E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
The U.S. Securities and Exchange Commission's (SEC's) May 2024 amendments to Regulation S-P established concrete, near-term compliance deadlines for registered investment advisers (RIAs) to adopt, implement, and maintain...more
Recently, a California federal court certified customer-specific subclasses seeking nominal damages for a data breach under a “disclosure of private information” theory of harm. In re Accellion, Inc. Data Breach Litig., No....more
On October 1, FINRA censured a payment provider and fined it $375,000 after it accepted a Letter of Acceptance, Waiver, and Consent (AWC). FINRA alleged between October 2019 and March 2022 the payment provider failed to...more
On September 8, the OCC issued two bulletins addressing banks’ obligations under the Right to Financial Privacy Act and clarifying how the agency will evaluate “politicized or unlawful debanking” in licensing and Community...more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
According to an AT&T spokesperson, this is not accurate. Social Security Numbers and Dates of Birth were already available in plain text in the original compromised dataset from 2024 (in separate files that could be...more
Throughout 2024, financial sector regulators sharpened their focus on data protection and cybersecurity issues impacting financial institutions and the public. Key federal agencies like the Securities and Exchange Commission...more
Quicker and easier sharing of customer information relating to economic crime concerns between firms in the UK financial sector has been encouraged by provisions in the Economic Crime and Corporate Transparency Act 2023...more
On August 30, 2024, the Federal Trade Commission announced that the Department of Justice filed a complaint upon notification and referral from the FTC against a surveillance camera company that allegedly failed to provide...more
The financial services and banking industry landscape continues to evolve in the face of new and emerging technologies. This phenomenon is especially prevalent in the sharing of consumer data between financial institutions...more
On June 2, 2024, cloud service provider Snowflake reported increased cyber threat activity targeting some of its customer’s accounts. Snowflake recommended that customers review unusual activity to detect and prevent...more
For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial...more
Welcome to the Regulatory Roundup. Each month, Eversheds Sutherland Investment Services attorneys review significant regulatory developments (including notable rulemakings and guidance from securities regulators) from the...more
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) adopted amendments to Regulation S-P. Originally passed in 2000, Regulation S-P regulates the treatment of non-public personal information of consumers by...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
On May 16, 2024, the U.S. Securities and Exchange Commission (“SEC”) adopted amendments to Regulation S-P (“Reg S-P”) that are intended to help protect investors’ privacy from the “expanded use of technology and corresponding...more
On May 15, the Securities and Exchange Commission adopted amendments to Regulation S-P, which covers broker-dealers, registered investment advisors (RIAs), and investment companies (funds). These entities are now required to...more
On May 16, 2024, the U.S. Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P that were proposed last year (“Final Amendments”).[1] The Final Amendments impose enhanced...more
On May 13, 2024, the Securities and Exchange Commission (SEC) and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) proposed rules (CIP Rules) that would impose customer identification...more
Last week, the Securities and Exchange Commission imposed expanded privacy and cybersecurity obligations on fund managers and sponsors registered with the SEC as investment advisers. While many registered investment advisers...more
A bipartisan group of federal lawmakers just unveiled a sweeping proposal to pass the nation’s first data privacy law and hand a significant amount of power to consumers, one that would bring about a massive change in the way...more
Beginning May 11, 2024, non-banking financial institutions regulated by the Federal Trade Commission (FTC) will be required to submit notifications of data breaches or other security events that impact 500+ consumers. The FTC...more
Know Your Customer (KYC) is a fundamental process used by Financial Institutions (FIs) to verify the identities of their customers and assess the associated financial crime risk. Its primary goal is to prevent money...more
Join Michael J. Charlillo as he discusses FINRA's latest expungement process enhancements. He will explore process changes implemented when requesting and obtaining expungement of customer dispute information. Michael will...more
The Federal Trade Commission (FTC or Commission) has amended its Standards for Safeguarding Customer Information, commonly known as the "Safeguards Rule," to require non-bank financial institutions to report certain data...more