DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Effective information security is no longer just dependent on an organisation’s own internal cybersecurity controls. The UK Information Commissioner’s Office (ICO) highlights that third-party service providers are processing...more
Organisations that make international transfers of personal data have undergone significant challenges and changes over the last few years. With the invalidation of the Privacy Shield agreement in 2020 and the introduction of...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more
With under six months to go until the European Union Digital Operational Resilience Act (DORA) becomes applicable on 17 January 2025, DORA implementation projects are running full steam ahead. DORA lays down uniform...more
The publication by the Joint Committee of the European Supervisory Authorities (ESAs) on (a) 17 July 2024 of the second batch of implementing materials and (b) 26 July 2024 of the sub-contracting of information and...more
The announcement in 2021 of the intention to implement new rules directly targeting the types of tech service provider relied on by most financial institutions may be a necessary corrective given the heavy market...more
The UK Financial Conduct Authority (FCA) has assessed the systems and controls relating to sanctions compliance for over 90 firms across a range of sectors and summarised its findings of good and poor practice. Acknowledging...more
On July 5, an industry-led working group convened by the UK’s financial regulator published a draft voluntary code of conduct for ESG data and ratings providers (the Code). The Code would apply to all companies based in the...more
The UK government confirmed on 30 November 2022 that there will be changes to the UK’s cybersecurity regulations in response to a public consultation launched earlier this year. This follows recent updates relating to the...more
Financial services firms are increasingly reliant upon third-party companies to provide important services, ranging from cloud services and data analytics to machine learning and cash distribution. As these third parties...more
Dem Senators Urge CFPB Focus on P2P Payment Platforms - A group of Democratic U.S. senators sent a letter to the Consumer Financial Protection Bureau (CFPB) urging the agency to take a harder look at peer-to-peer (P2P)...more
New High Court case considers nature and scope of the Quincecare duty - In June, the Court of Appeal expanded the scope of a bank’s duty of care to protect its customers from fraud to encompass instructions by those other...more
My company owns an empty property. I wish to retain a provider of “property guardian” services to secure it against squatters, vandals and dereliction. Is there a risk that the guardians may become tenants, entitled to...more
In the recent and significant Warren v DSG Retail Ltd [2021] EWHC 2168 (QB) decision the High Court in England clarified the limited circumstances in which claims for breach of confidence, misuse of private information and...more
Request to Pay: Pay.UK launches rules and standards framework - Pay.UK has launched the Request to Pay Framework — the message standards, rules, and terms and conditions for the development of Request to Pay services. The...more
The Court of Appeal has recently handed down a number of important judgments addressing the scope of Legal Professional Privilege (LPP). In Sports Direct International plc v Financial Reporting Council, a unanimous Court of...more
The Court of Appeal's recent decision in Kadie Kalma & Ors v African Minerals Ltd stands as a stark reminder of the risks and responsibilities companies bear when operating in sectors and jurisdictions with a high risk of...more
On 5 December 2019 the Bank of England (Bank), UK Prudential Regulation Authority (PRA) and UK Financial Conduct Authority (FCA) published coordinated consultation papers and policy on new requirements to strengthen...more
Call for input: Industry needs to engage as the FCA moves forward on its transformative vision for open finance. Imagine a world in which you could access your bank accounts, credit cards, mortgage, pensions, savings...more
The open banking requirements under the Payment Services Directive (EU) 2015/2366 (“PSD2”) are now in force, under which an account servicing payment service provider (“ASPSP”) must grant an authorised third party service...more
What kinds of cloud computing transactions take place in your jurisdiction? As a G7 economy with mature IT and related services markets, the UK is one of the most important global markets for cloud computing. According to...more
This note sets out at a high level the potential impact of the United Kingdom’s (“UK”) exit (“Brexit”) from the European Union (“EU”) without a negotiated agreement on UK and European Economic Area (“EEA”) (a) alternative...more
Insights from Latham’s flagship event: Managing the risk and promise of digitisation in financial services - The financial services industry is leading the way in outsourcing, with contract values in excess of US$10.7...more
Following the publication of a discussion paper in June 2018, the U.K. Payment Systems Regulator has published its response paper on the issue of data in the payments industry. The discussion paper outlined three potential...more