Securities Privacy Consumer Protection

Read need-to-know updates, commentary, and analysis on Securities issues written by leading professionals.
News & Analysis as of

NY DFS Signals a Detailed Framework for Cybersecurity Compliance

On November 9, 2015, the New York State Department of Financial Services (“DFS”) sent a letter to a number of state and federal financial regulators signaling that DFS may issue comprehensive cybersecurity regulations for...more

Dow Jones & Co. notifies 3500 of data breach

Dow Jones & Co. Has notified 3500 of its customers that their information has been accessed by unauthorized individual in a data breach that spanned August of 2012 through July of 2015. The unauthorized access, through...more

Financial Institutions Council Publishes Statement On Hacker Extortion

Amid the recent increase in hacker extortion cases, the Federal Financial Institutions Examination Council (“FFIEC”) issued a statement on November 3 (the “Statement”) describing steps financial institutions should take to...more

Following the Wisdom of the Crowd? A Look at the SEC’s Final Crowdfunding Rules

In this alert, we provide a detailed overview of the final rules, Regulation Crowdfunding, which will be applicable to crowdfunding offerings conducted in reliance on Section 4(a)(6) of the Securities Act of 1933 as amended...more

CFTC Approves NFA Interpretive Notice on Information Systems Security Programs, Including Cybersecurity Guidance

The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more

New York Stock Exchange releases cybersecurity guide for public companies

We continue to urge CEOs and boards of public companies (and private and not-for profits) to harken the call of getting a handle on cybersecurity risk to companies today. Not too soon, the New York Stock Exchange published a...more

SEC Cybersecurity Update

Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more

SEC Announces Second Wave of Cyber Exams of Broker Dealers and Advisors – Is Your Firm Ready?

In April 2014, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert announcing its first cybersecurity sweep initiative. Pursuant to that initiative,...more

Proactive Approach To Cybersecurity: Recent SEC guidance and enforcement actions suggest that reactive firms may be in the SEC’s...

In an environment where even the largest and most powerful corporations have fallen victim to data breaches, it can be challenging to fathom how to protect against the sophisticated and ever-evolving threat of cyber attacks....more

Scottrade announces data breach affecting 4.6M customers

Scottrade, a retail brokerage firm, announced late last week that it suffered an intrusion by cyber hackers who stole client contact information of 4.6 million customers. The intrusion occurred between late 2013 and early...more

Investment Adviser Settles SEC Cybersecurity Enforcement Action; SEC Issues Investor Alert

On September 22, the U.S. Securities and Exchange Commission (“SEC”) and R.T. Jones Capital Equities Management, Inc. (“R.T. Jones”), a St. Louis-based investment adviser, settled charges that R.T. Jones failed to adopt...more

Financial Services Weekly News - October 2015

Regulatory Developments - FINRA Files Proposed Rule Change to Apply Markup Rule to Government Securities: On Sept. 30 FINRA filed with the SEC a proposed rule change, published in the Federal Register on Oct. 6, to...more

Strike Suit Offers Conjectures, And Little More, About Scottrade Data Breach

As reported on Friday in the Krebs on Security blog, online broker Scottrade had sent an e-mail to customers earlier that day stating that it recently had learned from law enforcement officials that Scottrade was one of a...more

SEC Brings First Cybersecurity Enforcement Proceeding in Wake of Risk Alert

Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms - On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more

Hacked Investment Advisor Fined $75,000 for Lack of Cyber-Security Measures

Many in the investment advisory community are following the story of R.T. Jones Capital Equities Management, an investment advisor that, according to the Securities and Exchange Commission (SEC), suffered a hack exposing the...more

Investment Adviser and SEC Agree to Settle Charges Arising out of Failure to Adopt Written Cybersecurity Policies Required by the...

The SEC charged investment adviser R.T. Jones with willfully violating the Safeguards Rule by failing to adopt written policies and procedures designed to protect customer records and information. The Safeguards Rule requires...more

SEC Ramps up Cybersecurity Scrutiny With Examination Priorities and an Enforcement Action

Why it matters - Signaling that it will continue to increase its scrutiny of firms' cybersecurity readiness, the Office of Compliance, Inspections and Examinations of the Securities and Exchange Commission (SEC) issued a...more

SEC Steps Up Cybersecurity Enforcement

September has been a busy month for the SEC in addressing cybersecurity. In the span of a week, the SEC issued a new alert in connection with its cybersecurity examination of Wall Street firms, entered a Cease and Desist...more

SEC brings first cybersecurity-related enforcement action

The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

SEC’s Increased Cybersecurity Enforcement and How to Reduce Your Risks

The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more

The SEC Charges Investment Adviser with Violating Regulation S-P by Failing to Adopt Cybersecurity Policies and Procedures

In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more

SEC Sanctions Investment Adviser Under the Safeguards Rule

The Securities and Exchange Commission (“SEC”) has sanctioned an investment adviser and fined it $75,000 for failing to “adopt written policies and procedures reasonably designed to protect customer records and information.”...more

SEC Charges Investment Adviser With Failure to Adopt Proper Cybersecurity Policies and Procedures

A registered investment adviser agreed to settle SEC charges that it failed to adopt adequate cybersecurity policies and procedures reasonably designed to protect customer records and information as required by Rule 30(a) of...more

SEC Announces Cybersecurity Enforcement Action

On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more

110 Results
View per page
Page: of 5

Follow Securities Updates on:

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.