It is no surprise to financial firms that because of the Madoff scandal,the market downturn and other recent events, they soon will have to comply with a slew of new securities regulations. What is surprising is that financial firms continue to be deluged with new non-securities regulations. Many of these regulations spawned from consumer protection laws enacted at the beginning of the decade. Financial firms generally were not involved in the activities that led to the enactment of these consumer protection laws. Nevertheless, the broad reach of these statutes swept financial firms within their ambit. It is also notable that state privacy and data protection laws, which are not the subject of this article, continue to proliferate and many are applicable to financial firms.
The most recent example is Regulation S-AM. It is a sequel to two other consumer protection rules applicable to financial firms: Regulation S-P, a set of rules governing privacy protection and data security that were adopted in 2000, and the “red flag” rules governing identity theft that were adopted in 2008. Regulation S-AM was adopted by the Securities and Exchange Commission (“SEC”) on August 4, 2009. As explained below, Regulation S-AM prohibits financial firms from using certain consumer information provided by their affiliates to market products or services, unless there is full disclosure to the consumer and the consumer does not “opt-out” of such marketing. Compliance with Regulation S-AM is required by June 1, 2010.
Please see full publication below for more information.