DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
The U.S. Department of Treasury (Treasury) released final and proposed regulations under § 861 of the Code addressing the U.S. federal income tax classification of digital content and cloud computing transactions (the “Final...more
As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
On January 28, 2025, FINRA published its Annual Regulatory Oversight Report (the Report). The Report highlights emerging risk areas and recent developments, common compliance deficiencies, and best practices for member firms....more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
Clark Hill’s Financial Services and Regulatory Compliance Group has authored a whitepaper for debt settlement companies considering engaging a third-party payment processor for managing accounts and handling financial...more
The adoption of artificial intelligence (AI) in healthcare has ushered in a new era of innovation that is transforming diagnostics, treatment planning and operational efficiencies. However, with great potential comes...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025. The regulation aims to strengthen the digital operational resilience of the financial sector...more
The European Supervisory Authorities have published a joint statement on the application of the EU Digital Operational Resilience Act. The ESAs emphasise that as DORA does not provide for a transitional period, it is...more
The FCA, PRA, and Bank of England have published their finalised critical third party (CTP) rules (and accompanying guidance) in PS24/16 Operational resilience: Critical third parties to the UK financial sector....more
Welcome to the latest issue of Bracewell’s FINRA Facts and Trends, a monthly newsletter devoted to condensing and digesting recent FINRA developments in the areas of enforcement, regulation and dispute resolution. This month,...more
The new regime will take effect on 1 January 2025, but will not diminish the responsibilities of financial services firms relying on the services of critical third parties....more
On October 3, 2024, the Financial Crimes Enforcement Network (FinCEN) issued new guidance concerning the Corporate Transparency Act (CTA) by updating and expanding on the Beneficial Ownership Information (BOI) Reporting...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more
The announcement in 2021 of the intention to implement new rules directly targeting the types of tech service provider relied on by most financial institutions may be a necessary corrective given the heavy market...more
Examining AI tools: Before deciding to purchase and implement AI tools in an organization, one must consider various aspects, including privacy issues, discrimination, copyright protection, and suppliers and contracts. The...more
In a previous update, Quarles discussed a new Alabama law that requires individuals serving as the designated representative for an Alabama-licensed facility to register with the Alabama Board of Pharmacy ("the Board”) as of...more
In December, NYDFS released revised proposed amendments to 23 NYCRR 1, which regulates third-party debt collectors and debt buyers. NYDFS first issued a proposed amendment to 23 NYCRR 1 in December 2021 ...more
Following the European Council's approval last week, the Digital Services Act (DSA) has been officially adopted, starting the countdown to the law’s entry into force later this year. The DSA builds on the Electronic Commerce...more
On February 4, 2022, the FDA released its long-awaited proposed national standards for the licensure of third party logistics providers (3PLs) and wholesale drug distributors. The draft rules were years over-due and the delay...more
On December 30, 2021, the U.S. Department of Labor (“DOL”) issued Field Assistance Bulletin No. 2021-03 (“FAB”), announcing its temporary enforcement policy for group health plan service provider disclosures under ERISA...more