Rich Vestuto is a managing director in Kroll's Information Management and Governance practice, based in the New York office. He leads the firm’s information governance, records and contract management capabilities, leveraging his over 20 years of experience in contract lifecycle management (CLM), and information governance supporting complex litigation supporting complex litigation, M&A and regulatory engagements.

Prior to joining Kroll, Rich was a managing director at Deloitte where he focused on CLM and information governance, providing services to many of the world’s top banks, media companies, technology firms and others. He has been instrumental in many large and complex repapering projects and other CLM-based engagements. In addition to consulting on records and information challenges, including data privacy, records separation, contract management and cross-border issues, Rich has consulted in more than 200 litigations and investigations in the U.S., UK, Europe and Asia Pacific. 

As a licensed attorney, Rich brings legal training along with technology experience to his consulting practice. He spent three years on the board of directors of ARMA International, the world's leading information management membership organization. He is a member of the Sedona Conference brainstorming groups on Data Privacy and Cross Border Litigation, and a member of the New York State Bar Association, American Bar Association (ABA), ABA Advisory Panel, Section of Litigation of the ABA, ABA Cyberspace Law Committee, International Legal Technology Association (ILTA) and the Digital Forensics Association.

Rich’s representative engagements include information governance and data privacy compliance guidance for an international airline; a divestiture-based records separation for an industrial products conglomerate; a GDPR/CCPA remediation project for a security software provider; and a complex response to a regulatory document request for a foreign exchange investigation by the U.S. Securities and Exchange Commission and Department of Justice. 

At Kroll, Rich advises large enterprises undergoing digital transformations and complex regulatory challenges, providing information governance, litigation support and CLM support. Organizations that are driven by privacy or regulatory requirements to undergo information governance or CLM often find that this comes with compliance and cyber security implications. Rich works closely with the Compliance and Cyber Risk practices to provide clients with a tailored, holistic approach when these problems arise. 

Rich has authored numerous articles on artificial intelligence (AI), data analytics, technology enablement and has been cited in publications, including The Wall Street Journal, Forbes, Corporate Counsel and Bloomberg Law, regarding various privacy and other regulations such as GDPR, CCPA, recovery and resolution, and those issued by NY Department of Financial Services, such as NYCRR 500. He has conducted more than 150 accredited CLE presentations and lectured around the world on the use of legal technology, AI, litigation support, CLM, information governance, third-party risk, how legal departments can utilize data analytics, data retention and compliance, privacy, FCPA matters, cross-border litigation, Dodd-Frank whistleblower rules and other electronically stored information related issues. 

Rich received a BFA in communications and media from the New York Institute of Technology and a JD from Touro College Jacob D. Fuchsberg Law Center. 

Vestuto /en/our-team/rich-vestuto /-/media/assets/images/headshots/managing-directors/rich-vestuto.jpg people {7FCB75E6-D40F-4DAA-9A0F-4B869A8E762F} {ABF5003B-CDDB-43F4-A7A5-CF54ACF36699} {8BCCA831-44C4-4CD0-9458-841A33C8BACF} {CD5C8AD0-F919-4E2E-B243-44B210EC239A} {69E1BC71-3A09-4508-928B-0D8596DD4FF7} {67F76C2C-C03D-4CD7-8519-7B9E0B3905DD} {8F506B1B-A962-453B-A950-146154314F3D} {3A0DC725-90C1-431F-A181-557E209D83A0} {E2BFF9A8-DC11-4262-ADBB-D1B589EEAD42} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Other Areas We Can Help

Supply Chain Risk Management Services

Supply Chain Risk Management Services

Helping clients build resiliency by proactively identifying, assessing, mitigating and monitoring their hidden supply chain risks.

Supply Chain Risk Management Services
CCPA Compliance Assessment | Cyber Risk | Kroll

CCPA Compliance Assessment

Data privacy and compliance experts translate the technical into practical and cut through less-than-specific legal requirements to navigate the CCPA compliance journey.

CCPA Compliance Assessment
Contract Lifecycle Management (CLM)

Contract Lifecycle Management (CLM)

Capture the value of contracts through M&A due diligence, acquisition integration and daily contract management.

Contract Lifecycle Management (CLM)
Legal Operations

Legal Operations

Help to optimize key legal processes through improved management of work product and vendors.

Legal Operations
Managed Services

Managed Services

Processes and strategies to manage and optimize information produced through M&A, divestitures and integration.

Managed Services

Insights

Regulatory Compliance

Hong Kong SPAC Proposal and Singapore SPAC Launch Provide Something for Everyone to Global Markets

Regulatory Compliance
Compliance

AMF and CSSF Regulatory Update – Third Quarter 2021

Compliance
Cyber

KAPE Quarterly Update – Q3 2021

Cyber
Cyber

Tracking Exchange Online Powershell Access Into Microsoft 365 Environments

Cyber

News