News & Analysis as of May 23, 2025

Risk Management

+ Follow

The fatal flaws in the 2023 CRA rule
New Executive Order Targets Disparate Impact Claims Nationwide - #WorkforceWednesday® - Employment Law This Week®
Welcoming a New Payment Pro: Jason Cover Joins the Payments Pros Podcast — Payments Pros – The Payments Law Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
Medicaid Cuts: Potential Challenges and Legal Implications for Long-Term Care Facilities — Assisted Living and the Law Podcast
Tariffs and Trade Series: What Boards of Directors Need to Know
Under the Hood: Exploring the CFPB's 2025 Focus — Moving the Metal: The Auto Finance Podcast
Evolving AI Legislation: Federal Policies, Task Forces, and Proposed Laws — The Good Bot Podcast
Episode 369 -- Stepping Into the Enforcement Spotlight -- Customs and Border Patrol and Import Enforcement
10 For 10: Top Compliance Stories For the Week Ending May 17, 2025
Tariffs and Trade Series: What Investors Need to Know
Compliance Tip of the Day: Using Supply Chain to Innovate in Compliance
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Early Returns Podcast - Oliver Roberts: AI and the Law, and an Education
Compliance into the Weeds: Leaving on a (Qatari) Jet Plane
(Podcast) California Employment News: Back to the Basics of Employee Pay Days
Compliance Tip of the Day: Multiplying the Influence of Compliance
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Compliance tip of the Day: Communication Through Persuasion
All Things Investigations: Task Force Strategies - Addressing New Government Priorities

New PCI DSS 4.0 Credit Card Compliance Requirements Effective April 1, 2025

McDermott Will & Emery on 4/21/2025

As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more

EC publishes draft delegated regulation on subcontracting RTS under DORA

A&O Shearman on 4/16/2025

On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more

Europe: National Regulators Announce Digital Operational Resilience Act Reporting Windows

K&L Gates LLP on 3/5/2025

EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more

FINRA’s 2025 Annual Regulatory Oversight Report: Focus on AI, Other Emerging Risk Areas, and Best Practices

WilmerHale on 2/19/2025

On January 28, 2025, FINRA published its Annual Regulatory Oversight Report (the Report). The Report highlights emerging risk areas and recent developments, common compliance deficiencies, and best practices for member firms....more

The European Commission rejects draft Regulatory Technical Standards on subcontracting under the Digital Operational Resilience...

Hogan Lovells on 2/3/2025

What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more

What Debt Settlement Companies Need to Know When Working With Third Party Payment Processors (Whitepaper)

Clark Hill PLC on 1/31/2025

Clark Hill’s Financial Services and Regulatory Compliance Group has authored a whitepaper for debt settlement companies considering engaging a third-party payment processor for managing accounts and handling financial...more

Navigating Legal Liability in AI Adoption: What Healthcare Executives Need to Know

Benesch on 1/30/2025

The adoption of artificial intelligence (AI) in healthcare has ushered in a new era of innovation that is transforming diagnostics, treatment planning and operational efficiencies. However, with great potential comes...more

DORA – One week to go

Hogan Lovells on 1/13/2025

The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more

DORA: Get ready, get set, take action

A&O Shearman on 12/20/2024

The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025. The regulation aims to strengthen the digital operational resilience of the financial sector...more

The EU’s Digital Operational Resilience Act 2022/2554 (DORA)

BCLP on 9/23/2024

Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more

NYDFS Requires Filing of Preparedness Plans and Financial Risk Assessments Related to COVID-19

Ballard Spahr LLP on 3/17/2020

In an Industry Letter, the New York State Department of Financial Services (NYDFS) is requesting assurance that New York State regulated institutions have preparedness plans in place to address operational risk, and it is...more

11 Results

View per page

Page: of 1

Regulatory Requirements › Third-Party Service Provider › Risk Management

"My best business intelligence, in one easy email…"