News & Analysis as of

Regulation S-P Data Security

Jackson Lewis P.C.

The Broadening Data Security Mandate: SEC Incident Response Plan and Data Breach Notification Requirements

Jackson Lewis P.C. on

Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more

Vedder Price

SEC Adopts Regulation S-P Amendments to Enhance Protection of Customer Information

Vedder Price on

On May 16, 2024, the SEC adopted amendments to Regulation S-P to enhance and modernize consumer privacy protections in light of technological developments in how individuals’ personal information is collected, shared and...more

Seward & Kissel LLP

SEC Adopts Data Privacy Rule Amendments to Regulation S-P

Seward & Kissel LLP on

Who may be interested: Investment Companies; Investment Advisers; Broker-Dealers; Transfer Agents - The SEC adopted amendments to Regulation S-P imposing new data privacy and security requirements on broker-dealers,...more

Foley Hoag LLP - Security, Privacy and the...

SEC Revamps and Enhances Data Protections with Amendments to Regulation S-P

The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more

Proskauer Rose LLP

SEC Adopts Rule Amendments to Regulation S-P to Enhance Protection of Customer Information

Proskauer Rose LLP on

On May 16, 2024, the U.S. Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P that were proposed last year (“Final Amendments”).[1] The Final Amendments impose enhanced...more

Tannenbaum Helpern Syracuse & Hirschtritt LLP

SEC Adopts Modernizing Amendments to Regulation S-P to Enhance Protection of Customer Information

On May 16, 2024, the Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P (“Reg S-P”) that are designed to modernize and enhance the rules governing the treatment and protection of...more

Carlton Fields

SEC Stirs Its Pot of Cybersecurity Preparedness and Response Proposals

Carlton Fields on

The SEC remains laser-focused on cybersecurity, with the agency recently reopening the comment period on a sweeping rule for investment advisers and investment companies. In addition, the SEC issued proposed enhancements to...more

Troutman Pepper

SEC Issues Risk Alert on Safeguarding Customer Records and Information at Branch Offices

Troutman Pepper on

On April 26, the SEC’s Division of Examinations (EXAMS) issued a risk alert on the importance of broker-dealers and investment advisers (collectively, “firms”) establishing and following written policies and procedures aimed...more

Seyfarth Shaw LLP

SEC Proposes Sweeping New Cybersecurity Rules: Is Your Company Prepared?

Seyfarth Shaw LLP on

On March 15, 2023 the Securities and Exchange Commission (“SEC”) proposed three new sets of rules (the “Proposed Rules”) which, if adopted, would require a variety of companies to beef up their cybersecurity policies and data...more

Morgan Lewis

SEC Proposes Cybersecurity Incident Reporting and Broker-Dealer Cyber Risk Management Requirements

Morgan Lewis on

The US Securities and Exchange Commission (SEC) issued a notice of proposed rulemaking (the Proposal) on March 15 that would require SEC-regulated investment advisers, investment companies, and broker dealers to provide...more

Davis Wright Tremaine LLP

SEC Proposes Host of New Rules for Data Security, Cybersecurity, and IT Resilience

The Securities and Exchange Commission (SEC or Commission) voted on March 15, 2023, to propose three new sets of rules for data security, cybersecurity, and IT operational resilience. The newly proposed rules would, among...more

Jenner & Block

Securities and Exchange Commission Chair Emphasizes SEC’s Role in Cybersecurity and Suggests Additional Cybersecurity Regulations...

Jenner & Block on

In a speech to the Securities Regulation Institute conference last week, Chair Gary Gensler signaled the SEC may implement more stringent cybersecurity regulations, and in the meantime, would work to enforce existing...more

Fenwick & West LLP

Say What You Do…Do What You Say…Only See What…

Fenwick & West LLP on

Case Overview - This week’s U.S. Securities and Exchange Commission enforcement cease-and-desist order (Order) In re App Annie Inc., out of the SEC’s San Francisco Regional Office, underscores the importance of taking...more

Goodwin

SEC Makes Cybersecurity Top Priority; Sanctions Firms for Cybersecurity Failures

Goodwin on

There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more

BakerHostetler

SEC Cybersecurity Actions Against Registered Firms for Business Email Compromises Emphasize Importance of MFA

BakerHostetler on

On August 30, 2021, the Securities and Exchange Commission (“SEC”) announced three settled orders against several investment advisers, broker-dealers, and dual registrants for violations of Regulation S-P allegedly resulting...more

Akin Gump Strauss Hauer & Feld LLP

SEC Cyber Enforcement Actions – Lessons for Private Fund Managers

On August 30, 2021, the Securities and Exchange Commission announced three enforcement actions against registered investment advisers for alleged cybersecurity failures involving cloud-based email systems. All three actions...more

Skadden, Arps, Slate, Meagher & Flom LLP

SEC Heightens Focus on Cybersecurity

On August 30, 2021, the Securities and Exchange Commission (SEC) announced that eight broker-dealers and/or investment advisers will pay civil monetary penalties to resolve enforcement actions arising from cybersecurity...more

Alston & Bird

SEC Focused on Protecting Customer Accounts from Credential Stuffing Attacks

Alston & Bird on

OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to...more

Proskauer - The Capital Commitment

Private Equity and Cybersecurity: A Guide to Preparing for and Responding to a Breach

A cyber breach can have serious legal, financial, and reputational consequences for a fund sponsor, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more

Proskauer - The Capital Commitment

Privacy in the Time of Pandemic: COVID-19 Provides Opportunity to Revisit Regulation S-P Privacy Policies

With more people working remotely than ever before in light of COVID-19, firms in the private equity and hedge fund space should review their Regulation S-P privacy and information-safeguarding policies to ensure they are...more

Jones Day

SEC Releases Cybersecurity Observations and Guidance - The SEC's Office of Compliance Inspections and Examinations ("OCIE")...

Jones Day on

On January 27, 2020, OCIE issued a report detailing cybersecurity and resiliency observations the staff made after "thousands of examinations of broker-dealers, investment advisers, clearing agencies, national securities...more

Sheppard Mullin Richter & Hampton LLP

SEC Issues Alert On Outsourcing and Data Security

The SEC recently issued a risk alert warning about using vendors and cloud-based platforms. Many broker dealers and investment advisors are turning to these third parties to store customer data. In its alert, the SEC’s Office...more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – June 2019

Alston & Bird on

Are You Ready for Canada’s New Privacy Breach Rules? Mandatory privacy breach notification, reporting, and record-keeping obligations under Canada’s federal data protection law, the Personal Information Protection and...more

Akin Gump Strauss Hauer & Feld LLP

SEC OCIE Issues Guidance on Advisors’ and Broker-Dealers’ Cloud-Based and Other Network Storage of Customer Data

• On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its observations in past examinations of weaknesses and best practices...more

Faegre Drinker Biddle & Reath LLP

U.S. Securities and Exchange Commission Issues Risk Alert Regarding Safeguarding Customer Records and Information Stored on...

On May 23, 2019, the United States Securities and Exchange Commission (“SEC”)’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert entitled “Safeguarding Customer Records and Information in Network...more

53 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide