Posted

GettyImages-cloud-security-300x200On February 8, 2023, the U.S. Department of the Treasury released a report citing its “findings on the current state of cloud adoption in the sector, including potential benefits and challenges associated with increased adoption.” Treasury acknowledged that cloud adoption is an “important component” of a financial institution’s overall technology and business strategy, but also warned the industry about the harm a technical breakdown or cyberattack could have on the public given financial institutions’ reliance on a few large cloud service providers. The Treasury also noted that “[t]his report does not impose any new requirements or standards applicable to regulated financial institutions and is not intended to endorse or discourage the use of any specific provider or cloud services more generally.”

Continue reading

Posted

The Consumer Financial Protection Bureau (CFPB), the primary federal regulator charged with enforcing consumer financial protection laws, recently announced a proposed rulemaking that would require the myriad non-banks subject to CFPB authority to disclose various consumer contract provisions that the CFPB deems potentially harmful on a public registry. These provisions include arbitration requirements; waivers of claims a consumer can bring in a legal action; limits on a company’s liability to a consumer; clauses limiting a consumer’s ability to bring legal actions by dictating the time frame, form, or venue for legal action; limits on the consumer’s ability to voice complaints or post reviews; and other waivers of consumer rights and legal protections.

Continue reading

Posted

For some time the position under English law relating to the recovery of liquidated damages from a contractor as penalty for late delivery has been unclear where the contract terminates before the contractor completes the work. Welcome clarity has now been provided by the Supreme Court in the case of Triple Point Technology Inc v PTT Public Company Ltd. The decision means that unless the liquidated damages clause “clearly” provides otherwise, liquidated damages for any work not completed by the date provided for in the agreement can be claimed for the period up to the date of termination.

Continue reading

Posted

In UK Financial Regulators to Oversee Critical Third Parties, our colleagues Lee Rubin and Mark Booth discuss the proposed new regime that will grant UK federal regulators a range of powers over third parties that provide critical services to the financial sector.

Posted

In “Regulators Zero In on AI,” colleagues  and  examine the increased focus of financial services regulators on how businesses use artificial intelligence (AI) and machine learning (ML) in underwriting and pricing consumer finance products.

Posted

Multicloud-1318623693-300x169Modern cloud computing only came into existence about 20 years ago, but now virtually all enterprises (99%) are using cloud services. Cloud adoption accelerated further in the last two years because of the COVID pandemic as a result of an increase in remote work, the evolution of online business strategies (e.g., e-commerce), and the focus on business resilience. In addition, given budget uncertainties, moving technology tools, data and storage to the cloud usually results in significant cost savings to an organization, which is the top priority for organizations using cloud services six years in a row.

Continue reading

Posted

EPDB-logo-300x300The European Data Protection Board (EDPB), the body which represents EU data protection authorities, has adopted guidelines (Guidelines) confirming when transfers need to be “safeguarded” in accordance with the GDPR (and importantly when they do not). In particular:

Continue reading

Posted

EPDB-logo-300x300This week the European Data Protection Board (EDPB), a body that represents European data protection authorities, set up a new cookie banner taskforce. The new taskforce will coordinate the response to over 400 complaints concerning cookie banners filed by a nonprofit organization founded by Max Schrems, None of Your Business (NOYB).

Continue reading

Posted

IBM logo, classic blue horizontal lines on white spelling acronymMajor mergers and spin-offs by IT service providers are rare, but when they occur (e.g., Xerox’s acquisition of ACS in 2010 and Atos’ subsequent acquisition in 2014, HPE’s 2017 spin-off of its Enterprise Services business and merger with CSC in the form of DXC), pause and consider your options. These are major corporate events that generally redirect a supplier’s focus and internal attention on change management, creating a new business model and developing a corporate culture—not easy stuff and in some cases can have a direct impact on “how” and “how well” services are provided to customers. At a minimum, important contracting work may preserve commitments and benefits of your existing deal.

Continue reading

Posted

abstract data into black hole

The last decade saw explosive growth in enterprise migration to the cloud, a trend driven by the promise of lower overhead costs and greater scalability. Given this, many have made the leap and moved both non-mission-critical workloads and mission-critical functionality into the cloud.

This is where “data gravity,” a phrase coined by Dave McCrory comes into play. Data gravity is the “effect that attracts large sets of data or highly active applications/services to other large sets of data or highly active applications/services, the same way gravity attracts planets or stars.” So, in the simplest terms, data gravity is the idea that increasing volumes of data can cause data to function like an anchor, making it increasingly difficult to move as the data in question continues to increase.

Continue reading