Category

Cybersecurity

17 July 2020

Payments and Fintech: Addressing Key EU, UK and U.S. Cybersecurity Issues

Data is key to innovation, growth, and staying competitive in the payments sector. In recent years, there has been a massive increase in the volume of data maintained and processed by payment service providers. Regulators and policymakers on both sides of the Atlantic are imposing increasingly prescriptive cybersecurity regulatory frameworks and closer scrutiny upon companies, while new and escalating cybersecurity threats challenge standard safeguards.

For the latest insights on the risks posed and effective ways to mitigate them, please join OneTrust DataGuidance and Sidley for a webinar focusing on the cybersecurity issues confronting the payments and fintech sectors in the EU, UK, and U.S.

(more…)

EmailShare
15 July 2020

Partnering With Tech and Fintech Firms: Key EU/UK Regulatory Considerations for the Payments Sector

There has been a rapid increase in collaboration between fintechs and other technology firms and more traditional payment service providers (PSPs) such as banks, merchant acquirers, and money transmitters. While fintechs and technology firms are often seen as direct competitors of traditional PSPs, in a market driven by innovation, both sides of the market increasingly consider collaboration a mutually beneficial way to play to each participating firm’s strengths. For more traditional PSPs, the technologies that a fintech or technology firm develops can help enhance and streamline, and in some cases modernize, the services provided to customers. For a fintech or technology firm, partnering with a PSP can provide an efficient and effective way to expand into the payment services market, particularly for customers who are more inclined to use traditional PSPs.

Regulators are monitoring these developments with growing interest and with an eye to potential risks to customers and markets as well as their ability to supervise regulated firms and their operations. This post highlights a number of EU/UK regulatory issues that fintechs, technology companies, and PSPs should consider when collaborating with one another.

(more…)

EmailShare
21 May 2020

FinCEN Issues Notice on Reporting COVID-19 Criminal and Suspicious Activities, Companion Advisory on COVID-19-Related Medical Scams

On May 18, 2020, the Financial Crimes Enforcement Network (FinCEN), as part of its COVID-19-related response, issued a Notice Related to the Coronavirus Disease 2019 (COVID-19) reminding financial institutions of certain Bank Secrecy Act (BSA) obligations and pertinent information regarding reporting COVID-19-related criminal and suspicious activity (the Notice). Contemporaneously, FinCEN issued an Advisory on Medical Scams Related to the Coronavirus Disease 2019 (COVID-19) (the Advisory).

In light of the Notice and Advisory, firms should (a) continue to comply with their BSA obligations; (b) include COVID-19 detail only when that detail relates to the reported suspicious activity; (c) review policies and procedures to notify and to provide COVID-19 information to government agencies, including verification of the requesting agency; (d) review the Advisory red flags related to medical scams; and (e) consider revising policies and procedures as appropriate.

COVID-19-related frauds are a special emphasis for law enforcement and regulatory agencies, so failing to detect and report those issues could be viewed as a significant flaw in a firm’s anti-money laundering (AML) program.

(more…)

EmailShare
11 May 2020

COVID-19 – Privacy and Cybersecurity: An Action Plan For Business

As the COVID-19 pandemic evolves, companies should not lose sight of the privacy, data protection and cybersecurity implications of the new and sudden digital reality. This Action Plan sets out some key issues and recommendations to consider as your business manages this rapidly developing dynamic and considers protocols to support the workforce and mitigate risk in a transition back to work. (more…)

EmailShare
20 April 2020

UK Supreme Court Rules Morrisons Not Vicariously Liable for Malicious Data Breach by Employee

Case: WM Morrison Supermarkets plc v Various Claimants [2020] UKSC 12

In a decision that employers will welcome, the UK Supreme Court recently ruled that Morrison Supermarkets (Morrisons) was not vicariously liable for a data breach committed maliciously by a former employee who, acting to satisfy a personal vendetta against Morrisons, disclosed employee payroll data online.

(more…)

EmailShare
30 March 2020

Chambers 2020 Global Practice Guides for Data Protection & Privacy and Cybersecurity Available

The updated 2020 Chambers Global Practice Guides for Data Protection & Privacy and Cybersecurity, edited by Alan Charles Raul, are available, covering important developments across the globe and bringing expert legal commentary for businesses.  Read the intros to each Guide here and here.

EmailShare
26 March 2020

WEBINAR – COVID-19 – European and U.S. Cybersecurity Issues: Preventing and Responding to Cyber Incidents

Join OneTrust DataGuidance and Sidley for a webinar discussing COVID-19 and European and U.S. cybersecurity and cyber risk insurance issues.

The COVID-19 global pandemic presents unique legal and practical challenges for companies across all industries, including with respect to cybersecurity risks and protections. There are increased cyber vulnerabilities from insider and external threat actors, including cyber attacks on individuals and companies.

In this webinar, we will highlight the dynamic and evolving cybersecurity threats companies face as a result of the pandemic, and the global legal implications of a cyber breach in this new environment – and how they can reduce these risks, and effectively respond to a cyber incident.

(more…)

EmailShare
24 March 2020

COVID-19: Key EU And U.S. Cybersecurity Issues and Risk-Remediation Steps

The COVID-19 crisis has created significant cybersecurity risks for organizations across the world, particularly arising from remote working, scams and phishing attacks, and weakened information governance controls. These risks warrant attention by legal counsel and information security officers in light of potentially significant adverse legal, financial and reputational consequences that could arise – all while the organization is dealing with effects of a global pandemic.

In addition to identifying the cybersecurity risks, we also consider key measures that organizations can consider adopting to reduce such risks, including measures recommended by the UK’s National Cybersecurity Centre (NCSC), EU’s Agency for Cybersecurity (ENISA) and the US Federal Bureau of Investigation.  The speed at which the COVID-19 crisis has evolved has meant that many organizations have not been able to deploy effective risk-reducing measures in a timely manner.

(more…)

EmailShare
23 March 2020

U.S. Office of the Comptroller of the Currency Updates Third-Party Relationships Risk Management Guidance

On March 5, 2020, the Office of the Comptroller of the Currency (OCC) issued an updated set of answers to frequently asked questions (FAQs)1 regarding risk management in national bank relationships with third parties to further supplement its 2013 guidance, OCC Bulletin 2013-29 (the Bulletin),2 and its 2017 FAQs (Prior FAQs) on the topic.3 Twelve of the 27 FAQs are new and elaborate on a wide range of topics, including the broad intended scope of third-party risk management obligations, obligations of banks where negotiating power or access to information is limited, oversight of cloud computing providers and data aggregators and use of third parties in model development or delivery of alternative data for credit underwriting.

(more…)

EmailShare
12 March 2020

ICO Issues Data Protection and Coronavirus Guidance

In light of the ongoing Coronavirus (COVID-19) pandemic, the ICO has today issued guidance on “Data protection and coronavirus: what you need to know” for data controllers. The ICO has also published advice for healthcare practitioners. Guidance has also been issued by many other Data Protection Authorities in other European countries. (more…)

EmailShare
1 2 3 20
XSLT Plugin by BMI Calculator