As companies shift their thinking from “if” a cyberattack will happen to “when” an attack hits, the key differentiator in how a company emerges from an attack is often dictated by preparation and strategic planning in order...more
On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business.
The ransomware...more
Key Points -
- Accelerated M&A activity by financial sponsors is expected in the near term due to improved market conditions and deregulation under the Trump administration.
- With the rapid development of new AI use...more
1/20/2025
/ Acquisitions ,
Artificial Intelligence ,
Capital Markets ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Mergers ,
Private Equity ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
On 13 December 2024, the UK Information Commissioner’s Office (ICO) published the report of outcomes from its consultation on generative AI (genAI). The report sets out key themes that emerged from responses to the ICO’s...more
1/8/2025
/ Artificial Intelligence ,
Compliance ,
Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
Regulatory Agenda ,
Transparency ,
UK
The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including:
- An...more
1/6/2025
/ Cybersecurity ,
Digital Operational Resilience Act (DORA) ,
EIOPA ,
Enforcement ,
EU ,
European Banking Authority (EBA) ,
European Supervisory Authorities (ESAs) ,
Financial Institutions ,
Financial Services Industry ,
Information and Communication Technology (ICT) ,
Investment Management ,
Policies and Procedures ,
Risk Management
On 30 September 2024, the UK Department of Science, Innovation and Technology announced that the Cyber Security and Resilience Bill (Bill) will be introduced to Parliament in 2025. The Bill was first announced in the King’s...more
10/15/2024
/ Artificial Intelligence ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Digital Services ,
EU ,
Incident Response Plans ,
Intellectual Property Protection ,
Legislative Agendas ,
New Legislation ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Risk Management ,
Technology Sector ,
UK
The deadline for EU countries to transpose the expanded cybersecurity directive, NIS 2, into national law is 17 October 2024, but the implementation status varies significantly from country to country. Some of the member...more
10/14/2024
/ Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Deadlines ,
EU ,
National Security ,
Popular ,
Risk Management ,
Technology Sector
With the EU’s AI Act having entered into force on August 1, 2024, companies now need to focus on its implementation. Although the AI Act will not be fully enforceable until August 2, 2027, some obligations will become binding...more
In this edition of Insights, we take a closer look at the megadeals and sponsor transactions driving recent M&A activity, the importance of staying ahead of the risks in AI development and deployment, and other diverse...more
9/30/2024
/ Acquisitions ,
Administrative Procedure Act ,
Artificial Intelligence ,
Chevron Deference ,
Corner Post Inc v Board of Governors of the Federal Reserve System ,
Corporate Governance ,
Delaware General Corporation Law ,
Federal Bans ,
Federal Trade Commission (FTC) ,
Final Rules ,
Government Agencies ,
Judicial Authority ,
Loper Bright Enterprises v Raimondo ,
Machine Learning ,
Mergers ,
Non-Compete Agreements ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Authority ,
Regulatory Requirements ,
SCOTUS ,
SEC v Jarkesy ,
Securities and Exchange Commission (SEC) ,
Shareholder Litigation ,
Shareholders ,
Technology Sector
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more
9/30/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
NIST ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
U.S. Commerce Department
On 5 September 2024, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO), and the UK National Crime Agency (NCA) signed a Memorandum of Understanding (MoU) outlining how they will further collaborate...more
9/13/2024
/ Cybersecurity ,
Data Privacy ,
EU ,
Information Commissioner's Office (ICO) ,
Memorandum of Understanding ,
National Crime Agency (NCA) ,
National Security ,
Ransomware ,
Regulatory Oversight ,
Regulatory Requirements ,
UK
Across industries, companies are facing new and uncertain regulatory pressures and demands in areas including artificial intelligence, sustainability, algorithmic pricing and fintech-bank relations. In this issue of The...more
9/10/2024
/ Algorithms ,
Antitrust Division ,
Artificial Intelligence ,
Banking Sector ,
Board of Directors ,
Competition ,
Corporate Governance ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Enforcement Actions ,
EU ,
Financial Institutions ,
FinTech ,
Multinationals ,
Price-Fixing ,
Regulatory Agenda ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Sustainability ,
Technology Sector ,
UK
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risk from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The...more
9/4/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector ,
UK
