The US Securities and Exchange Commission (SEC), Division of Corporation Finance on June 24, 2024 issued five Compliance and Disclosure Interpretations (C&DIs) on its website to address questions raised by its requirement for...more
The US Securities and Exchange Commission has adopted amendments to Regulation S-P requiring entities under its remit to provide notice to individuals affected by certain types of data breaches. This adds yet another...more
US regulators have increased their focus on cybersecurity issues impacting financial services companies, with a host of guidance documents recently released by the US Securities and Exchange Commission (SEC), the three...more
The US Securities and Exchange Commission (SEC) issued a notice of proposed rulemaking (the Proposal) on March 15 that would require SEC-regulated investment advisers, investment companies, and broker dealers to provide...more
The US Securities and Exchange Commission (SEC) recently proposed a comprehensive framework of cybersecurity-related rules and amendments for investment advisers and investment companies. Although advisers and funds may have...more
The three federal banking agencies (i.e., the Federal Reserve Board, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency—collectively, the Agencies) published a final rule (the Rule)...more
12/3/2021
/ Bank Service Company Act ,
Banking Sector ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Final Rules ,
Financial Regulatory Agencies ,
Financial Regulatory Reform ,
FinTech ,
Popular
The Federal Trade Commission recently finalized a long-discussed update to its cybersecurity Safeguards Rule that includes more specific criteria for what financial institutions must implement as part of their information...more
11/22/2021
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Breach ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Financial Services Industry ,
FinTech ,
Gramm-Leach-Blilely Act ,
New Rules ,
Personal Information ,
Safeguards Rule ,
State Privacy Laws
One of the major changes introduced by the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which was signed into New York law last year, is scheduled to take effect this week.
...more
3/17/2020
/ Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Security ,
Hackers ,
Information Technology ,
New Legislation ,
Personally Identifiable Information ,
Risk Management ,
Security Standards ,
SHIELD Act ,
State and Local Government ,
State Data Breach Notification Statutes
Introduction -
Data breaches have the power to inflict significant damage and consequences with the potential to bring a company, industry or government agency to its knees, or adversely harm those individuals whose...more
The SEC continues to focus on cybersecurity as an area of concern within the investment management industry....more
The recent cyberattack highlights the need for firms to engage in proactive prevention and protection.
Ransomware (malware that encrypts data pending an extortion payment) is a recurring cyber threat that is growing more...more
Morgan Lewis submits second comment letter on the proposed rules.
The New York State Department of Financial Services (DFS) is expected soon to issue “first-in-the-nation” cybersecurity regulations that will apply to...more
The modified rules, which still remain among the most prohibitive, could be adopted in final form as early as this month.
Since September 2016, the New York State Department of Financial Services (DFS) has been...more