech Focus Podcast | Navigating IT and Security Risks in Fintechs in Light of Impending DORA Deadline
Conceptually, you think of IoT devices, but the CRA has a far broader scope of application. In this article we examine one of the tricky nuances – distinguishing between a digital product and SaaS under the CRA. The EU’s...more
Companies face severe fines, increased regulatory scrutiny and significant compliance obligations under a raft of European Union (EU) and national legislation that has either recently come into force or which will take effect...more
The European Banking Authority (EBA) has published its draft single programming document (SPD) for 2027–2029, outlining its strategic priorities and resource needs over the three‑year period. The EBA confirms it will focus on...more
Certain large scale ICT companies (known as critical ICT third party providers, "CTPPs") which provide critical cloud storage, technology and data services to banks and other financial institutions play an increasingly...more
On 18 December 2025, the European Securities and Markets Authority (ESMA) published a report on the revised guidelines on liquidity management tools (LMTs) for UCITS and open-ended AIFs. ...more
The UK operational resilience requirements for the Financial Services and Markets Act (FSMA) came into force in March 2025. Yet, many firms are still scrambling to demonstrate that they can keep critical services running...more
Cyber law and practice have continued to evolve over the past 12 months. New laws and regulations have been unveiled or come into force, while enforcement authorities have sharpened their focus on issues including board...more
On this special edition of The Data Day podcast, Ropes & Gray partner Rohan Massey—leader of the firm’s data, privacy & cybersecurity practice and managing partner of the London office—is joined by counsel Edward Machin and...more
Scrutiny of European Union's dependence on non-European cloud services is intensifying amid geopolitical tensions and rising cyber risk. U.S. hyperscalers control more than 70% of the EU cloud market, while European...more
The European Supervisory Authorities (ESAs) and the UK’s Bank of England, Prudential Regulation Authority and Financial Conduct Authority (together, the UK Regulators) have signed a Memorandum of Understanding (MoU) to...more
The European Supervisory Authorities (comprising the European Securities and Markets Authority, the European Insurance and Occupational Pensions Authority and the European Banking Authority) have entered into a Memorandum of...more
The European Union (EU) is ushering in a new era of artificial intelligence (AI) regulation with the introduction of the AI act dated 13 June 2024 (AI Act), a comprehensive framework designed to govern the development,...more
UK Financial Insights from Katten is a monthly newsletter highlighting key noteworthy developments potentially affecting financial markets and funds in the UK and Europe....more
European organizations are facing growing operational risks—from cyber threats and regulatory change to supply-chain instability and climate-related disruptions. New regulations such as DORA, NIS2, and the UK Operational...more
The German Financial Supervisory Authority ("BaFin") has issued non-binding guidance ("Guidance") clarifying how financial institutions should manage Information and Communication Technology ("ICT") risks arising from...more
European cybersecurity regulation is entering a decisive phase, compelling companies to shift from preparation to active compliance. As the Network and Information Systems 2 (NIS2) Directive is implemented across a growing...more
The European Banking Authority (EBA) has published a letter sent to the European Commission (EC) with the outcome of its EU AI Act mapping exercise. In January 2025, the EBA established a dedicated workstream to map the...more
The European Supervisory Authorities (comprising the European Banking Authority, European Insurance and Occupational Pensions Authority and European Securities and Markets Authority) have published a joint report, dated 4...more
Entdecken Sie die wichtigsten Prognosen für das kommende Compliance-Jahr. Dieses NAVEX-Webinar beleuchtet KI-Regulierung, neue Durchsetzungsentwicklungen und globale Standards, die die nächste Ära von Ethik und...more
2026 redéfinit la conformité. Rejoignez nos experts pour décrypter l’impact de l’IA et des nouvelles réglementations (DORA) sur votre stratégie. Inscrivez-vous !...more
Explore expert predictions for the year ahead in compliance. This NAVEX webinar covers AI regulation, enforcement updates, and emerging global standards shaping the next era of ethics and risk management....more
On 11 December 2025 the Italian Insurance Regulatory Authority (IVASS) published an update about the National TIBER-IT Guide for Advanced Cybersecurity Testing for the Italian Financial Sector (TIBER-IT Guide) made by Italy’s...more
On November 19, 2025, the European Commission published two "Digital Omnibus" proposals as part of a wider Digital Package: (i) a Digital Legislation Omnibus that amends and consolidates large parts of the European Union's...more