The Securities and Exchange Commission (SEC) recently announced the withdrawal of several Biden-era regulations, including a proposed rule that would have required a broad range of platforms and financial intermediaries (such...more
7/21/2025
/ Biden Administration ,
Broker-Dealer ,
Compliance ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement Actions ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Trump Administration
Our Privacy, Cyber & Data Strategy Team highlights the shift in priorities for privacy and cybersecurity regulation and enforcement across U.S. agencies under the second Trump Administration....more
The SEC has released its Examination Priorities: Fiscal Year 2025 (“Examination Priorities”), which may be a useful roadmap to SEC-registered investment advisers, exchanges, and other entities subject to routine examination...more
10/29/2024
/ Artificial Intelligence ,
Compliance ,
Cybersecurity ,
Emerging Technologies ,
Enforcement Priorities ,
Examination Priorities ,
Investment Firms ,
Investors ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Trading Platforms
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
2/26/2024
/ Corporate Counsel ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Data Theft ,
NYDFS ,
Popular ,
Ransomware ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
Our Securities and Privacy, Cyber & Data Strategy teams unpack the Department of Justice’s (DOJ) process for companies seeking to delay Form 8-K disclosures under the Securities and Exchange Commission’s (SEC) cybersecurity...more
Just a month before the Security and Exchange Commission’s (“SEC’s”) Material Cybersecurity Incidents Rule is set to take effect, a ransomware group has apparently taken compliance with reporting requirements into its own...more
Our Securities Litigation, Securities, and Privacy, Cyber & Data Strategy teams outline vital takeaways for public companies and their directors and officers in light of the Securities and Exchange Commission’s recent civil...more
11/13/2023
/ Chief Information Security Officer (CISO) ,
Corporate Liability ,
Cybersecurity ,
Data Security ,
Disclosure Requirements ,
Enforcement Actions ,
Fraud ,
Popular ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
SolarWinds
On September 29, 2023, the U.S. Securities and Exchange Commission (SEC) announced enforcement actions against five broker-dealers, three dually registered broker-dealers and investment advisers, and two affiliated investment...more
Our Securities, Securities Litigation, and Privacy, Cyber & Data Strategy teams highlight the key aspects of the Securities and Exchange Commission’s final changes to its cybersecurity reporting rules for public companies...more
Federal enforcement agencies continue to scrutinize investment advisers’ use of personal devices and messaging platforms to conduct business. Our team reviews how recent penalties should encourage companies to create internal...more
On September 20, 2022, the Securities and Exchange Commission (SEC) settled an enforcement action with a large, registered investment adviser (the Firm) for alleged violations of the Safeguards Rule and the Disposal Rule of...more
On July 27, 2022, the Securities and Exchange Commission (SEC) separately settled three enforcement actions with broker-dealers and investment advisers for alleged deficiencies relating to the prevention of customer identity...more
Our Securities, Securities Litigation, and Privacy, Cyber & Data Strategy teams highlight the key aspects of the Securities and Exchange Commission’s latest sweeping changes to its cybersecurity reporting rules for public...more
3/16/2022
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 10-Q ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act
Our Privacy, Cyber & Data Strategy and Investment Management, Trading & Markets Teams review the Securities and Exchange Commission’s potentially transformative proposed rules that would require registered investment...more
On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund and private fund disclosure requirements and increase regulators’ visibility into the private funds industry....more
Entities registered with the U.S. Securities & Exchange Commission (SEC) must maintain certain books and records and can be subject to the SEC’s examination, inspection, and enforcement authority. Responding to SEC requests...more
The SEC has settled an enforcement action against a large title insurer in connection with public statements and disclosures made by the company in May 2019 relating to a data security incident. The underlying data security...more
On July 10, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert noting the increasing sophistication of ransomware attacks on SEC registrants and service providers to SEC registrants....more
On January 28, 2020, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) released a detailed set of observations culled from thousands of examinations of registered investment advisers, broker-dealers,...more
The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) has issued a Risk Alert that provides an overview of the most common deficiencies or weaknesses in investment adviser and broker-dealer compliance with the...more
4/19/2019
/ Broker-Dealer ,
Cybersecurity ,
Data Protection ,
Data Security ,
Investment Adviser ,
OCIE ,
Policies and Procedures ,
Popular ,
Regulation S-P ,
Risk Alert ,
Securities and Exchange Commission (SEC)
On February 28 and March 13, 2019, members of the U.S. Senate and U.S. House of Representatives introduced legislation designed to enhance the transparency of cybersecurity risk oversight at certain SEC reporting companies. ...more
The Securities and Exchange Commission issued an investigative report last week cautioning public companies to consider cyber incidents and threats when implementing internal accounting controls. ...more
Investment advisers and broker-dealers can expect more scrutiny of their data security from the Securities and Exchange Commission. Our Cybersecurity Preparedness & Response and Investment Management, Trading & Markets teams...more