On January 28, 2025, FINRA released its 2025 FINRA Annual Regulatory Oversight Report (the “Report”). As was the case in 2024, the Report highlights continuing and emerging trends in artificial intelligence (“AI”) in the financial services sector, among other topics. In this Debevoise Client Update, we review the Report’s discussion of common generative AI (“Gen AI”) use cases, existing FINRA…

After many rounds of motions to dismiss, intellectual property cases against AI developers are moving into the discovery phase.  As we previewed in our 2024 AI year in review, one of the big areas to watch in 2025 will be how much discovery courts are prepared to order into the inner workings of AI companies, especially in the face of…

The first wave of the EU AI Act’s requirements came into force on 2 February 2025, namely: Prohibited AI: the ban on the use and distribution of prohibited AI systems, and AI Literacy: the requirement to ensure staff using and operating AI possess sufficient AI literacy. All businesses caught by the EU AI Act’s jurisdictional scope – which is potentially…

Introduction On December 20, 2024, the Federal Trade Commission (the “FTC”) finalized a consent agreement (“Consent Order”) with Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC (collectively, “Marriott”) to settle allegations that Marriott failed to implement reasonable data security measures, resulting in three large data breaches from 2014 to 2020 and affecting more than 344 million customers…

On December 19, 2024, the U.S. Department of Treasury (“Treasury”) released a report on The Uses, Opportunities, and Risks of Artificial Intelligence in the Financial Services Sector (the “Report”). The Report summarizes key themes from comments from a variety of industry stakeholders (“respondents”) in response to Treasury’s June 2024 Request for Information (“RFI”), and recommends several next steps for financial…