Compliance

Subscribe to Compliance

한국어 번역문은 이곳을 클릭해주시기 바랍니다.

The New York State Department of Financial Services (“DFS”) is proposing a new regulation that would allow banks to share confidential supervisory information with their attorneys or an independent auditor without gaining prior approval from the department.

Banks currently need written approval from DFS each time they want to share confidential supervisory information with their advisors. The proposed new regulation would streamline operations by making it easier for banks to share relevant information with their advisors.
Continue Reading New York DFS Plans to Streamline Supervisory Information Sharing

한국어 번역문은 이곳을 클릭해주시기 바랍니다.

The United States government has a powerful new tool to gain access to data stored overseas – the CLOUD Act, which was enacted this spring. If you are a company based overseas, particularly if you use a cloud service provider with a significant U.S. presence, it just got a lot easier for the U.S. government to get your data, and the data you hold for your customers.[1]

Background to the CLOUD Act

Since 1986, U.S. law enforcement’s access to electronic data held by private third parties has been regulated by the Electronic Communications Privacy Act (ECPA,18 U.S.C. § 2510 et seq). That law was enacted, in part, to extend government restrictions on wire taps from telephone calls to include transmissions of electronic data by computer and stored electronic communications. These issues are addressed in Title II of ECPA, known as the Stored Communications Act (SCA). While ECPA and the SCA have been amended several times since 1986, their primary provisions have remained the same, meaning that much of American law relating to government access to electronic data held by third parties was in fact drafted several years before email was commonly used and the World Wide Web was even created.
Continue Reading Foreign Companies: Does the U.S. Government Now Have Access to Your Overseas Data?

한국어 번역문은 이곳을 클릭해주시기 바랍니다.

On February 9, 2015, the United States’ Food & Drug Administration (“FDA”) issued final guidelines[1] to outline its regulatory enforcement approach to mobile medical applications (or “apps”).  The FDA is taking a risk-based approach, focusing its oversight on apps that (1) meet the definition of medical devices under section 201(h) of the Federal Food Drug and Cosmetic Act, and (2) could pose a risk to a patient’s safety if the app did not function as intended.  The FDA will not exercise authority over apps that are not medical devices under section 201(h), nor will it enforce its rules and regulations against the numerous apps that meet the definition of medical devices but present only minimal risk to consumers or patients.
Continue Reading U.S. FDA Issues Guidance for Mobile Medical Applications: What Will be Subject to FDA Oversight and Enforcement?