10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
Daily Compliance News: July 18, 2025, The Don’t Alter Docs Edition
Five Tips for a New Public Company Director
Compliance Tip of the Day: New FCPA Enforcement Memo - What Does it Say?
Compliance into the Weeds: Changes in FCPA Enforcement
The LathamTECH Podcast — Where Digital Assets Slot Into a Shifting Fintech Regulatory Landscape: Insights From the US, UK, and EU
10 For 10: Top Compliance Stories For the Week Ending May 17, 2025
Daily Compliance News: May 13, 2025, The Leaving on a Jet Plane Edition
Everything Compliance: Episode 153, The CW 25 Edition
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — The Crypto Exchange Podcast
Daily Compliance News: April 22, 2025, The Upping Your Game Edition
Daily Compliance News: April 9, 2025, The Corruption at the DOJ Edition
10 For 10: Top Compliance Stories For The Week Ending April 5, 2025
Daily Compliance News: April 4, 2025, The Tariffs on Penguins Edition
Daily Compliance News: April 3, 2025, The Tribute to Ice Edition
Great Women in Compliance: The Future of Enforcement with Jennifer Lee
Regulatory Ramblings: Episode 65 – The Trump Administration’s Decision to Halt FCPA Enforcement – The Implications for Asia and the World with Tom Fox, Malcolm Nance, and Philip Rohlik
Navigating 2025: The SEC's Evolving Role in Cryptocurrency Enforcement — The Crypto Exchange Podcast
The SEC's Reach Beyond Publicly Traded Companies
The Securities and Exchange Commission (SEC) recently hosted a Roundtable on Artificial Intelligence in the Financial Industry in Washington, DC (SEC AI Roundtable). The day-long event, which took place on March 27, 2025,...more
On October 22, 2024, the Securities and Exchange Commission (SEC) announced enforcement actions against several technology companies for making materially misleading disclosures regarding cybersecurity risks and intrusions....more
The U.S. Securities and Exchange Commission's ("SEC") Division of Enforcement has recently brought a spate of enforcement actions relating to key topics for public companies. These include enforcement actions related to...more
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more
Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more
The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more
A New Your federal district judge handed down a significant decision dismissing much of the SEC’s securities fraud enforcement action against SolarWinds arising from its claims relating to SolarWinds’ cybersecurity policies,...more
On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more
On June 24, 2024, the SEC released five new CDIs on Material Cybersecurity Incidents. Please see a high-level summary below...more
The SEC’s Division of Corporation Finance yesterday published five new Compliance and Disclosure Interpretations, or “C&DIs,” all concerning Item 1.05 of Exchange Act Form 8-K, Disclosure of Cybersecurity Incidents....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
On May 16, 2024, the U.S. Securities and Exchange Commission (SEC) announced that it had adopted final amendments to its Regulation S-P (the Rule or Amended Rule), which governs “covered financial institutions’” treatment of...more
On May 21, 2024, Erik Gerding, director of the Division of Corporation Finance of the U.S. Securities and Exchange Commission (SEC), issued a statement with clarifying guidance on cybersecurity incident disclosure under Item...more
On May 21, 2024, Erik Gerding, the Director of the Division of Corporation Finance at the U.S. Securities and Exchange Commission (SEC), released a statement (statement) on the disclosure of cybersecurity incidents. This...more
In a statement yesterday, the Director of the SEC’s Division of Corporation Finance commented on the relatively new Form 8-K Item 1.05 requirement. Last summer when the SEC adopted the final rules relating to cybersecurity...more
Erik Gerding, Director, Division of Corporation Finance, released a statement on the preferred methods to disclose certain cybersecurity incidents. Mr. Gerding noted “The cybersecurity rules that the Commission adopted on...more
The U.S. Securities Exchange Commission (SEC) recently adopted a final rule regarding cybersecurity risk management, governance, and incident reporting. The final rule went into effect on September 5, 2023, and disclosure...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
Welcome to Saul Ewing’s Public Companies Quarterly Update series. Our intent is to, on a quarterly basis, highlight important legal developments of which we think public companies should be aware. This edition is related to...more
Recently, in advance of the effective date (December 18, 2023), the Director of the SEC’s Division of Corporation Finance provided additional guidance regarding the final rules relating to cybersecurity incident disclosure...more
In a first for both cybersecurity and securities law, a ransomware company filed a complaint with the U.S. Securities and Exchange Commission (“SEC”) against its own hacking victim for failure to disclose the hack itself. The...more
The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more
The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more
In a first, bold move by the Securities and Exchange Commission (SEC) following its new Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, issued on July 26, 2023, this...more