Securities and Exchange Commission

On September 26, 2018, the SEC announced a settlement with Voya Financial Advisers, Inc., a registered investment advisor and broker-dealer, for violating Regulation S-ID, as well as Regulation S-P. Together, Regulations S-ID and S-P are designed to require covered entities to help protect customers from the risk of identity theft and to safeguard confidential customer information. The settlement represents the first SEC enforcement action brought under Regulation S-ID.
Continue Reading SEC Fines Broker-Dealer $1 Million in First Enforcement Action Under Identity Theft Rule

On February 21, 2018, the U.S. Securities and Exchange Commission published long-awaited cybersecurity interpretive guidance. The guidance marks the first time that the five SEC commissioners, as opposed to agency staff, have provided guidance to U.S. public companies with regard to their cybersecurity disclosure and compliance obligations.
Continue Reading SEC Publishes New Guidance on Public Company Cybersecurity Disclosures

On August 7, 2017, the Securities and Exchange Commission Office of Compliance Inspections and Examinations issued a Risk Alert examining the cybersecurity policies and procedures of 75 broker-dealers, investment advisers and investment companies.
Continue Reading SEC Risk Alert Highlights Cybersecurity Improvements and Suggested Best Practices

Amidst much anticipation, on July 25, 2017, the Securities and Exchange Commission released a Report of Investigation under Section 21(a) of the Securities Exchange Act of 1934 warning the market that “tokens” issued in ICOs may be “securities” such that the full breadth of the U.S. federal securities laws may apply to their offer and sale.
Continue Reading SEC Warns Initial Coin Offerings May Be Subject to U.S. Federal Securities Laws

On May 5, 2017, the U.S. District Court for the Southern District of New York entered a default judgment in favor of the SEC against three Chinese defendants accused of hacking into the nonpublic networks of two New York-headquartered law firms and stealing confidential information regarding several publicly traded companies engaged in mergers and acquisitions.
Continue Reading Chinese Hackers Fined for Hack of New York Law Firms

On January 9, 2017, Representatives Kevin Yoder (R-KS) and Jared Polis (D-CO) reintroduced the Email Privacy Act, which would amend the Electronic Communications Privacy Act to require government entities to obtain a warrant, based on probable cause, before accessing the content of any emails or electronic communications stored with third-party service providers, regardless of how long the communications have been held in electronic storage by such providers.
Continue Reading Email Privacy Act Reintroduced in Congress