Products Intelligence Pricing Methodology Contact
TRADE & GEOPOLITICAL RISK

Data breach notification

Data breach notification obligations have direct operational weight for Trade and Geopolitical Risk teams, particularly where cross-border data flows intersect with export controls, sanctions screening systems, and third-party trade intelligence vendors. The U.S. Federal Trade Commission's Safeguards Rule amended notification requirements now apply to non-bank financial firms handling trade finance data, while the European Data Protection Board has issued binding guidance on breach timelines that conflicts with certain U.S. Treasury Office of Foreign Assets Control reporting windows. Compliance teams are currently pressure-testing incident response playbooks against both regimes to avoid a notification to one authority that inadvertently telegraphs sensitive counterparty data to another.

Watch

  • FTC Safeguards Rule 30-day notification trigger: does it cover your trade data vendors?
  • EDPB 72-hour clock runs parallel to OFAC SDN-related incident holds
  • Singapore PDPC mandatory breach notification threshold lowered in 2024 amendments
  • Conflict between EU notification disclosure requirements and U.S. export control confidentiality obligations
  • SEC cybersecurity incident disclosure rules now reach firms with sanctioned-party screening systems

Recent material activity in Trade & Geopolitical Risk

  • Apr 13, 2026 MATERIAL

    OFAC designates 14 entities linked to Russian defense procurement network

    The Treasury Department's Office of Foreign Assets Control added 14 entities and 6 individuals to the Specially Designated Nationals list for their roles in procuring critical technology components for Russia's defense i…

    Read a full sample brief →
  • Apr 10, 2026 MATERIAL

    BIS adds 22 Chinese semiconductor entities to Entity List for advanced chip diversion

    The Bureau of Industry and Security expanded export controls targeting Chinese semiconductor entities found to be diverting advanced computing chips through third-country intermediaries. New license requirements affect i…

    Read a full sample brief →