Tech & Sourcing @ Morgan Lewis

We invite you to join us for Data 2025, our upcoming Tech & Sourcing webinar series. In this series of webinars, our lawyers will consider the key global challenges facing businesses in their use of data.

UK financial regulators recently published their supervisory expectations for critical third party service providers (CTPs) to the financial sector under the United Kingdom’s new regime extending regulatory oversight to CTPs. The final rules align with key themes of other regulatory regimes seeking to reinforce operational resilience (e.g., the EU Digital Operational Resilience Act (DORA)) around risk management, supply chain management, and incident management, among other areas.

The rapid adoption of generative AI (gen AI) is driving increased cloud consumption.

In the case of the ownership of intellectual property (IP) developed by a supplier as part of a service agreement with a customer, should the traditional position that the customer should own all developed IP always be the position agreed upon by the parties?

The UK Financial Conduct Authority (FCA) on October 31, 2024 published observations and key lessons from how firms responded to the CrowdStrike IT outage. The outage caused disruption across several industries globally, and the FCA highlights for UK financial services the importance of ensuring operational resilience in order to minimize the potential impact of future events on consumers and markets.

According to OECD data, by 2020 digital trade represented 25% of global trade, amounting to just under $5 trillion. Digitalization of economy is on the agenda for many national governments as they come to appreciate the transformative power of technology in reducing transactional expenses and improving the competitiveness of their economies.

Artificial intelligence (AI) is top of mind for all businesses looking to grow. Economic researchers point to AI as a key factor to boost the economy, and believe that AI could result in billions, if not trillions, of dollars in technology-related spending. However, this potential growth will not be possible in isolation; it requires massive amounts of supporting infrastructure.

On October 30, Morgan Lewis will be hosting the annual Tech & Sourcing Summit in New York. This full-day event will bring together our lawyers and industry leaders and conclude with a keynote speech by best-selling author and renowned futurist Dr. Daniel Susskind and a networking reception.

One of the commonly advertised features of AI is that it is beneficial for automation and increasing productivity. When a company considers improving its productivity and employing an AI tool, it will typically go through a contracting process with the service provider and assess the terms of use and associated risks for the business. But what happens if an employee presses on and starts using an AI tool that was not vetted by the company?

In our latest blog post on preparing for the EU’s Digital Operational Resilience Act (DORA), entering into force on January 17, 2025, we take a look at second-level requirements under DORA covering the classification and reporting of major information and communications technology (ICT) related incidents. These requirements will need to be addressed through operational risk management frameworks and contract remediation efforts with technology vendors.