Department of the Treasury

On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control issued an advisory alerting companies of potential sanctions risks related to facilitating ransomware payments.
Continue Reading U.S. Department of the Treasury Issues Advisory Warning that Ransomware Payments May Violate OFAC Sanctions

Recently, the U.S. Department of Treasury’s Financial Crimes Enforcement Network issued an advisory entitled Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime, to help financial institutions understand how to fulfill their Bank Secrecy Act obligations with regard to cyber events and cyber-enabled crime.
Continue Reading FinCEN Issues Advisory on SAR Reporting Obligations Involving Cyber Crime

On May 5, 2015, the Financial Crimes Enforcement Network of the U.S. Treasury Department, in coordination with the U.S. Attorney’s Office for the Northern District of California, announced a civil monetary penalty of $700,000 against Ripple Labs, Inc. and its subsidiary XRP II, LLC for violations of the Bank Secrecy Act.
Continue Reading FinCEN Announces First BSA Enforcement Action Against Virtual Currency Exchanger

On April 1, 2015, the White House announced that President Obama has signed a new executive order providing the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, the ability to impose sanctions on individuals and entities that engage in certain cyber-enabled activities.
Continue Reading President Obama Issues Executive Order Enabling Treasury to Impose Sanctions on Cyber-Enabled Activities

On August 6, 2013, the Obama Administration posted links on The White House Blog to reports from the Departments of Commerce, Homeland Security and Treasury containing recommendations on incentivizing companies to align their cybersecurity practices with the Cybersecurity Framework.
Continue Reading Obama Administration Releases Incentive Reports on Cybersecurity

On November 2-3, 2011, Mexico’s Federal Institute for Access to Information and Data Protection will host the 33rd International Conference of Data Protection and Privacy Commissioners in Mexico City.
Continue Reading Mexico Hosts 33rd International Conference of Data Protection and Privacy Commissioners

On November 30, the Council of the European Union agreed to allow U.S. anti-terrorism authorities access to financial data of individuals located in the EU under certain circumstances. Under the agreement, U.S. authorities will continue to have access to data collected by Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) after a SWIFT database located in

Today, eight federal financial regulatory agencies issued a final Gramm-Leach-Bliley Act (“GLBA”) model privacy notice.  The final model notice incorporates financial institutions’ required disclosures pursuant to Section 503 of the GLBA.  The GLBA requires, in relevant part, that financial institutions provide consumers with information regarding their collection and sharing of nonpublic personal information.  Financial institutions that adopt the final model notice will be deemed in compliance with the GLBA notice requirements.  The final model notice is the result of the agencies’ consumer research and testing.  It is touted as succinct, easy to use and consumer friendly. The final model notice will take effect 30 days after publication in the Federal Register. Publication is anticipated shortly.
Continue Reading Agencies Issue Final Gramm-Leach-Bliley Act Model Privacy Notice

The federal financial services agencies are expected to shortly announce a proposed-final Gramm-Leach-Bliley Act (“GLBA”) model form privacy notice.  The model notice incorporates financial institutions’ required disclosures pursuant to Section 503 of the GLBA.  Financial institutions that use the form to provide notice to consumers will be deemed in compliance with the privacy notice provisions of the GLBA.  Once adopted and published in the Federal Register, the financial services agencies’ final model notice will take effect in 30 days.

The GLBA requires, in relevant part, that financial institutions provide consumers with notice of their privacy policies and practices.  The privacy notice must describe a financial institution’s disclosure of nonpublic personal information to affiliated and nonaffiliated third parties.  In addition, the notice must also give consumers a reasonable opportunity to opt out of certain sharing with nonaffiliated third parties.


Continue Reading Agencies Expected to Publish Final Gramm-Leach-Bliley Act Model Privacy Notice