Experience

• • A large software company in an internal investigation regarding possible data theft.
  • A global pharmaceutical company in an internal investigation into Al-related IP theft and data-loss prevention.
  • A global pharmaceutical company on Al governance and regulatory compliance issues across a decentralized collection of business units with distinct operational and regulatory risk profiles.
  • The Securities Industry and Financial Markets Association (SIFMA) and the Global Financial Markets Association (GFMA), leading trade associations that represent the financial services industry, in preparing comment letters regarding regulatory developments in cybersecurity, operational resilience and artificial intelligence.
  • A major entertainment company and a Fortune 500 company in negotiations of agreements with Microsoft, OpenAI, AWS and/or Google related to generative AI services.
  • A leading private equity firm in an SEC exam focusing on artificial intelligence that ended with a “no findings” letter.
  • A Fortune 500 financial services company on EU Digital Operational Resilience Act and EU AI Act preparedness.
  • A major U.S. medical data provider on IP protection and Al licensing issues.
  • A multinational publishing company on licensing of non-fiction works for AI training and development.
  • A leading private equity firm concerning reputational, regulatory, operational, and governance risks related to artificial intelligence.
  • A global fraud prevention platform in developing a comprehensive artificial intelligence ethics and governance framework, including relevant policies and procedures, governing committees, trainings, board briefings, and AI tabletop exercises.
  • A major FinTech company on a broad range of artificial intelligence and data privacy issues concerning its use of machine learning and big data technologies, including related to the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, and the DFS cybersecurity regulation.
  • A Global Financial Services firm in several cybersecurity events relating to compromised accounts, phishing attacks, and other attempts to gain unauthorized access to the company’s computer systems.
  • A global media company on intellectual property issues related to the license of archival media content for AI training and development.
  • A major international bank in a comprehensive AI risk assessment for their artificial intelligence programs.
  • Bank Hapoalim in a cross-border tax investigation by the United States Department of Justice, Federal Reserve, and New York Department of Financial Services.
  • A leading financial institution with federal bank supervisory expectations concerning artificial intelligence and data governance.
  • An international pharmaceutical company on a comprehensive global review of Al governance.
  • Several large insurance companies on artificial intelligence (AI) governance, AI regulatory compliance, AI risk assessments, AI policies, AI vendor management, AI bias training, AI incident playbooks, AI tabletop exercises, and board briefings on AI risk and oversight.
  • Several large U.S. companies that have experienced large-scale ransomware attacks and data thefts.
  • Multiple financial services companies in regulatory examinations and enforcement matters related to use and marketing of Al and machine learning.
  • Several large private equity firms on implementing AI policies, creating AI governance committees, responding to regulatory inquires on AI use, AI vendor risk management, AI training and risk management for portfolio companies.
  • Several large insurance companies on AI governance, regulatory compliance (including drafting Colorado AI certifications), risk assessments, AI policies, AI vendor management, bias assessments and training, AI incident playbooks, AI tabletop exercises, and board briefings on AI risk and oversight.