On May 2, A.J. Zottola published “Technology vendor contract review for financial institutions—the key AI, data and fintech risks” in Westlaw Today. The following is an excerpt:
Venable LLP attorney Armand J. (A.J.) Zottola outlines the dangers financial institutions must consider when reviewing technology vendor contracts.
Financial institutions have always relied heavily on technology, but AI, data aggregation, and platform-based systems are changing how they contract for and license it. Banks, private equity firms, asset managers, and investment banks are not just buying tools anymore—they are embedding third-party technology into core investment, trading, and risk functions.
That shift is creating new technology contract and IP licensing challenges that go beyond traditional enterprise SaaS concerns.
Sensitive financial and proprietary data may be bleeding into vendor models
Financial institutions operate on highly sensitive, often proprietary datasets, such as trading strategies, portfolio compositions, pricing models, and deal pipelines. Vendors providing analytics, AI models, or portfolio management tools frequently require access to this data to deliver their services.
The issue is no longer simply confidentiality, but how data is reused. Many vendors now seek rights to use client data (often in "aggregated" or "de-identified" form) to train models, enhance benchmarks, or develop commercial products. In financial services, this can create acute competitive risk. Even anonymized data can reveal valuable hedge fund trading strategies or PE deal activity.
To address this, contracts should clearly prohibit using client data for model training, limit pooling data across clients, and specifically exclude trading, pricing, and investment strategy data from any reuse.
For the full article, click here.