Archive: October 2022

Privacy and cybersecurity practices of target companies are being increasingly scrutinized throughout the due diligence process in M&A transactions. Particularly, buyers want to understand the risk and value inherent in sellers’ data assets and sellers want to manage transactional and post-closing risks.

As reported in our previous blogpost, on 7 October 2022, the US White House published an Executive Order on enhancing safeguards for United States signals intelligence activities (EO).

On Tuesday, 18 October 2022, the European Commission (“the Commission”) published a communication setting out an EU Action Plan for Digitalising the Energy System. Amongst initiatives focussed on improving the functioning of the EU’s energy markets, such as the creation of a common European energy data space, improving strategic European coordination for energy markets, promoting investments in digital electricity infrastructure and enhancing consumer protection, as well as strengthening cybersecurity and resilience in the energy system, the Commission looks at addressing energy consumption of the ICT system. In this context, alongside measures addressed at data centres and cloud services, the Commission will consider energy consumption of crypto-assets.

In July of this year, the Office of the Superintendent of Financial Institutions (OSFI) released the final version of its Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. FRFIs will need to ensure that they have taken steps to comply with the requirements of the Guideline prior to it coming into effect on January 1, 2024.

On 11 October 2022, the Financial Stability Board (FSB) published a consultative report which sets out a number of proposed recommendations to promote the consistency and comprehensiveness of regulatory, supervisory and oversight approaches to crypto-asset activities and markets intended to strengthen international cooperation, coordination and information sharing. The recommendations apply to any type of crypto-asset activities and associated issuers, service providers (including intermediaries such as crypto-asset trading platforms) that may pose risks to financial stability.

On 12 October 2022, the International Organization of Securities Commissions (IOSCO) published a final report on retail distribution and digitalisation.

On 11 October 2022, the PRA and FCA jointly published Discussion Paper 22/4 ‘Artificial intelligence and machine learning’ (DP22/4).

On 10 October 2022, the Financial Stability Board (FSB) published the priority themes for the next phase of work under the G20 Roadmap for Enhancing Cross-Border Payments. The FSB has also published a report on the progress made during the second year of the Roadmap. The two reports are being delivered to G20 Finance Ministers and Central Bank Governors for their meeting in Washington DC on 12-13 October 2022.

Critical to obtaining effective relief against a wrongdoing defendant is being able to serve process on that defendant in a manner that the forum hearing the dispute will deem sufficient, and that meets constitutional due process requirements for giving a defendant notice. Sometimes, though, this is easier said than done. This is especially so when litigating matters involving cryptocurrencies and other blockchain tokens. In such cases, the defendants being sued not infrequently operate only anonymously or pseudonymously, without ever disclosing their true names, physical addresses or even their general location—and that location might be anywhere in the world.

On 7 October 2022, the US White House published the Executive Order on enhancing safeguards for United States signals intelligence activities. This action is the first part of the US legal apparatus required for the EU Commission to find certain transfers to the US to be adequate. It is also likely in due course to make it easier to find more transfers under SCCs and BCRs to the US are compliant under transfer impact assessments.