Tom C. Vincent

Partner | Corporate

About

Tom Vincent is a Partner at Pierson Ferdinand and is a Certified Regulatory Compliance Manager and Certified Information Privacy Professional/United States. Tom helps organizations navigate the complex legal landscape of cybersecurity, data privacy, compliance, and corporate governance with practical, business-minded legal counsel. Drawing on his background as a former banking executive and compliance officer, he brings a strategic, preventive approach that aligns legal solutions with business goals.

  • He brings extensive experience in regulatory compliance to his practice, having served as Chief Compliance Officer for banks, investment advisers, and a broker-dealer, as well as Anti-Money Laundering Compliance Officer, responsible for ensuring compliance with a myriad of requirements, including broker-dealer and investment adviser activities and compensation, customer protection and privacy, information security, corporate governance, anti-money laundering, and sweepstakes and electronic transactions.

    Tom assists his clients with issues involving data security and privacy, including the design and establishment of privacy and cybersecurity programs, negotiation of appropriate protections for client information, breach identification, and required reporting. He applies his corporate compliance experience to guide clients through the myriads of state, federal, and international laws, regulations, and requirements to protect them from potential lawsuits and regulatory action.

    Tom regularly presents to a variety of audiences, including attorneys, healthcare practices, financial and human resource professionals, and professional services firms, on cybersecurity, data privacy, regulatory compliance and professional development and inclusion. He is currently an Adjunct Professor of Cyber Security Law and Policy at The University of Tulsa College of Law. In addition, Tom is currently on the Advisory Board of Oklahomans for Equality, and because of his efforts to champion the cause of diversity Tom was awarded the Ada Lois Sipuel Fisher Diversity Award by the Oklahoma Bar Association in 2023.

Practices

  • Banking and Financial Services

  • Broker-Dealer Regulation

  • FinTech and Blockchain

  • Healthcare

  • Information Security

  • Privacy and Data Protection

  • Regulatory Law & Government Contracts

  • Securities

  • Technology

Admissions

  • Oklahoma

  • District of Columbia

Education

  • Washington and Lee University School of Law, J.D.

  • Southern Methodist University, B.S.

Memberships and Affiliations

  • Oklahoma Bar Association

  • Tulsa County Bar Association

  • American Bar Association

  • International Association of Privacy Professionals

Recognition

  • Best Lawyers, 2024-2025, FinTech Practice and Privacy and Data Security Law

  • Oklahoma Bar Association, 2023, Ada Lois Sipuel Fisher Diversity Award

Law Firm Experience

  • Gable & Gotwals, A Professional Corporation

Corporate and Faculty Experience

  • Adjunct Professor, Cyber Law and Policy, The University of Tulsa College of Law

  • Chief Compliance Officer/Anti-Money Laundering (AML/BSA) Officer/HIPAA Compliance Officer, The F&M Bank and Trust Company

  • Chief Compliance Officer and Corporate Secretary, Cavanal Hill Investment Management

  • Chief Compliance Officer, BOSC, Inc. (now BOK Financial Securities, Inc.)

  • Manager, Corporate Governance and Wealth Management Compliance, BOKF, N.A.

Non-Profit Service

  • Advisory Board Member, Oklahomans for Equality

  • Past Board member, Tulsa Zoo

  • Past Board member, Riverfield Country Day School Board of Trustees

Representative Matters and Experience

  • Designed, developed, and implemented compliance programs, including website disclosures, policies, training, and risk assessment processes, to meet HIPAA, FERPA, GLBA, GDPR, FTC, and other state, federal, and international legal and regulatory requirements, including:

    • Privacy and Security Compliance

    • Contract Administrations and Third Party Risk Management

    • Anti-Money Laundering Compliance, including Suspicious Activity and OFAC Reporting

    • Sweepstakes, TCPA, and Electronic Transactions Compliance

  • Design and draft client agreements for accounting and technology consulting firms, including website documentation and internal onboarding procedures.

  • Negotiate execution and termination of FinTech agreements, including incorporation of existing customer disclosures and responding to requests from banking agencies regarding compliance issues.

  • Engaged security firms for various clients to perform penetration testing and other security assessments, including management of request-for-proposal process and engagement agreement drafting and negotiation.

