Legal AI in Practice: Firm Governance, Build vs. Buy Decisions, and Vendor Due Diligence — The Good Bot Podcast
Point-of-Sale Finance Series: Understanding State Licensing for Nonbank Providers — The Consumer Finance Podcast
(Podcast) The Briefing - Studios Beware: The Danger of the Beauty and the Beast Copyright Decision
Innovation in Compliance: Brad Stevens: Part 1 - Transforming Outsource Perceptions
Podcast — EU Data Act: Spotlight on Switching Requirements for Data Processing Services
Compliance into the Weeds: Fracht - The Bonkers Sanctions Case
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
On February 3, the U.S. Department of Health and Human Services Office of Inspector General (OIG) issued new Medicare Advantage Industry Segment-Specific Compliance Program Guidance (MA ICPG) for the MA industry and...more
On February 3, 2026, the U.S. Department of Health & Human Services, Office of Inspector General (OIG), published the long-awaited Medicare Advantage Industry Segment-Specific Compliance Program Guidance (Medicare Advantage...more
The Committee believes that the financial services regulators are not doing enough to manage the risks presented by AI....more
Certain large scale ICT companies (known as critical ICT third party providers, "CTPPs") which provide critical cloud storage, technology and data services to banks and other financial institutions play an increasingly...more
The National Association of Insurance Commissioners’ (NAIC) Third-Party Data and Models (H) Working Group issued a preview of its breakout single: a proposed risk-based regulatory framework for third-party data and model...more
Ransomware attacks continue to evolve in sophistication, disrupting operations and commanding the urgent attention of regulators, law enforcement and government agencies....more
The European Supervisory Authorities (ESAs) and the UK’s Bank of England, Prudential Regulation Authority and Financial Conduct Authority (together, the UK Regulators) have signed a Memorandum of Understanding (MoU) to...more
The European Supervisory Authorities (comprising the European Securities and Markets Authority, the European Insurance and Occupational Pensions Authority and the European Banking Authority) have entered into a Memorandum of...more
The New York Department of Financial Services (“NYDFS”) implemented the final phases of amendments to its NYDFS Cybersecurity Regulation (23 NYCRR Part 500) in May and November....more
With the news that over 70% of S&P 500 companies provide some sort of AI-related risk factors in their SEC disclosures, it’s a good time to review the type of risk factors that you might want to consider – of course,...more
On December 22, the National Credit Union Administration (NCUA) updated its Artificial Intelligence (AI) resource page to consolidate key technical and policy references for federally insured credit unions. The page sits...more
While 2025 may have brought questions about the level of enforcement we would see from federal regulators, there was no question that state regulators would continue to be active, especially in the financial privacy space....more
The Basel Committee on Banking Supervision (BCBS) has published its principles for the sound management of third‑party risk, replacing the 2005 Joint Forum outsourcing paper and establishing a common baseline for banks and...more
The Financial Industry Regulatory Authority’s (FINRA) 2026 Annual Regulatory Oversight Report is the most current and comprehensive statement of FINRA’s priorities and expectations for member firms. It does not create new...more
SERC’ling Up is your resource for staying ahead in today’s fast-evolving financial landscape. This newsletter delivers perspectives on the latest enforcement trends, regulatory updates and high-stakes developments affecting...more
On November 28, 2025, the Office of the Comptroller of the Currency ("OCC") issued a request for information ("RFI") on community banks' engagement with their core service providers and other essential third-party service...more
On October 21, 2025, the New York Department of Financial Services ("NYDFS") sent a letter to the executives and information security personnel at covered entities with new guidance for managing technology and data risks...more
Ask any board if AI is on the agenda, and the answer is yes. Ask how confident they feel about their vendors’ use of AI, and the answer is less clear....more
Since the enactment of Singapore’s Cybersecurity Act 2018 (Cybersecurity Act), Singapore’s digital economy has grown rapidly, and cyber threats have evolved at a remarkable pace. To address this shifting landscape, the...more
The European Supervisory Authorities, referred to as ESAs (comprising the European Banking Authority, European Insurance and Occupational Pensions Authority and the European Securities and Markets Authority) have published...more
On 18 November 2025, the European Supervisory Authorities (ESAs) published the first list of designated critical information and communication technology (ICT) third party service providers (CTPPs) under the EU Digital...more
Over the last weekend, major media reported that a key financial services provider, SitusAMC, suffered a substantial data security incident. This Alert summarizes what we know so far, the possible legal implications, and some...more
Segregated portfolio companies (collectively, “SPCs” and individually, an “SPC”) are commonly used in the Cayman Islands as fund vehicles for umbrella funds....more
In a significant stride toward strengthening digital stability in Europe’s financial sector, the European Supervisory Authorities (EBA, EIOPA, and ESMA) have, today, published the list of critical ICT third‑party service...more
On October 20, 2025, FERC Staff issued a report outlining areas of risk to the reliability of the electric grid based on non-public Critical Infrastructure Protection (CIP) Audits of U.S. based North American Electric...more