Open-source software (OSS), by its nature, is sometimes overlooked as part of technology transactions. OSS is often a key aspect of a business’s software ecosystem, whether it is used in internal systems or forms a fundamental part of solutions that are sold to customers or used to provide services to customers; however, OSS often sits in the background, as a foundation of a software solution, and can therefore go unconsidered by those not familiar with its uses, benefits, and risks.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
Please join us for a webinar co-hosted with local Indian counsel examining the key issues impacting deployment and use of technology in India.
The European Banking Authority (EBA) recently published a consultation paper (Consultation) that proposes to expand third-party risk management requirements for certain EU-regulated financial entities. The Consultation would extend the EBA’s current guidelines around outsourcing arrangements (EBA Guidelines) to all third-party services arrangements, excluding those services that are within scope of the EU Digital Operational Resilience Act (DORA), and would add further requirements to the existing guidelines, aligning with those requirements introduced under DORA.
Mike Pierides and James Mulligan co-authored an article in the Journal of Securities Operations & Custody which explores key themes of outsourcing and third-party risk management regimes that apply to financial entities and their service providers. The article serves as a compendium of key differences between regulatory expectations on resiliency and outsourcing, highlights key best practices and challenges to implementing these expectations, and, finally, considers the impact of artificial intelligence solutions on such regulatory expectations.
On January 14, the UK government published a consultation on new measures to tackle the increasing threat of ransomware attacks. Ransomware is malicious software (malware) that infects a victim’s computer system and prevents the victim from accessing IT systems, significantly impairs their use of ICT systems, and/or facilitates the theft of sensitive data. A ransom is then demanded for restoration of use and/or data and, as we previously noted, the cost of ransomware attacks is increasing nearly 20% year-on-year.
Please join us for our fourth annual Artificial Intelligence Boot Camp, during which Morgan Lewis lawyers will discuss the latest developments, insights, and impacts of AI usage and integration for companies of all sizes and industries.
Please join us on Wednesday, February 5, 2025, from 12:00–1:00 pm ET as partners Ksenia Andreeva and Kristin Hadgis and associate Oliver Bell provide a global update on data handling and compliance issues with a focus on the United States, Europe, and the Middle East.
UK financial regulators recently published their supervisory expectations for critical third party service providers (CTPs) to the financial sector under the United Kingdom’s new regime extending regulatory oversight to CTPs. The final rules align with key themes of other regulatory regimes seeking to reinforce operational resilience (e.g., the EU Digital Operational Resilience Act (DORA)) around risk management, supply chain management, and incident management, among other areas.
Our technology transactions, outsourcing, and commercial contracts team on October 30, 2024 held its annual industry summit in New York. The theme this year was Unleashing the Potential of Technology, with a focus on artificial intelligence (AI). Attendees included in-house counsel and sourcing professionals across a number of industries, including representatives from the client and vendor side. The diverse audience led to highly interactive discussions among some of the leading voices in the tech and sourcing fields.
The UK Financial Conduct Authority (FCA) on October 31, 2024 published observations and key lessons from how firms responded to the CrowdStrike IT outage. The outage caused disruption across several industries globally, and the FCA highlights for UK financial services the importance of ensuring operational resilience in order to minimize the potential impact of future events on consumers and markets.