Thought Leadership

Null

Checklist: 10 steps to help you meet September’s NFM-rule deadline

With the FCA’s September 2026 NFM deadline looming, we’ve created a 10-step checklist to help FSMA-authorized firms prepare - covering policy, HR, surveillance, training, and regulatory notification requirements

Weak links in the chain: A compliance guide to third-party risk

Learn how to spot third-party risk red flags early, from unestablished vendors to multi-vendor security gaps, and stay ahead of FCA, DORA, and SEC rules.

Is the secret to AI compliance treating it like a human?

With the ESA’s first report on major ICT-related incidents finding that operational risks are becoming borderless and interconnected, is it time for firms to reassess their security and resilience measures?

Article

“Built for another era” – Are current regulations amplifying AI risk?

With the U.S. Treasury’s recent AI innovation roundtables highlighting that regulatory frameworks “built for another era” may be increasing compliance risks by making firms reluctant to innovate, how can regulators work with the industry to support the deployment of advancing technologies?

Article

What can 3,000 ICT incidents tell us about operational resilience?

With the ESA’s first report on major ICT-related incidents finding that operational risks are becoming borderless and interconnected, is it time for firms to reassess their security and resilience measures?

Are we future ready? – How to avoid an AI dystopia

There exists a future in which regulated industries will likely use and rely on AI interfaces to make decisions and speak to consumers, so how can firms ensure they are ready for this change?

What the DOJ’s shortened FCA review timeline means for healthcare and life sciences organizations

A new memorandum compresses FCA reviews from years to months, leaving organizations far less runway to investigate, respond to, and comply with DOJ inquiries.

Now you see it, now you don’t – Why ephemeral messaging capture remains critical for compliance

Regulators like the SEC, CFTC, and DOJ continue to expect firms to maintain proactive compliance programs that support investigations and protect against fraud, which includes managing the use of disappearing messages. We explore the compliance implications of ephemeral messaging and outline practical steps to mitigate risk and meet regulatory obligations.

Will AI be the next off-channel communications scandal?

Off-channel communication risks are a tale as old as time, and AI is just a new character in the regulatory story. Firms must see it as another channel to capture and monitor for misconduct, and enlist tools and policies to ensure compliant use.

Article

Listen closely: Why voice capture should be a compliance priority

As regulators ramp up the fight against financial crime, firms should ensure they’re maintaining oversight of voice channels alongside other business communications to uncover misconduct.

5 Tips to enhance voice surveillance

With regulatory expectations around voice channels increasing, firms need to ensure that they’re not only capturing relevant voice channels, but using voice data to enhance their surveillance and compliance.