10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
Daily Compliance News: July 18, 2025, The Don’t Alter Docs Edition
Five Tips for a New Public Company Director
Compliance Tip of the Day: New FCPA Enforcement Memo - What Does it Say?
Compliance into the Weeds: Changes in FCPA Enforcement
The LathamTECH Podcast — Where Digital Assets Slot Into a Shifting Fintech Regulatory Landscape: Insights From the US, UK, and EU
10 For 10: Top Compliance Stories For the Week Ending May 17, 2025
Daily Compliance News: May 13, 2025, The Leaving on a Jet Plane Edition
Everything Compliance: Episode 153, The CW 25 Edition
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — The Crypto Exchange Podcast
Daily Compliance News: April 22, 2025, The Upping Your Game Edition
Daily Compliance News: April 9, 2025, The Corruption at the DOJ Edition
10 For 10: Top Compliance Stories For The Week Ending April 5, 2025
Daily Compliance News: April 4, 2025, The Tariffs on Penguins Edition
Daily Compliance News: April 3, 2025, The Tribute to Ice Edition
Great Women in Compliance: The Future of Enforcement with Jennifer Lee
Regulatory Ramblings: Episode 65 – The Trump Administration’s Decision to Halt FCPA Enforcement – The Implications for Asia and the World with Tom Fox, Malcolm Nance, and Philip Rohlik
Navigating 2025: The SEC's Evolving Role in Cryptocurrency Enforcement — The Crypto Exchange Podcast
The SEC's Reach Beyond Publicly Traded Companies
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Workshop featured three panels of experts...more
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
As we look back on the SEC’s actions in 2024, we wanted to share our thoughts on lessons learned that we believe will carry through to 2025....more
On October 22, 2024, the Securities and Exchange Commission (SEC) announced that it had charged four companies with making materially misleading disclosures regarding cybersecurity risks and intrusions, with one company also...more
Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more
This week, the Securities and Exchange Commission (SEC) charged four public companies for alleged deceptive cyber disclosures: Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd., and Mimecast Limited....more
On October 21, 2024, the Division of Examinations (the “Division”) of the U.S. Securities and Exchange Commission (the “SEC”) issued its annual examination priorities for fiscal year 2025. As with its 2024 examination...more
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
On May 16, 2024, the SEC breathed new life into its decades-old Regulation S-P, which requires firms to adopt policies and procedures for the protection of customer information and records. The amended rule balloons the...more
I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more
Last month, I wrote a blog post on the tone at the top, exemplified in the Star Trek, the Original Series episode, Devil in the Dark. Based on the response, some passionate Star Trek fans are out there. I decided to write a...more
Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more
Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. The Securities and Exchange Commission (SEC) recently adopted...more
On May 16, the Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P, aimed at modernizing and enhancing the rules governing the treatment of consumers’ nonpublic personal...more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K....more
After a few years of proposing and adopting an unprecedented number of new rules, the Securities and Exchange Commission moderated its rule adoption activities in the second quarter of 2024. During the quarter, the SEC...more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
On June 24, 2024, the U.S. Securities and Exchange Commission (SEC) published five new Form 8-K Compliance and Disclosure Interpretations (C&DIs) expanding the agency’s interpretations of cybersecurity incident disclosures...more