California is continuing to make news with respect to its privacy laws. California's Attorney General recently announced the approval of new amendments to regulations of the California Consumer Privacy Act (CCPA). The new...more
The New York Department of Financial Services (NYDFS) has become a frequent topic of these alerts. In recent weeks we have covered multiple actions from the regulator, including its first enforcement action, its SolarWinds...more
We've all heard a lot about cybersecurity risks and how cyberattacks have dramatically increased since COVID-19 changed our daily work environments. A recent attack has resulted in the demise of a hedge fund and illustrates...more
Virginia has become the latest state to pass comprehensive privacy legislation as its legislature voted to enact SB 1392, known as the Consumer Data Protection Act (the "Act"). Although many other states have proposed privacy...more
2/24/2021
/ Consumer Privacy Rights ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
Virginia
New York remains extremely active in the cybersecurity and data protection arena. As we have recently discussed, New York is considering a proposed privacy bill that would greatly enhance consumer privacy rights, increase...more
While California understandably has received most of the attention given its recent passage of the California Privacy Rights Act (CPRA), several other states continue to move forward with consideration of their own privacy...more
1/27/2021
/ Consumer Privacy Rights ,
Data Collection ,
Data Management ,
Data Privacy ,
Information Governance ,
New York ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy ,
State Privacy Laws
The Office of the Comptroller of the Currency (OCC), the Federal Reserve Board (FRB), and the Federal Deposit Insurance Company (FDIC), have issued a notice of proposed rulemaking (Proposed Rule) that would require a banking...more
1/13/2021
/ Banking Sector ,
Breach Notification Rule ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FDIC ,
Notification Requirements ,
OCC ,
Proposed Rules
The financial services industry faced unprecedented cybersecurity and privacy challenges in 2020. From learning how to operate with a remote workforce, dealing with a complex and evolving regulatory environment, facing an...more
Both the Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of Treasury have issued advisories recently regarding regulatory considerations financial...more
While most of us have been understandably focused on the presidential election, the State of California has passed significant new privacy legislation that may have a substantive impact on your business. Specifically,...more
Late last month, the Office of the Comptroller of the Currency (OCC) issued an Interpretive Letter clarifying that national banks and federal savings associations are authorized to provide safekeeping and custody services for...more
Last week, the New York Department of Financial Services (NYDFS) filed its first enforcement action against a title insurance company (the company) alleging multiple violations of its Cybersecurity Regulation. New York's...more
On April 30, 2010, the Federal Financial Institutions Council (FFIEC) issued Guidance on the use of cloud computing services and security risk management principles in the financial services sector. The Guidance reminds...more
The countdown to June 30, 2020 is on – the deadline by which broker-dealers with retail customers must comply with Regulation Best Interest (Reg BI), and broker-dealers and investment advisers must comply with Customer...more
On August 28, 2019, the Federal Financial Institutions Examination Council (FFIEC) issued a press release encouraging organizations to utilize a standardized approach to assess and improve cybersecurity preparedness. ...more
It should not be surprising to anyone that cybersecurity and data protection remain top priorities for regulators of the financial services industry. Indeed, cybersecurity has been regularly identified as a key priority by...more
5/3/2019
/ Broker-Dealer ,
Customer Information ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Investment Adviser ,
OCIE ,
Opt-Outs ,
Policies and Procedures ,
Popular ,
Privacy Policy ,
Regulation S-P ,
Risk Alert ,
Securities and Exchange Commission (SEC)
Each year, both the United States Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) issue guidance concerning their regulatory priorities for the coming year. ...more
On April 24, 2018, the U.S. Securities and Exchange Commission (SEC) fined Altaba Inc. – formerly known as Yahoo – $35 million for failing to disclose a substantial data breach and cyberattack that occurred in December 2014....more
Each year, both the United States Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) issue guidance concerning their regulatory priorities for the coming year. This year, FINRA...more
On February 21, the U.S. Securities and Exchange Commission (SEC) issued interpretive guidance (the "Guidance") to public companies updating and expanding on the SEC Staff's prior cybersecurity guidance that was released in...more
The U.S. Securities and Exchange Commission (SEC) may now only collect disgorgement from defendants within five years of filing suit. On June 5, the United States Supreme Court ruled unanimously that the five-year statute of...more
Each year, both the United States Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) issue guidance concerning their regulatory priorities for the coming year. This year, FINRA...more
The United States Supreme Court recently rendered a decision in Salman1 resolving a circuit split over whether the government prosecuting an insider trading case must show that the person giving an insider tip received...more
12/21/2016
/ Confidential Information ,
Criminal Prosecution ,
Dirks v SEC ,
Illegal Tipping ,
Insider Trading ,
Personal Benefit ,
SCOTUS ,
Securities Violations ,
Tippees ,
Tippers ,
US v Newman ,
US v Salman
On October 24, 2016, the United States Securities and Exchange Commission (SEC)'s Office of Compliance Inspections and Examinations (OCIE) released an alert examining whistleblower rule compliance and the use of...more
On December 16, 2015, the Financial Industry Regulatory Authority (FINRA) proposed Rule 2273 requiring brokers who move to a new firm to send an "educational communication" to customers they want to take with them, informing...more