Archives: Financial Privacy

Subscribe to Financial Privacy RSS Feed

Webinar Recording Available on the NYDFS Regulations

On March 9, 2017, AllClear ID hosted a webinar with Hunton & Williams partner Lisa J. Sotto on the new cybersecurity regulations from the New York State Department of Financial Services. This blog post provides a link to the recording and presentation materials. … Continue Reading

Home Depot Settles Data Breach Claims

On March 9, 2017, Home Depot reached an agreement that includes the payment of 25 million dollars and the implementation of new data security measures to resolve a putative class action brought by financial institutions impacted by the company’s 2014 data breach.… Continue Reading

FINRA Fines Brokerage Firm $650,000 After Cyber Attack

On November 14, 2016, Lincoln Financial Securities Corp., a subsidiary of Lincoln Financial Group, entered into a settlement with the Financial Industry Regulatory Authority, requiring LFS to pay a 650,000 dollar fine and implement stronger cybersecurity protocols following a 2012 hack into its cloud-based server.… Continue Reading

FinCEN Issues Advisory on SAR Reporting Obligations Involving Cyber Crime

Recently, the U.S. Department of Treasury’s Financial Crimes Enforcement Network issued an advisory entitled Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime, to help financial institutions understand how to fulfill their Bank Secrecy Act obligations with regard to cyber events and cyber-enabled crime.… Continue Reading

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

On October 18, 2016, the United States Court of Appeals for the Fifth Circuit held in Apache Corp. v. Great American Ins. Co. that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy. … Continue Reading

Federal Regulators Propose New Cybersecurity Rule for Big Banks

On October 19, 2016, the Federal Deposit Insurance Corporation, the Federal Reserve System and Office of the Comptroller of the Currency issued an advance notice of proposed rulemaking suggesting new cybersecurity regulations for banks with assets totaling more than 50 billion dollars.… Continue Reading

G-7 Endorses Best Practices for Bank Cybersecurity

On October 11, 2016, Group of Seven financial leaders endorsed the Fundamental Elements of Cybersecurity for the Financial Sector, a set of non-binding best practices for banks and financial institutions to address cybersecurity threats. … Continue Reading

Consumer Financial Protection Bureau Imposes First Ever Data Security Fine

On February 27, 2016, the Consumer Financial Protection Bureau reached a settlement with Dwolla, Inc., an online payment system company, to resolve claims that the company made false representations regarding its data security practices in violation of the Consumer Financial Protection Act. Among other things, the consent order imposes a 100,000 dollar fine on Dwolla. This marks the first data security-related fine imposed by the CFPB. … Continue Reading

How to Safeguard Privacy and Data Security in Corporate Transactions

In a recent article published by Corporate Counsel, Hunton & Williams partner Lisa Sotto and associate Ryan Logan discuss the privacy and data security-related legal issues that arise in corporate transactions, and provide a how-to guide on addressing those issues during the various stages of a transaction.… Continue Reading

China Enacts Administrative Measures for Online Payment Businesses

Recently, the People's Bank of China published Administrative Measures for Online Payment Business of Non-bank Payment Institutions. These measures were enacted to provide further details on the regulation of the online payment business in supplement to earlier measures published on June 14, 2010.… Continue Reading

SEC Announces Settlement Order and Publishes Investor Alert

On September 22, 2015, the Securities and Exchange Commission announced a settlement order with an investment adviser for failing to establish cybersecurity policies and procedures, and published an investor alert entitled Identity Theft, Data Breaches, and Your Investment Accounts.… Continue Reading

Indonesia Publishes Proposed Data Protection Rule

On July 14, 2015, pursuant to an implementation requirement of Government Regulation 82 of 2012, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems. The government provided a 10-day comment period for the proposal.… Continue Reading
LexBlog