  • Served as insurance-approved breach counsel for privacy and security incidents to determine reporting responsibilities across multiple states, territories, and countries, including the development of required customer communications and direct communications with state and federal agencies.

  • Reviewed client insurance policies for appropriateness of coverage and provided responses to insurance carriers regarding the sufficiency of client breach responses.

  • Serve as compliance counsel for multimedia company providing online memberships and sweepstakes giveaways.

Selected Presentations and Podcasts

  • “Aligned by Design: CISO x Legal In Practice” (Secure AF Podcast - Alias Forensics), July 22, 2025

  • “The Ethics of Inclusion: Developing the Words, Actions, and Achievements to Change Yourself and Your Practice” (Lawline), June 8, 2023

  • “Proactively Managing Vendor Relationships: Setting Expectations, Avoiding Surprises, and Getting Your Stuff Back” (Lawline), February 22, 2023

  • “What Now? Post-Breach Cybersecurity Issues: Addressing the Obvious and the Hidden, Not-Initially-Visible, and Otherwise Neglected Causes and Consequences of a Data Breach” (SouthWest Benefits Association), November 8, 2022

  • “Beyond Attorney-Client Privilege: Reconciling Traditional Attorney Issues and an In-House Environment” (Association of Corporate Counsel), September 16, 2022

  • “IT/IT Security, and Legal; Building Mutually Beneficial Relationships” (ISSA), November 8, 2021

  • “Cool to be Kind: The Expectation of Positivity and the Need to Belong” (DisruptHR Tulsa), October 20, 2021

  • “Cybersecurity! Why All the Cool Kids Are Doing It” (with Trent Shores, Oklahoma Association of Municipal Attorneys), September 9, 2021

  • “Avoiding Unintentional Exclusivity: Why the Language We Use Matters” (National Conference of Bar Foundations), July 31, 2021

  • “We’ve Been Hacked! What Do We Do Now?” (ISSA CyberSecurity Roundtable), January 26, 2021

  • “Embrace Your Blur: Using Your Authentic Self to Create Your Career Brand Narrative” (Black Wall Street Chamber of Commerce), November 12, 2020

  • “Courageous Conversations: Beyond the Hashtags” (Mosaic & Luxa Enterprises), August 25, 2020

  • “Life Preservers and Safety Nets: Returning to Work and Staying Afloat in COVID-19’s Wake” (Tulsa Area Human Resources Association’s Learning Lab), May 28, 2020

  • “Oh, What a Tangled Web(site) We Weave” (GableGotwals and Stinnett & Associates Cyber Webinar), May 13, 2020

  • “It’s not what you do, it’s why you do it: Ownership, Obligation, and Information Security” (Workforce Forensics Podcast), April 30, 2020

  • “Unexpected Legal Ethics Work-at-Home Webinar” (Avansic Work at Home Webinars), April 15, 2020

  • “Courageous Conversations Year End Celebration: 50 Shades of Courage” (LUXA 2nd Annual Year End Celebration), December 18, 2019

  • “Best Practices of Employee On-Boarding/Off-Boarding” (Tulsa Area Human Resources Association Employment Law & Practices Seminar), November 7, 2019

  • “To Secure and Protect: Fulfilling the Expectations of Clients (and Others) in Commercial Real Estate and Fiduciary Transactions” (Tulsa Title and Probate Lawyers Association), June 13, 2019

Selected Publications

  • Client Alert: No Company Too Small: Safeguarding Privacy and Cybersecurity in Renewable Energy, August 12, 2025

  • “A Need for New Armor: Tribal Entities Under Cyberattack” (with Emma Kincade and Trent Shores), GableGotwals Cybersecurity and Data Privacy Alert, October 21, 2021

  • “Chapter 14: Energy Cybersecurity Law – A Survey” (with Susan Lindberg and Trent Shores), Energy Law and Transactions (Matthew Bender), October 2021

  • “This Is Your Lucky Day” (Gavel to Gavel, The Journal Record), January 29, 2020

  • “Breaches and Attorney-Client Privilege” (Gavel to Gavel, The Journal Record), September 18, 2019

In the News