On March 9, 2022, the Securities and Exchange Commission held an open meeting and proposed new cybersecurity disclosure rules for public companies by a 3-1 vote.
Continue Reading SEC Proposes Cybersecurity Rules for Public Companies
Securities and Exchange Commission
SEC Proposes New Cybersecurity Rules for Investment Managers
Posted on
Posted in Cybersecurity, Financial Privacy
On February 9, 2022, the SEC proposed new cybersecurity compliance and disclosure rules for the investment management industry in a three to one vote.
Continue Reading SEC Proposes New Cybersecurity Rules for Investment Managers
DOJ Announces New Cyber-Fraud Initiative and Intent to Utilize False Claims Act to Spur Compliance
Posted on
Posted in Cybersecurity, U.S. Federal Law
On October 6, 2021, Deputy Attorney General Lisa Monaco announced the launch of the new Civil Cyber-Fraud Initiative that will use the False Claims Act to pursue cybersecurity related fraud by government contractors and grant recipients. …
Continue Reading DOJ Announces New Cyber-Fraud Initiative and Intent to Utilize False Claims Act to Spur Compliance
SEC Settles with Alternative Data Provider for $10 Million
Posted on
Posted in Enforcement, Online Privacy
On September 14, 2021, the Securities and Exchange Commission announced that analytics firm, App Annie Inc., and its co-founder and former CEO, agreed to pay approximately $10 million to settle securities fraud charges for engaging in deceptive practices and making material misrepresentations about “alternative data” sold by the company. Notably, this is the SEC’s first enforcement action charging an alternative data provider with securities fraud. …
Continue Reading SEC Settles with Alternative Data Provider for $10 Million
SEC Charges Investment Advisers and Broker-Dealers with Deficient Cybersecurity Procedures
Posted on
On August 30, 2021, the U.S. Securities and Exchange Commission announced it had settled three administrative cases involving a total of eight registered broker-dealers and investment advisers for failures in their cybersecurity policies and procedures.
Continue Reading SEC Charges Investment Advisers and Broker-Dealers with Deficient Cybersecurity Procedures
SEC Sanctions Public Company for Misleading Disclosures About Data Breach
Posted on
The U.S. Securities and Exchange Commission recently announced that Pearson plc agreed to pay a $1 million civil penalty in a settlement related to charges that Pearson misled investors about a 2018 data breach resulting in the theft of millions of student records, including birth dates and email addresses.
Continue Reading SEC Sanctions Public Company for Misleading Disclosures About Data Breach
SEC Settles Charges Against Real Estate Services Company Over Control Failures Related to Cybersecurity Disclosure
Posted on
On June 15, 2021, the SEC announced it settled charges against real estate services company First American Financial Corporation (“First American”) for alleged violation of Rule 13a-15(a) of the Exchange Act. The SEC charged First American with failure to maintain disclosure controls and procedures designed to ensure that all available, relevant information concerning a software vulnerability that led to a cybersecurity incident was filed with the Commission.
…
Continue Reading SEC Settles Charges Against Real Estate Services Company Over Control Failures Related to Cybersecurity Disclosure
ICO Confirms UK Firms May Rely on Public Interest Derogation for SEC Transfers
Posted on
On January 19, 2021, the UK Information Commissioner’s Office published its analysis of the application of the UK General Data Protection Regulation to transfers from UK-based firms or branches that are registered, required to be registered or otherwise regulated by the U.S. Securities and Exchange Commission. …
Continue Reading ICO Confirms UK Firms May Rely on Public Interest Derogation for SEC Transfers
Part 2: The Rise of the Enforcement Landscape
Posted on
Posted in Cybersecurity, Multimedia Resources
Watch part 2 of a weekly series on Cybersecurity Law and Governance originally published by S4 Events featuring Hunton partner Lisa Sotto. …
Continue Reading Part 2: The Rise of the Enforcement Landscape
SEC Publishes Cybersecurity and Resiliency Observations
Posted on
The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations recently announced the publication of a report entitled “Cybersecurity and Resiliency Observations” that summarizes the observations gleaned from OCIE’s cybersecurity examinations of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants.
Continue Reading SEC Publishes Cybersecurity and Resiliency Observations