Third-party vendors
-
Data Insights Shoosmiths 2026: Security in the age of AI abuse
The practical reality of AI-augmented threats, who should be responsible for governance, and how to deal with the pitfalls of vendor management.
-
The EU’s DORA: Strategic implications for third-party financial service providers
Many global organizations have learned that without appropriate oversight, third parties can become liabilities. Max Veve says DORA is the stand out regulation.
-
Mills Review shows FCA positive but cautious about AI use in financial services
The review represents a shift from monitoring AI to assessing long-term impact on markets and consumers.
-
EU revises cybersecurity rules to shield critical infrastructure and supply chains
New cybersecurity package includes changes to the Cybersecurity Act and NIS 2 Directive.
-
The EU Data Act – practical considerations for data holders
This article highlights some key definitions, limitations, and exemptions as they apply to organizations working with and processing data.
-
EU designates critical ICT third-party providers under DORA
European supervisors carried out a systematic assessment of the importance of each service provider to the financial sector, before deciding on designation.
-
Golsan Scruggs 2025 RIA Risk Survey highlights fraud and cyber concerns
Cyber risk remained in the top tier of concern as regulatory risk slipped.
-
New York’s new guidance on third-party service provider cyber risk
The guidance does not impose new requirements; it helps NYDFS-regulated institutions meet existing obligations in light of evolving vendor-related cybersecurity risks.