FindingsRIAs and perhaps BDs may face strict liability from the SEC if they are victims of cybersecurity attacks.Practical implicationsFirms may want to address the likelihood of an SEC enforcement action if a breach occurs by reviewing recent enforcement actions, SEC reports and statements, and ...
SEC Announces Cybersecurity Enforcement Action The Capital Commitment Blog Blog September 24, 2015 On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser brought under Rule 30(a) ...
theSEC’senforcementaction,whythisparticularcaseisnoteworthy,andthecase’simplicationsforRIAsandBDs.FindingsRIAsandperhapsBDsmayfacestrictliabilityfromtheSECiftheyarevictimsofcybersecurityattacks.PracticalimplicationsFirmsmaywanttoaddressthelikelihoodofanSECenforcementactionifabreachoccursbyreviewingrecentenforcementactions,...
In this episode of "Counsel That Cares," privacy and cybersecurity attorney Bess Hinson discusses the shifting oversight by the U.S. Securities and Exchange Commission (SEC) on cybersecurity requirements.
· Are cyber risks already factored into valuations given industry-specific contexts? 7. Weigh the Legal Implications · What are the potential legal implications stemming from various privacy laws? · Has the incident increased the risk of lawsuits, enforcement actions, or other legal proceedings?
The SEC in October 2024 announced settled enforcement actions againstfour companiesregarding cybersecurity disclosure and found that one of the companies “negligently made materially misleading misstatements” in Form 8-K regarding a cyberattack. In this case, the SEC alleged that statements to investor...
Here's a summary of the 2023 SEC cybersecurity rule and what the U.S. Securities and Exchange Commission wants to see in disclosures.
rules emphasize the SEC's focus on the area of cybersecurity and companies should look to strengthen their disclosure controls and procedures around cybersecurity incidents consistent with the SEC's 2011 and 201814guidance and apparent focus in this area evidenced by its recent enforcement actions. ...
the most recent set of settlements suggest a possible willingness on the SEC’s part to bring enforcement actions even for minor and technical violations. Insofar as the institutional investor enforcement actions, the recent “sweep” appears to mark the first such broad action by the SEC. N...
Given that Regulation S-P is themost often-used toolby the SEC's Division of Enforcement to date for enforcement actions based on customer data protection and cybersecurity incidents, the Proposed Rule could have significant ramifications for the agency's compliance and enforcement efforts....