Oliver Yaros

Technology and outsourcing transactions

Representative engagements include:

• Acting for HSBC, Morgan Stanley, Citi and Deutsche Bank on the creation of worldwide KYC / client onboarding financial industry utility known as KYC Services (KYC.com) as well as advising banks on the creation of other financial industry utilities and various multilateral outsourcing projects;
• Acting for HSBC in its negotiations on the design and development agreement with IHS Markit to create MyDeal, a digital technology app and underlying platform that enables the bank's employees and clients to access transactional, logistical and other updates relating to investor roadshows during the capital market fundraising process;
• Advising HSBC on a project to sell and monetise a “Know Your Client” software solution. The solution combines robotic process automation and machine learning technologies to significantly reduce the time it takes to check the compliance status of clients. Mayer Brown advised on the terms of the collaboration agreement with EXL to develop and bring the tool to market and to document the share of revenues earned by HSBC based on the uptake and success of the technology with other financial institutions;
• Acting for multiple clients operating in the financial services sector, including global systemically important financial institutions, on the negotiation of global, enterprise wide cloud agreements with leading technology service providers, including advising on AI licensing terms, data privacy and regulatory requirements;
• Advising a global bank on the outsourcing of its regulatory change function in multiple jurisdictions to a professional services organisation;
• Advising an international bank on its participation and contribution of technology into Project Voltron, a R3 led consortium project with 11 other financial institutions to create blockchain based smart contracts technology that banks can use to automate the creation, exchange and execution of purchase contracts and letters of credit used in trade finance;
• Advising a leading provider of online consumer personal loans in relation to the adoption of a personal loan blockchain solution;
• Advising Previse, a fintech company that uses artificial intelligence (AI) to transform global B2B commerce, on the development, ownership and licensing of its AI based online instant payments platform and the terms on which it permits customers, suppliers and funders to use that platform as well as its subsequent entry into a strategic partnership agreement with Mastercard; 
• Advising a commodity exchange on the outsourcing of IT functions;
• Acting on a large IT outsourcing transaction for one of the largest banks in Denmark;
• Advising a service provider on the development and deployment of internet connected device (IoT) technologies;
• Acting for Aurelius Equity Opportunities, a member of the Aurelius Group that focuses on investing in special situations and mid-market transaction opportunities in a broad range of industries, on the long-term outsourcing agreement entered into between BT Group plc and BT Fleet Solutions, under which BT Fleet Solutions, a leading end-to-end commercial fleet management operator, shall manage BT's vehicle fleet nationwide following Aurelius’ acquisition of BT Fleet Solutions from BT Group plc;
• Acting on a global outsourcing project for a global chemicals company as part of a joint venture with a sovereign backed entity;
• Acting for an international agrochemicals conglomerate on the global outsourcing of the management of its facilities and logistics;
• Working on a large IT outsourcing transaction for a global insurance provider;
• Acting on global HR business process and European payroll outsourcing projects for global providers of food and household products;
• Advising a well-known retailer on a back office outsourcing transaction for its online business;
• Advising a major record label on a worldwide outsourcing of its IT systems; and
• Advising a wine merchant on the development and implementation of an online wine trading and warehousing platform for its customers.

Artificial intelligence, data protection and cybersecurity

Representative engagements include:

