Collection, analysis and monetization of Big Data are rapidly changing the financial services industry, upending the longstanding business practices of traditional financial institutions, giving rise to innovative alternatives and breathing life into a host of service providers. By leveraging vast data repositories, companies can make better investment decisions, reach new customers, improve institutional risk control and capitalize on trends before their competitors. But given the sensitivity of financial information, Big Data also spawns a variety of legal and other challenges for financial services companies.

WilmerHale's Big Data Practice helps financial services companies—and the vendors who serve them—navigate privacy concerns and cybersecurity risks; complex technology transactions and licensing; thorny IP applications and registrations; and disputes about who owns Big Data, the algorithms and devices used to process it, and the insights that are extracted from it. We represent a diverse array of industry players on Big Data issues, including global banks, large and small investment advisors, insurance companies, hedge funds, management consulting firms, retirement plan sponsors, online banking alternatives, FinTech and other service providers, and a range of other entities throughout the financial ecosystem.

Download our Big Data financial services industry fact sheet.

For more information, visit our Big Data page or contact us at

Industry-Specific Issues

  • Analytics, data mining and data monetization: Financial institutions and their service providers collect troves of financial and other sensitive data. We help our clients navigate laws and contract terms that strictly regulate this information and help them implement lawful ways to draw insights from, and in some cases profit from, the data they obtain.
  • Algorithmic fairness/discrimination: Financial institutions often use Big Data to make decisions about whether to extend credit or provide other financial products or services to individuals. We help our clients comply with sector-specific laws, such as the Fair Credit Reporting Act and Equal Credit Opportunity Act, and be attentive to emerging issues related to algorithmic fairness.
  • Privacy/cybersecurity: We counsel our clients on a variety of privacy and cybersecurity laws and regulations, many of which apply only to financial institutions, such as the Gramm-Leach-Bliley Act, Right to Financial Privacy Act and state analogues.
  • Securities laws: Financial institutions increasingly use Big Data to make investment decisions. But this raises thorny questions about equal access to information, potential violations of duties to the sources of the data, and other issues that have substantial implications under the securities laws. If acquired, analyzed or leveraged inappropriately, big data can give rise to civil or criminal insider trading charges and a range of other issues in the investment context.


Recent matters for clients include:

  • Negotiated several complex agreements between financial institutions and mobile payment providers, addressing such issues as data ownership, privacy, cybersecurity and data analytics for transactions made at brick-and-mortar stores using mobile phones.
  • Helped dozens of financial institutions and service providers respond to data breaches and other incidents, including one of the largest breaches ever reported publicly by a financial institution. Such work includes forensic investigation and analysis, crisis management and public relations, communication with the client's board of directors, drafting and sending letters to consumers, interfacing with regulators, and defending against investigations and enforcement actions.
  • Assist clients in assessing and minimizing legal and other risks of making investment decisions based on sensitive financial data and other information, including location data derived through mobile phones, detailed transaction data, tracking of online browsing behavior, social media streams and other data points.
  • Counsel financial institutions, SaaS providers and cloud services companies on legal and practical considerations with respect to outsourcing financial data to the cloud.
  • Help clients develop financial mobile apps and associated consumer disclosures, and counsel on implementation of TouchID security solutions for such apps.
  • Advise banks, credit card companies and other financial institutions on how to share data lawfully not just with service providers, but also with business partners and Big Data aggregators without violating securities, consumer protection, fair credit, privacy and cybersecurity laws.
  • Negotiate data analytics agreements, data outsourcing contracts, and technology transaction and licensing agreements on behalf of clients ranging from global banks and investment advisors to small hedge funds and FinTech service providers.