Fintech

Can you access your outsourced data?

By Kerri Gevers (SG) on September 1, 2025

Financial regulators globally emphasise the importance of financial entities being operationally resilient, which includes the ability to manage and recover from disruptions caused by their service providers. The topic receives significant attention in the financial services sector because the sector…

CSA releases guidance on the use of artificial intelligence in capital markets

By Imran Ahmad (CA), Domenic Presta (CA), Thierry Dorval, Katherine Barbacki & Roxanne Caron (CA) on January 8, 2025

On December 5, 2024, the Canadian Securities Administrators (CSA) released CSA Staff Notice and Consultation 11-348 – Applicability of Canadian Securities Laws and the Use of Artificial Intelligence Systems in Capital Markets (the Notice). The Notice was…

FCA sets out plans to make Big Tech a priority and provides update on its approach to AI

By Simon Lovegrove (UK), Anita Edwards & Hannah Meakin (UK) on April 23, 2024

On 22 April 2024, the Financial Conduct Authority (FCA) published a speech by its chief executive, Nikhil Rathi, entitled ‘Navigating the UK’s Digital Regulation Landscape: Where are we headed?’. In the speech, Mr Rathi announced the FCA’s plans…

UK Information Commissioner’s Office Publishes Final Guidance On Employee Monitoring

By Lara White (UK), Rosie Nance & Olivia Wint on October 12, 2023

The UK Information Commissioner’s Office (ICO) published its final guidance on monitoring workers on 3 October 2023 (the Guidance). The Guidance is aimed at employers across both the private and public sector. Responding to the rise of remote working and…

European Commission adopts its adequacy decision for the EU-US Data Privacy Framework

By Lara White (UK), Marcus Evans (UK), Susan Ross (US), Jurriaan Jansen, Christoph Ritzer (DE) & Nadège Martin (FR) on July 11, 2023

On 10 July, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (the DP Framework). It thereby declared that the United States (the US) ensures an adequate level of protection for personal data transferred…

Everyone is using ChatGPT what does my organisation need to watch out for

By Marcus Evans (UK), Lara White (UK) & Steve Roosa (US) on April 27, 2023

In December 2022, OpenAI released ChatGPT, a powerful AI-powered chatbot that could handle users’ questions and requests for information or content in a convincing and confident manner. The number of users signing up to use the tool increased very rapidly…

Transition period under New York Cybersecurity Regulation ends March 1, 2019

By Kathleen Scott (US) & Susan Ross (US) on January 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS”) Cybersecurity Regulation, 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Entities covered by the Regulation that utilize third party service providers, which include not only banks and insurers, but also other financial services institutions and licensees regulated by the DFS, will be required to implement third-party risk management programs by March 1.

Data Protection Report