In Nuctech Warsaw (T-284/24), the EU Court of Justice held that EU subsidiaries can lawfully be required to provide access to email accounts and data held by their overseas parent company. The ruling involved the following...more
8/26/2024
/ Appeals ,
Commercial Litigation ,
Corporate Counsel ,
Corporate Governance ,
Enforcement Actions ,
EU ,
European Commission ,
European Court of Justice (ECJ) ,
Extraterritoriality Rules ,
Foreign Corporations ,
Popular ,
Privacy Laws ,
UK ,
White Collar Crimes
Last month the new Labour government in the UK announced in the King’s Speech that it will introduce new artificial intelligence (AI) rules alongside cybersecurity and digital information bills. A brief overview of these...more
8/9/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Protection ,
Intellectual Property Protection ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
Risk Management ,
Technology Sector ,
UK
As implementation of the EU’s Digital Operational Resilience Act (DORA) approaches, financial market participants and their technology service providers (both in and out of Europe) face a critical compliance deadline. The new...more
7/19/2024
/ BaFin ,
Cybersecurity ,
Data Privacy ,
EU ,
Financial Conduct Authority (FCA) ,
Financial Institutions ,
Financial Markets ,
Financial Regulatory Reform ,
Financial Services Industry ,
Regulatory Agenda ,
Technology Sector ,
UK
Earlier this year, a dedicated policy prepared by the European Central Bank (ECB) came into effect requiring bank management bodies to broaden their collective understanding of and proficiency in identifying and dealing with...more
On 9 May 2024, Skadden held the inaugural London Space Law Symposium, where six panels of Skadden representatives and industry experts discussed legal aspects of the new space economy. The event was held in the Naim Dangoor...more
6/28/2024
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
EU ,
Financial Institutions ,
International Arbitration ,
International Litigation ,
Legislative Agendas ,
Outer Space ,
Popular ,
Regulatory Agenda ,
Sustainability ,
Taxation ,
Technology Sector ,
UK
Explore the unique considerations for mergers and acquisitions in the AI sector, the return of IPOs, the implications of new Supreme Court decisions and other developments in this edition of Skadden’s quarterly Insights....more
6/27/2024
/ Acquisitions ,
Antitrust Provisions ,
Banking Sector ,
Capital Markets ,
Consumer Financial Products ,
Consumer Protection Laws ,
Corporate Governance ,
Environmental Social & Governance (ESG) ,
EU ,
Executive Compensation ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
FinTech ,
Food and Drug Administration (FDA) ,
Intellectual Property Protection ,
Life Sciences ,
Mergers ,
Private Equity ,
Securities and Exchange Commission (SEC) ,
Shareholders ,
Technology
The newly approved Artificial Intelligence Act (AI Act or the Act) aims to create a secure and trustworthy environment for the development and use of AI in the European Union....more
6/27/2024
/ Artificial Intelligence ,
Compliance ,
Consumer Financial Products ,
Consumer Protection Laws ,
Cybersecurity ,
Data Privacy ,
EU ,
FinTech ,
General Data Protection Regulation (GDPR) ,
Intellectual Property Protection ,
Privacy Laws ,
Technology Sector
Rather than specifically regulating artificial intelligence (AI), the UK government has opted to rely on the existing web of laws and regulations applying to technology across a spectrum of sectors in its jurisdiction. But...more
5/13/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Enforcement Actions ,
Financial Conduct Authority (FCA) ,
Information Commissioner's Office (ICO) ,
Popular ,
Prudential Regulation Authority (PRA) ,
Regulatory Agenda ,
Regulatory Requirements ,
UK
On 22 April 2024, the Financial Conduct Authority (FCA), the Prudential Regulation Authority (PRA) and the Bank of England published their strategic approaches to regulating AI in response to the UK government’s July 2022 AI...more
5/3/2024
/ Artificial Intelligence ,
Corporate Counsel ,
Financial Conduct Authority (FCA) ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
Popular ,
Prudential Regulation Authority (PRA) ,
Regulatory Agenda ,
Regulatory Requirements ,
Technology ,
UK
In April 2024, the UK government reiterated its vision for open finance, with UK Economic Secretary Bim Afolami (MP) announcing the creation of the Open Finance Taskforce at the 2024 Innovate Finance Global Summit. The...more
4/30/2024
/ Banking Sector ,
Consumer Protection Laws ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
FinTech ,
HMRC ,
Payment Systems ,
Regulatory Agenda ,
Small and Medium-Sized Enterprises (SMEs) ,
UK
On January 31, 2024, the European Commission (EC) adopted the first of a series of initiatives to harmonize cybersecurity certification across the EU: the European Cybersecurity Scheme on Common Criteria (EUCC).
While EUCC...more
On 21 January 2024, a near complete draft version of the proposed text for the EU AI Act was unofficially shared with the public by a European media publication, after which a senior advisor in the European Parliament shared...more