Bradley’s Privacy, Security, and Innovation team has served for decades as a trusted adviser to clients in the technology and financial services industries.

Our attorneys counsel a wide range of companies in the financial services sector – including financial institutions of all sizes – on managing risks associated with the collection, use, and transfer of sensitive personal data; sound privacy and security standards; and navigating the sometimes-gray areas of innovative technology and legal compliance.

Thanks to the firm’s deep experience in operating at the forefront of the industry, our team of multidisciplinary legal advisers offers unparalleled insight into today’s technological advances and constantly evolving privacy laws. Our partners have worked both in regulatory agencies and in-house at financial institutions, and include several certified privacy professionals as well as members of state bar committees who help shape the laws that govern our practice. We leverage this background to provide advice that not only pulls from current legal frameworks, but anticipates and adapts to the changing landscape of the business, legal, technological, and regulatory environment in which our clients operate.

Bradley lawyers understand the business needs of our clients and provide service far beyond dry legal advice, seeking solutions that meet client goals while remaining within the confines of the law. In the dynamic field of data technology and financial privacy, changes come rapidly such that many businesses find themselves operating in undeveloped areas of law. To meet the demands of this uncertain environment, financial services companies require experienced counsel to analyze how regulations and enforcement actions may affect new products and services, and to advise on proactive measures to limit potential exposure.

Our services include the following key areas:

Bradley’s privacy, security, and innovation team has more than two decades of experience in privacy and information security law. Thanks to our diversity and breadth of experience, we can assemble the right team quickly and efficiently to provide counsel tailored to financial institutions of various sizes across industry sectors and regulatory schemes at each point of the data management lifecycle.

We counsel our clients on state and federal data privacy requirements and through all phases of the risk management process, including assessment, protection, response and mitigation, and resiliency and recovery. Our legal team helps minimize the risk of a data breach and works closely with companies to comply with the myriad laws in force for all such organizations, large or small. We advise clients on prospective risk avoidance through drafting, reviewing, and analyzing privacy programs, data policies, customer notices and agreements, and third-party service provider contracts. We also collaborate with in-house counsel, privacy officers, risk managers, business units, and data breach responders to develop effective legal solutions for their unique business needs.

In the unfortunate event of a data breach, we assist our clients in responding and provide guidance through the ensuing recovery and resiliency stages, including investigation, reporting, and disclosure, as well as assisting with public relations, law enforcement, regulatory consequences, liability exposure, and litigation, if necessary.

For almost 25 years, Bradley attorneys have assisted clients in a broad range of industry verticals in electronic financial services. Bradley continues that tradition by assisting clients in a wide variety of matters relating to financial technology (FinTech), including:

  • Online and mobile banking
  • Mobile application technology
  • Development of new digital products and services
  • Electronic disclosures
  • Third-party vendor and partner management
  • New payment technologies
  • Digital currencies
  • Blockchain
  • Digital identification
  • Geolocation
  • Cloud sharing
  • APIs
  • Biometric authentication
  • Encryption
  • Data analytics
  • Security and privacy architecture

Our team works closely with clients to analyze existing digital financial services and emerging technologies, and provides advice on new products and services that is tailored to both the business goals of our clients and the regulatory and legal framework under which they operate.

In addition to legal matters, our attorneys focus on pragmatic concerns such as business objectives, reputational risk, and customer service. We work to align our clients’ business goals with the wants and needs of their customers, while prioritizing the protection of personal information.

Our privacy, security, and innovation team works closely with our IP and technology transactions teams. In addition to Bradley’s national presence, the firm is involved in licensing technologies internationally, including China, India, the United Kingdom, Japan, Australia, and various Latin American and Middle Eastern countries. The dynamics of our team help clients keep pace with the rapidly evolving and increasingly complex legal world of digital financial services.

Our team further counsels financial institutions on:

  • Online advertising and marketing
  • Data-sharing programs
  • Direct marketing relationships
  • Privacy and data security program assessments and reviews (including NIST and FFIEC)
  • Payment card data security
  • Online and electronic transactions
  • Contracting and disclosures
  • Data retention policies
  • Joint marketing and service provider agreements
  • Social media, BYOD, and email policies and training

Bradley’s attorneys keep up with the rapid spread and evolution of data breach attacks, technology, and related laws and regulations to develop solutions before problems arise for our clients. When a client approaches us with an issue, we prioritize the selection of a carefully crafted team to develop custom solutions that address both the client’s short-term needs and long-term success.

Because financial technology, privacy, and information security are ever-evolving areas, business vertical developments often outpace legal developments. Our team is proactive in assessing risks and making informed judgments to fill in the gaps when current law does not resolve a particular regulatory or legal issue.

Bradley’s privacy, security, and innovation team works side by side with clients to advise on management, oversight, and review of third-party risks. We provide advice on vendor agreements, along with related regulatory guidance and requirements for management and oversight of the use of third parties, whether based domestically or abroad.

As regulators and litigation focus on the nexus between companies and their FinTech vendors, subsidiaries, and ventures, our team assists in the negotiation of agreements and implementation of compliance and oversight programs, as well as providing guidance to ensure that regulatory obligations are satisfied.

Thanks to years of working collaboratively with our financial services clients, we understand not merely the laws and regulatory requirements that apply to them, but – more significantly – we understand their businesses. This combination of sound technical experience in the regulatory arena and a firm grasp of our clients’ operations lets us deliver solid, practical advice to help financial service companies navigate successfully and profitably through the current regulatory environment.

As federal regulations and protections regarding consumers began to proliferate in the 1970s, we were there to handle all types of regulatory, consumer protection, and enforcement matters. Today, our attorneys are among the most experienced in the country and have spent their careers advising clients on regulatory issues, guiding them as the legal and regulatory environment and associated financial services technology have developed and changed.

Additionally, in light of the CFPB and FTC’s heightened focus on detecting discriminatory practices – including Unfair, Deceptive, or Abusive Acts or Practices (UDAAP)/Unfair or Deceptive Acts or Practices (UDAP) – we regularly work with clients to establish or enhance fair lending and fair servicing programs to meet business objectives, while maintaining compliance with the Fair Housing Act (FHA), Equal Credit Opportunity Act (ECOA), Home Mortgage Disclosure Act (HMDA), and predatory lending laws.

Members of our comprehensive regulatory practice include attorneys who counsel clients on risk management and compliance related to all types of financial products and services, such as mortgage lending (including HELOCs and reverse mortgages), mortgage servicing, auto lending, credit card lending, deposit products, student loans, electronic banking services, payment systems, and many others.

Bradley also acts in an advisory capacity, assisting clients in responding to regulatory examinations and inquiries, as well as in developing more-robust compliance and “best-practice” programs, often under the guidance of pending consent orders or regulatory directives. Our legal services extend to all aspects of financial services regulatory matters, including deposit and loan origination services, and assisting clients with melding new innovative technologies with bank powers under the OCC’s Responsible Innovation framework.