In its first major initiative, on March 21, 2025, the Federal Communications Commission’s (FCC’s) newly formed Council on National Security (Council) launched an investigation into the “ongoing U.S. operations” of businesses...more
On March 26, 2025, the Department of Justice (DOJ) entered into a settlement agreement with MORSECORP, Inc. (MORSE), resolving False Claims Act (FCA) allegations that MORSE submitted false claims for payment under Department...more
Key Points -
- Accelerated M&A activity by financial sponsors is expected in the near term due to improved market conditions and deregulation under the Trump administration.
- With the rapid development of new AI use...more
1/20/2025
/ Acquisitions ,
Artificial Intelligence ,
Capital Markets ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Mergers ,
Private Equity ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including:
- An...more
1/6/2025
/ Cybersecurity ,
Digital Operational Resilience Act (DORA) ,
EIOPA ,
Enforcement ,
EU ,
European Banking Authority (EBA) ,
European Supervisory Authorities (ESAs) ,
Financial Institutions ,
Financial Services Industry ,
Information and Communication Technology (ICT) ,
Investment Management ,
Policies and Procedures ,
Risk Management
At what point has a director served too long? What about term limits? A mandatory retirement age? When do a director’s skills become stale? These issues are addressed in this issue of The Informed Board, as well as why proxy...more
11/25/2024
/ Acquisitions ,
Artificial Intelligence ,
Board of Directors ,
Corporate Governance ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Investment ,
Investors ,
Machine Learning ,
Mergers ,
National Security ,
Proxy Season ,
Publicly-Traded Companies ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Shareholder Activism ,
Technology Sector
With the rapid commercialization of artificial intelligence (AI) technology, the Biden administration has been grappling with its implications, including its potential impact on national security. Several departments have...more
11/22/2024
/ Artificial Intelligence ,
Biden Administration ,
Bureau of Industry and Security (BIS) ,
CFIUS ,
China ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
Export Controls ,
Machine Learning ,
National Security ,
Political Campaigns ,
Regulatory Agenda ,
Reporting Requirements ,
Technology Sector ,
Trump Administration ,
U.S. Treasury
Cyber threats continue to grow as a result of increased digitization, widespread use of cloud computing, advanced connectivity and artificial intelligence (AI), requiring boards of directors across all sectors to focus more...more
11/22/2024
/ Artificial Intelligence ,
Board of Directors ,
Corporate Governance ,
Crisis Management ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Machine Learning ,
Privacy Laws ,
Publicly-Traded Companies ,
Regulatory Oversight ,
Regulatory Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Litigation ,
Third-Party
On October 22, 2024, the Securities and Exchange Commission (SEC) announced enforcement actions against several technology companies for making materially misleading disclosures regarding cybersecurity risks and intrusions....more
11/11/2024
/ Cyber Attacks ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement Actions ,
Publicly-Traded Companies ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Securities Violations ,
SolarWinds ,
Technology Sector
On 30 September 2024, the UK Department of Science, Innovation and Technology announced that the Cyber Security and Resilience Bill (Bill) will be introduced to Parliament in 2025. The Bill was first announced in the King’s...more
10/15/2024
/ Artificial Intelligence ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Digital Services ,
EU ,
Incident Response Plans ,
Intellectual Property Protection ,
Legislative Agendas ,
New Legislation ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Risk Management ,
Technology Sector ,
UK
The deadline for EU countries to transpose the expanded cybersecurity directive, NIS 2, into national law is 17 October 2024, but the implementation status varies significantly from country to country. Some of the member...more
10/14/2024
/ Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Deadlines ,
EU ,
National Security ,
Popular ,
Risk Management ,
Technology Sector
On September 11, 2024, the Department of Commerce’s Bureau of Industry and Security (BIS) published a proposed rule that would require U.S. persons to report certain activities related to the development or acquisition of...more
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more
9/30/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
NIST ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
U.S. Commerce Department
