Mike Pierides and James Mulligan co-authored an article in the Journal of Securities Operations & Custody which explores key themes of outsourcing and third-party risk management regimes that apply to financial entities and their service providers. The article serves as a compendium of key differences between regulatory expectations on resiliency and outsourcing, highlights key best practices and challenges to implementing these expectations, and, finally, considers the impact of artificial intelligence solutions on such regulatory expectations.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
On January 14, the UK government published a consultation on new measures to tackle the increasing threat of ransomware attacks. Ransomware is malicious software (malware) that infects a victim’s computer system and prevents the victim from accessing IT systems, significantly impairs their use of ICT systems, and/or facilitates the theft of sensitive data. A ransom is then demanded for restoration of use and/or data and, as we previously noted, the cost of ransomware attacks is increasing nearly 20% year-on-year.
European regulators recently published clarifications on the scope of ICT services under the EU Digital Operational Resilience Act (DORA), prepared by the European Commission, which confirms previous guidance and enables financial entities to take out of scope certain services which form part of regulated financial services.
Please join us for our fourth annual Artificial Intelligence Boot Camp, during which Morgan Lewis lawyers will discuss the latest developments, insights, and impacts of AI usage and integration for companies of all sizes and industries.
Please join us on Wednesday, February 5, 2025, from 12:00–1:00 pm ET as partners Ksenia Andreeva and Kristin Hadgis and associate Oliver Bell provide a global update on data handling and compliance issues with a focus on the United States, Europe, and the Middle East.
On January 13, 2025, the United Kingdom’s Prime Minister Sir Keir Starmer announced the UK AI Opportunities Action Plan. The AI Opportunities Action Plan outlines the UK’s intentions to become a world leader in artificial intelligence technology for the benefit of private businesses and their customers as well as for all UK residents via AI-enabled public services.
On January 8, 2025, partners Doneld Shelkey, Mike Pierides, and Marina Aronchik presented an Outsourcing and Technology 2025 webinar as part of the Morgan Lewis Tech & Sourcing Webinar Series: Data 2025.
Starting as of Friday, January 17, 2025, financial entities must now be compliant with the EU’s Digital Operational Resilience Act (DORA). Implementation efforts have accelerated in recent months to meet the deadline and in many cases are still ongoing. The European Supervisory Authorities (ESAs) published a joint statement last month emphasizing the importance of financial entities adopting a robust, structured approach in order to meet their obligations in a timely manner.
On January 14, 2025, President Joseph R. Biden issued an Executive Order aimed at advancing US leadership in artificial intelligence (AI) infrastructure, focusing on the development of AI data centers on federal lands. Developers selected through a solicitation process will have the opportunity to lease select federal lands for constructing AI data centers and the energy infrastructure needed to power them.
The Kingdom of Saudi Arabia’s (KSA’s) Personal Data Protection Law (PDPL) marks a significant milestone in protecting personal data in the region. Overseen by the Saudi Data and Artificial Intelligence Authority (SDAIA), the PDPL applies to all entities processing personal data of individuals residing in the KSA regardless of the physical location of the data processing activities, whether within the KSA or not.