The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations recently announced the publication of a report entitled “Cybersecurity and Resiliency Observations” that summarizes the observations gleaned from OCIE’s cybersecurity examinations of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants.
Continue Reading
Securities and Exchange Commission
Facebook to Settle with SEC for $100 Million
Posted on
In addition to the record-breaking $5 billion penalty to the FTC penalty and settlement order, on July 24, 2019, the SEC announced charges against Facebook for inadequate and misleading disclosures over its privacy practices.…
Continue Reading
Organizational Accountability in U.S. Law and Its Relevance to a Federal Data Privacy Law: A CIPL Study
Posted on
The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP recently published a white paper on Organizational Accountability’s Existence in U.S. Regulatory Compliance and its Relevance for a Federal Data Privacy Law.…
Continue Reading
ICO Announces $124 Million Fine for Marriott International following Data Breach
Posted on
On July 9, 2019, the UK Information Commissioner’s Office announced that it intends to fine Marriott International £99,200,396 for a data breach violating the GDPR. This closely follows the £183 million fine for British Airways, announced on July 8.…
Continue Reading
SEC Fines Broker-Dealer $1 Million in First Enforcement Action Under Identity Theft Rule
Posted on
Posted in Enforcement, Identity Theft
On September 26, 2018, the SEC announced a settlement with Voya Financial Advisers, Inc., a registered investment advisor and broker-dealer, for violating Regulation S-ID, as well as Regulation S-P. Together, Regulations S-ID and S-P are designed to require covered entities to help protect customers from the risk of identity theft and to safeguard confidential customer information. The settlement represents the first SEC enforcement action brought under Regulation S-ID.…
Continue Reading
Insider Trading Charges Brought Against CIO for Post-Breach Trading
Posted on
On March 14, 2018, the Department of Justice and the SEC announced insider trading charges against a CIO of a business unit of Equifax, Inc.…
Continue Reading
Webinar Recording Available on SEC Cybersecurity Guidance
Posted on
On March 7, 2018, Hunton & Williams LLP hosted a webinar with Lisa Sotto, Aaron Simpson, Scott Kimpel and Brittany Bacon on the SEC’s recent cybersecurity guidance.…
Continue Reading
SEC Publishes New Guidance on Public Company Cybersecurity Disclosures
Posted on
Posted in Cybersecurity
On February 21, 2018, the U.S. Securities and Exchange Commission published long-awaited cybersecurity interpretive guidance. The guidance marks the first time that the five SEC commissioners, as opposed to agency staff, have provided guidance to U.S. public companies with regard to their cybersecurity disclosure and compliance obligations. …
Continue Reading
SEC Creates Cyber Unit to Target Cyber-Related Threats
Posted on
Posted in Cybersecurity, Enforcement
This week, the Securities and Exchange Commission announced that it will create a Cyber Unit that will target cyber-related threats that may impact investors. …
Continue Reading
SEC Risk Alert Highlights Cybersecurity Improvements and Suggested Best Practices
Posted on
Posted in Cybersecurity, Financial Privacy
On August 7, 2017, the Securities and Exchange Commission Office of Compliance Inspections and Examinations issued a Risk Alert examining the cybersecurity policies and procedures of 75 broker-dealers, investment advisers and investment companies. …
Continue Reading