The U.S. government’s recent complaint in a relator-filed case under the False Claims Act (FCA):
- Marks the first FCA suit in which the Department of Justice (DOJ) has intervened since launching its ongoing Civil...more
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risk from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The...more
9/4/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector ,
UK
The Department of Defense (DoD) is currently reviewing and adjudicating the public comments received in response to its proposed regulations implementing its Cybersecurity Maturity Model Certification 2.0 program (CMMC)....more
8/13/2024
/ Aerospace ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Department of Defense (DOD) ,
False Claims Act (FCA) ,
Federal Contractors ,
National Security ,
NIST ,
Proposed Rules ,
Regulatory Agenda ,
Regulatory Requirements
The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more
8/8/2024
/ Board of Directors ,
Chief Information Security Officer (CISO) ,
Corporate Governance ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure ,
Disclosure Requirements ,
Internal Controls ,
Misleading Statements ,
Public Statements ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
SolarWinds ,
White Collar Crimes
As implementation of the EU’s Digital Operational Resilience Act (DORA) approaches, financial market participants and their technology service providers (both in and out of Europe) face a critical compliance deadline. The new...more
7/19/2024
/ BaFin ,
Cybersecurity ,
Data Privacy ,
EU ,
Financial Conduct Authority (FCA) ,
Financial Institutions ,
Financial Markets ,
Financial Regulatory Reform ,
Financial Services Industry ,
Regulatory Agenda ,
Technology Sector ,
UK
Earlier this year, a dedicated policy prepared by the European Central Bank (ECB) came into effect requiring bank management bodies to broaden their collective understanding of and proficiency in identifying and dealing with...more
Two recent settlements under the False Claims Act (FCA):
- Signal enhanced risk around cybersecurity for recipients of federal funds.
- Underscore the need to assess compliance with cybersecurity requirements and...more
On 9 May 2024, Skadden held the inaugural London Space Law Symposium, where six panels of Skadden representatives and industry experts discussed legal aspects of the new space economy. The event was held in the Naim Dangoor...more
6/28/2024
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
EU ,
Financial Institutions ,
International Arbitration ,
International Litigation ,
Legislative Agendas ,
Outer Space ,
Popular ,
Regulatory Agenda ,
Sustainability ,
Taxation ,
Technology Sector ,
UK
The newly approved Artificial Intelligence Act (AI Act or the Act) aims to create a secure and trustworthy environment for the development and use of AI in the European Union....more
6/27/2024
/ Artificial Intelligence ,
Compliance ,
Consumer Financial Products ,
Consumer Protection Laws ,
Cybersecurity ,
Data Privacy ,
EU ,
FinTech ,
General Data Protection Regulation (GDPR) ,
Intellectual Property Protection ,
Privacy Laws ,
Technology Sector
On May 16, 2024, the Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P (Reg S-P), which broadly track the changes originally proposed in March 2023. The revised Reg S-P requires...more
Rather than specifically regulating artificial intelligence (AI), the UK government has opted to rely on the existing web of laws and regulations applying to technology across a spectrum of sectors in its jurisdiction. But...more
5/13/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Enforcement Actions ,
Financial Conduct Authority (FCA) ,
Information Commissioner's Office (ICO) ,
Popular ,
Prudential Regulation Authority (PRA) ,
Regulatory Agenda ,
Regulatory Requirements ,
UK
On March 13, 2024, Utah enacted the Utah Artificial Intelligence Policy Act (UAIP), which imposes certain disclosure requirements on entities using generative AI tools with their customers, and limits an entity’s ability to...more
4/8/2024
/ Artificial Intelligence ,
Consumer Protection Laws ,
Corporate Counsel ,
Cybersecurity ,
Disclosure Requirements ,
Fines ,
Machine Learning ,
New Legislation ,
Penalties ,
Policies and Procedures ,
Popular ,
Reporting Requirements
Both the EU and Germany are taking significant steps to accelerate digitalization in the health sector and facilitate the exchange and use of health data for research and innovation purposes.
They aim to improve...more
4/4/2024
/ Analytics ,
Artificial Intelligence ,
Cybersecurity ,
Data Protection ,
Data-Sharing ,
Digital Health ,
EU ,
Germany ,
Healthcare ,
Life Sciences ,
Machine Learning ,
Pharmaceutical Industry ,
Popular ,
Privacy Laws ,
Research and Development