DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
The European Union (EU) Artificial Intelligence Act (AI Act), Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending...more
With under six months to go until the European Union Digital Operational Resilience Act (DORA) becomes applicable on 17 January 2025, DORA implementation projects are running full steam ahead. DORA lays down uniform...more
Banking regulators have issued a joint statement outlining the potential risks that financial institutions face in arrangements with third parties to deliver bank deposit products and services and examples of risk management...more
The European Banking Authority and European Securities and Markets Authority have published joint guidelines on the suitability of members of the management body, and on the assessment of shareholders and members with...more
On June 17, 2024, FHA announced in draft Mortgage Letter 2024-12 a proposed revision to its Defect Taxonomy to clarify that fraud or material misrepresentation involving a sponsored Third-Party Originator (TPO) is a Tier 1...more
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more
In the evolving world of lead generation and performance-based customer acquisition, the quest for profits can lead to big legal risks, some of them too large for advertisers that buy leads through third parties. Advertisers...more
The announcement in 2021 of the intention to implement new rules directly targeting the types of tech service provider relied on by most financial institutions may be a necessary corrective given the heavy market...more
The Monetary Authority of Singapore (MAS) has recently finalised its proposals on mandating reference checks. The finalised proposals are substantially in line with those initially proposed in its Consultation Paper on...more
On January 9, 2024, the California Department of Financial Protection and Innovation (DFPI) announced that it entered into a consent order with a Delaware fintech company that provided California consumers with access...more
The U.S. Court of Appeals for the Second Circuit issued a summary order affirming a district court’s holding that an emailed response to the plaintiff’s email did not constitute an “initial communication” under the Fair Debt...more
A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
In Moore v. Merchants & Medical Credit Corp., Inc., the plaintiff initiated litigation in state court alleging a violation of the Fair Debt Collection Practices Act (FDCPA) based on the defendant’s use of a letter vendor to...more
A New York federal district court has denied a motion to dismiss the lawsuit filed in January 2022 by the CFPB against three companies that purchase portfolios of defaulted debts (Corporate Defendants) and three individuals...more
The Seventh Circuit Court of Appeals recently affirmed a district court’s dismissal of a suit holding that the plaintiff had not suffered a concrete injury, and therefore, lacked standing to assert a claim under the Fair Debt...more
On July 5, an industry-led working group convened by the UK’s financial regulator published a draft voluntary code of conduct for ESG data and ratings providers (the Code). The Code would apply to all companies based in the...more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
The EU regulation on digital operational resilience for the financial sector (DORA) was published in the Official Journal of the European Union on 27 December 2022. It entered into force on 16 January 2023 and will apply from...more
In a significant boost to the financial services industry, Utah has taken major steps to streamline its debt collection bureaucracy — including the removal of criminal penalties for failure to comply with technical...more
On February 15, Federal Reserve Board Governor Michelle W. Bowman delivered remarks at the Midwest Cyber Workshop, during which she discussed topics related to third-party service provider reliance and regulatory expectations...more
In mid-December the European Union (EU) enacted new legislation aiming at harmonizing, and tightening, information technology (IT) security rules in the financial sector: Regulation (EU) 2022/2554 on digital operational...more
In December, NYDFS released revised proposed amendments to 23 NYCRR 1, which regulates third-party debt collectors and debt buyers. NYDFS first issued a proposed amendment to 23 NYCRR 1 in December 2021 ...more
Financial services firms are increasingly reliant upon third-party companies to provide important services, ranging from cloud services and data analytics to machine learning and cash distribution. As these third parties...more