DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
The European Commission’s adoption on 23 October 2024 of the two regulations (Regulations) supplementing the [the Regulation on digital operational resilience for the financial sector Publications Office (europa.eu)] (DORA)...more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an Industry Letter that discusses the cybersecurity risks associated with the use of artificial intelligence (AI) and outlines strategies to...more
The COVID-19 pandemic has significantly reshaped the facilities management (FM) outsourcing landscape. Companies have transitioned from fully office-based work to home-based work, and now to hybrid models, prompting a...more
The Cyber and Analytics Unit within the Member Supervision program of the Financial Industry Regulatory Authority, Inc. (“FINRA”) recently published a cybersecurity advisory regarding increasing cybersecurity risks at...more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
The deadline is fast approaching for in-scope financial entities and their ICT service providers to conform to the EU’s new digital operational resilience regulation. With effect from 17 January 2025, a broad range of EU...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
In this blog post, we will focus on obligations that the European Union’s Artificial Intelligence Act (AI Act) sets for deployers, providers, importers and distributors regarding high-risk AI systems....more
Banking regulators have issued a joint statement outlining the potential risks that financial institutions face in arrangements with third parties to deliver bank deposit products and services and examples of risk management...more
The publication by the Joint Committee of the European Supervisory Authorities (ESAs) on (a) 17 July 2024 of the second batch of implementing materials and (b) 26 July 2024 of the sub-contracting of information and...more
In an evolving (and somewhat disjointed) process, FinCEN has been providing guidance to persons and entities that are responsible for filing required beneficial ownership information (“BOI”) reports to FinCEN, as well as to...more
Corporate interest in AI, particularly generative AI (genAI), has surged dramatically. For many legal teams, there is pressure all the way from the C-suite to start using this new technology. However, the process of...more
Since the release of OpenAI’s ChatGPT, the intense hype around large language models (LLMs) and complex AI systems has exploded. Organizations have rushed to both try and buy these new tools. Along with it, a flood of...more
The sheer proliferation of supply chain transparency and accountability regulations at international scale itself warrants a closer look at the level of scrutiny required of organizations with complex, multi-faceted, global,...more
The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more
The Monetary Authority of Singapore (MAS) has recently finalised its proposals on mandating reference checks. The finalised proposals are substantially in line with those initially proposed in its Consultation Paper on...more
In the current landscape of heightened customer expectations and fierce industry competition, law firms find themselves needing to exceed traditional service delivery norms. The need to go above and beyond in meeting client...more
When negotiating technology or data services contracts, businesses of all sizes and industries are now spending more time and attention on privacy controls. The increasing prevalence of comprehensive U.S. state privacy laws...more
The UK Financial Conduct Authority (FCA) has assessed the systems and controls relating to sanctions compliance for over 90 firms across a range of sectors and summarised its findings of good and poor practice. Acknowledging...more
SGR would like to bring to your attention the recent development from the U.S. Securities and Exchange Commission (SEC) regarding cybersecurity regulations that impacts public companies subject to the reporting requirements...more
Third-party relationships supporting core operations are now more important than ever for most organizations. Yet too often, procurement, information security, compliance, and other professionals are overburdened with the...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more