Regulatory Landscape

Now you see it, now you don’t – Why ephemeral messaging capture remains critical for compliance

Regulators like the SEC, CFTC, and DOJ continue to expect firms to maintain proactive compliance programs that support investigations and protect against fraud, which includes managing the use of disappearing messages. We explore the compliance implications of ephemeral messaging and outline practical steps to mitigate risk and meet regulatory obligations.

Regulatory Wrap episode 79: AI, AML, and Robocop

In Regulatory Wrap for the week to April 24, Jay Hampshire breaks down how FinCEN is encouraging firms to utilize AI-enabled tools to more effectively fight against financial crime.

Why Canadian banks need strong mobile device management

Regulators are making mobile communications compliance a 2026 priority for Canadian firms

How can financial services firms ensure their operational resilience?

Operational resilience must become a boardroom priority for firms as they protect themselves from becoming vulnerable to cyberattacks and regulatory scrutiny.

Crypto Decrypted: Strengthening crypto fluency to manage evolving risks

Digital assets offer numerous opportunities for both firms and markets. However, to circumvent risk and meet regulatory expectations, firms must build high standards of crypto fluency amongst compliance teams.

Implementing Sustainable Finance Disclosure Regulation obligations for investment firms

As investors demand greater accountability around environmental, social, and governance (ESG) factors, the EU's Sustainable Finance Disclosure Regulation (SFDR) has put the onus on investment firms to make sustainability disclosures with verifiable data to meet SFDR regulation requirements.

Article

EU NIS2 Directive for Financial Entities

The digital backbone of Europe’s economy, energy grids, transport networks, banks and healthcare, is under constant attack. Escalating cybersecurity threats, with 60% of attacks via phishing, have caused the EU to introduce the NIS2 Directive in an attempt to drastically strengthen cybersecurity and resilience.

Article

Firm fined £14 million for data protection failings after cyber-attack

A firm has been fined after it failed to properly protect the data of millions of customers after it was hit by a major cyber attack back in 2023.

CPPA issues record $1.35 million fine for data privacy failures

The California Privacy Protection Agency has issued the largest fine in its history, levied against a business for multiple violations of the California Consumer Privacy Act.

FCA answers Call of Consumer Duty

The Financial Conduct Authority is updating its Consumer Duty approach to balance consumer protection with reducing compliance burdens on firms. It aims to clarify expectations, support innovation, and ensure fair outcomes.

FCA crypto consultation proposes firms play by conduct and resilience rules

The Financial Conduct Authority is consulting on which minimum rules should apply to cryptoasset firms, particularly regulations governing operational resilience, governance, and the conduct of senior staff.