• Advising multinational clients operating in financial services, private equity, insurance, pension fund management, professional services, real estate and facilities management, fast moving consumer and industrial goods and vehicle manufacturing, airline, international logistics, media and entertainment, telecommunications, gambling, online marketing, further education and charity sectors on preparing to comply and their ongoing compliance with all aspects of European data protection laws including the UK Data Protection Act, GDPR, the EU ePrivacy Directive, NIS Directives, the Cybersecurity Act, the Digital Operational Resilience Act (DORA) and the AI Act. This has included advising on the scope and applicability of these laws, requirements to appoint data protection officers, data mapping and recording, the drafting of fair processing notices, policies and procedures, conducting data protection impact assessments, advice and support on negotiating data protection agreements, addenda and arrangements with third party partners and suppliers, the creation of third party agreement playbooks, advice on security policies and data breach response procedures, measures to enable individuals to exercise their privacy rights and advice on international data transfers (including the implications of the invalidation of the EU-US Privacy Shield, the use of standard contractual clauses and the conduct of transfer impact assessments in response to the Schrems II decision);
• Advising major car manufacturers on the design, development and implementation of connected and autonomous vehicles projects by which personal and non-personal data will be collected from vehicles in Europe and used to provide solutions to European users via connected devices;  
• Advising a global financial institution on its AI and big data analytics project, which involved creating an AI and big data analytics risk governance framework to enable the business to classify data sources, assess and make decisions about the risks when seeking to utilize and monetize the insights and learnings obtained from AI supported data analytics performed on data sets for different use cases, such as to develop new products and services;
• Advising a sovereign investment fund on the creation and implementation of their anonymisation and de-identification guidelines and policy requirements for conducting "big data" data analytics projects;
• Advising a major fast food corporation on the European data protection aspects of its data analytics project with respect to data obtained from interactions with consumers via takeaway food ordering service providers;
• Advising Overmore, a lead generation and data analytics technology company focused on data that helps clients to tailor marketing communications to consumers, on developing personal data validation and e-marketing systems that comply with the GDPR and ePrivacy Directive requirements;
• Advising Mitie, a facilities management provider, on the data protection compliance requirements relating to the implementation of a connected workspace (IoT) solution to track and analyse the use of workspace by personnel in its and its customers buildings;
• Acting for a leading global construction machinery and equipment company on its application and implementation of binding corporate rules (BCRs) for the transfer of personal data throughout its organisation;
• Advising a global financial institution on the data protection requirements related to the construction and deployment of an international trade finance platform;
• Advising a fintech start up on the use and analysis of personal data uploaded by customers, suppliers and funders in its AI based online instant payments platform;
• Acting for numerous multinational clients on projects to achieve compliance with data protection laws in multiple jurisdictions worldwide in connection with IT and business process outsourcings (ITOs and BPOs);
• Advising a global financial institution in relation to a cyber-incident. Obtaining appropriate urgent injunctive relief against persons unknown responsible for the theft of data and implementing a multinational project and methodology for assessing the risks resulting from the personal data affected and complying with the notification and other obligations pursuant to GDPR and other relevant international standards;
• Advising international businesses operating in multiple industries including financial services, professional services, aviation, freight, international logistics, industrial manufacturing, media, hospitality and leisure on responding to cyber incidents that resulted in the exposure of personal data, including advising on appropriate notification and communication strategies to regulators, data protection authorities, affected customers, suppliers and data subjects;  
• Advising clients operating in multiple industries on developing global cybersecurity response plans, procedures and playbooks as well as the running of cyber simulation exercises for management teams with respect to ransomware and other cyber threats;
• Advising a telecommunications provider on the recovery of customer personal data taken by a former senior employee and compliance with applicable data protection requirements;
• Advising a retail business establishment on responding to a series of personal data breaches concerning its customers in compliance with its data protection obligations;
• Acting for an international chemicals company on responding to the exercise of subject access and other data protection rights by activists; and
• Advising numerous clients on responding to requests for disclosure of personal data from government, judicial and law enforcement authorities and overcoming conflicts in laws that prevent personal data being shared cross-border with them.

