Throughout 2024, financial sector regulators sharpened their focus on data protection and cybersecurity issues impacting financial institutions and the public. Key federal agencies like the Securities and Exchange Commission...more
Despite the SEC’s already prolific rulemaking under Chair Gensler, the agency still has a few dozen additional rulemaking initiatives in the queue. Broker-dealers, exchanges, and other trading and markets participants can...more
Last month, the Securities and Exchange Commission (SEC) reemphasized just how serious companies must be about maintaining a vigilant cybersecurity posture and procedures to report cyber incidents in a timely manner....more
Amid ongoing federal government shutdown risks and the close of its fiscal year, the U.S. Securities and Exchange Commission's (SEC) Division of Examinations (Exams) recently announced its fiscal year (FY) 2024 priorities....more
The Securities and Exchange Commission (SEC) proposes to amend Regulation Systems Compliance and Integrity (Reg SCI) to update and expand the regulatory oversight of the core technology of the U.S. securities markets.1 The...more
On March 15, 2023, the Securities and Exchange Commission (“SEC”) proposed a new rule concerning cybersecurity risk management as well as updates to Regulations S-P and SCI (Systems Compliance Integrity).[1] With these...more
On March 15, 2023, the United States Securities and Exchange Commission (SEC) took a major step towards strengthening cybersecurity in the financial sector by proposing three new rules. These rules aim to improve privacy,...more
Our 2022 Data Security Incident Response Report discussed the increased regulatory scrutiny of cybersecurity incidents and defenses following a year of high-profile and damaging cyberattacks, including the Russia-based...more
The U.S. Securities and Exchange Commission is implementing a campaign to overhaul the agency’s expectations around cybersecurity and cyber incident reporting for the financial services industry and corporate America...more
Gary Gensler, Chair of the U.S. Securities and Exchange Commission (SEC), signaled a new era of cybersecurity law (and accompanying enforcement) in his keynote address “Cybersecurity and Securities Laws” on January 24, 2022,...more
A significant expansion of rules relating to cybersecurity risks - particularly for the financial sector - is under consideration by the Securities and Exchange Commission (SEC). In public remarks last week, SEC Chair...more
In a speech to the Securities Regulation Institute conference last week, Chair Gary Gensler signaled the SEC may implement more stringent cybersecurity regulations, and in the meantime, would work to enforce existing...more
The Situation: The U.S. Securities and Exchange Commission's ("SEC") Office of Compliance Inspections and Examinations ("OCIE") issued its 2020 examination priorities ("Exam Priorities"). The Result: The Exam Priorities...more
The recently issued Examination Priorities for 2016 reveals that the SEC’s priorities are organized around the same three thematic areas as last year: (i) retail investors, including retirement investments; (ii) market-wide...more
Against the backdrop of a steady stream of cyber-attacks and data breaches, Securities and Exchange Commissioner Luis A. Aguilar recently spoke about his hope to expand upcoming SEC cyber security guidance, known as...more