Intellectual property

Representative engagements include:

• Advising HSBC on a project to sell and monetise a “Know Your Client” software solution. The solution combines robotic process automation and machine learning technologies to significantly reduce the time it takes to check the compliance status of clients. Mayer Brown advised on the terms of the collaboration agreement with EXL to develop and bring the tool to market and to document the share of revenues earned by HSBC based on the uptake and success of the technology with other financial institutions;
• Acting for ARM Holdings on the acquisition of Sansa Security, a provider of hardware security IP and software for advanced system-on-chip components deployed in Internet of Things (IoT) and mobile devices;
• Advising Crédit Agricole’s wealth management arm, Indosuez, on its acquisition of majority stake in Wealth Dynamix, a fintech provider of lifecycle management solutions to private banks, and wealth management and asset management firms worldwide;
• Advising CDK Global, Inc., a leading provider of dealer management systems and integrated information technology solutions to the automotive retailing and adjacent industries, on the sale of its CDK international segment to Francisco Partners for $1.45 billion and also its acquisition of Roadster, Inc., an international digital automotive retail platform provider;
• Advising the founders of one of the most successful games ever released on the Roblox platform on the establishment of its new video games company and the complex IP ownership, branding and licensing arrangements put in place to enable the studio to protect, exploit and develop its games internationally;
• Advising Entertainment One on the acquisition of Alliance Films, a major film distribution company, for £143m;
• Advising Sun Hung Kai & Co. Limited, a Hong Kong-listed alternative investment financial services institution, in its Series B investment in Sygnum Bank AG (Sygnum), the world's first digital asset bank based in Switzerland and Singapore;
• Advising EMK Capital, a private equity firm, on its acquisition of Trustonic Limited, a world-class provider of cybersecurity solutions for protecting critical mobile apps, smartphones, wearables, IoT devices, health tech, and automotive systems;
• Advising on the sale of the RBS Smaller Companies Index to Numis;
• Advising Inspirit Capital, a UK based PE investment fund, in connection with its acquisition of the civil training business of Babcock International plc;
• Advising Pernod Ricard SA on the acquisition of The Whisky Exchange direct to consumer online platform and on the disposal of the Tormore whisky brand and distillery; 
• Advising Mitsubishi Corporation and Nippon Telegraph and Telephone Corporation (NTT) on the purchase of a 30% interest in HERE Technologies, a provider of mapping and location data, navigation software and related services;
• Advising Brookfield on the acquisition of Center Parcs, a holiday resort operator;
• Advising Melrose Industries plc and GKN Aerospace on the sale of Fokker Services and Fokker Techniek, global independent aerospace service providers which will provide diverse services for various aircraft types;
• Advising a private investment company on its investment into a military and medical device research, development and manufacturing company and the subsequent licensing and transfer of the underlying intellectual property and manufacturing of products;
• Advising a medical device company on the licensing and sale of bloodline technology and business to healthcare providers;
• Advising a UK based cybersecurity firm on the development, distribution and licensing of its identification authentication technology to resellers and customers;
• Acting for pharmaceutical companies on a variety of manufacturing, distribution and marketing agreements with its suppliers and agents;
• Advising a pharmaceutical company on its collaboration agreement with other pharmaceutical companies to track and assess the successful use of various therapies in hospitals and clinics;
• Advising on the securitisations of copyright and royalties deriving from the back catalogues of major record labels;
• Acting on a number of copyright and trade mark infringement investigations and disputes on behalf of international publishers and TV show rights holders against UK based counterfeiters, US parallel importers and distributors of unauthorised merchandise on internet auction and mail order sites;
• Acting on various copyright infringement and misappropriation of online material disputes between financial market news and information providers; and
• Acting for WaveCrest, a global telecommunications provider, on the successful defence of a patent infringement action and first revocation of a UK patent on the ground of being a business method at High Court, Court of Appeal and House of Lords (Aerotel v Wavecrest).

Certified Information Privacy Professional/Europe (CIPP/E)

布里斯托大学, Postgraduate Diploma in Intellectual Property Law and Practice

BPP大学法学院, 法律实务课程（LPC）

英国伦敦政治经济学院, LLB, Law

• 英格兰和威尔斯

• Chair of the Digital Economy Committee of the UK International Chamber of Commerce (ICC)
• Member of the City of London Law Society IP Law Committee
• Member, International Association of Privacy Professionals (IAPP)
• Member, Society for Computers and Law (SCL)
• Member, City of London Solicitors’ Company and City of London Law Society