Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
[Podcast] The FTC Safeguards Rule: A Deep Dive into the Revisions Effective June 9, 2023
On May 15, 2024, the U.S. Securities and Exchange Commission (“SEC”) adopted amendments (the “Amendments”) to Regulation S-P under the Securities Exchange Act of 1934 (the “Exchange Act”), which governs the treatment of...more
The current SEC administration has expressed the view that most crypto assets are offered and sold as securities and has proposed several rules that address “digital asset securities” or “crypto asset securities.” In this...more
The SEC continues its overhaul of cybersecurity, cyber incident reporting, and privacy controls and requirements for industry registrants, their services providers, and corporate America generally. On March 15, 2023, the SEC...more
The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more
Just days after a flurry of crypto-related enforcement actions, the SEC voted to propose the new “Safeguarding Rule” under the Advisers Act, a whopper of a rule proposal which would amend and replace the current Custody Rule...more
The U.S. Securities and Exchange Commission (“SEC”) recently identified cyberthreats as an enforcement priority (see 2021 Examination Priorities). Within months of the Commission’s announcement, the Commission brought three...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
Demonstrating its continued focus on cybersecurity enforcement, the Securities and Exchange Commission (SEC) announced three new actions on Aug. 30 charging eight firms with maintaining deficient cybersecurity policies and...more
On August 30, 2021, the Securities and Exchange Commission (SEC) announced that eight broker-dealers and/or investment advisers will pay civil monetary penalties to resolve enforcement actions arising from cybersecurity...more
• On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its observations in past examinations of weaknesses and best practices...more
On May 23, 2019, the United States Securities and Exchange Commission (“SEC”)’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert entitled “Safeguarding Customer Records and Information in Network...more
When it comes to information security, the Safeguards Rule of Regulation S-P (Safeguards Rule) requires SEC-registered investment advisers and brokers and dealers (Registrants) to adopt written policies and procedures that...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
On April 16, the SEC's Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert outlining issues related to compliance with Regulation S-P that it identified in its inspections of SEC-registered...more
One of the most common things we discuss with clients is the need to ensure that privacy policies accurately reflect the actual procedures in place for handling confidential information. The SEC reiterated that point last...more
As every investment adviser, broker-dealer, and fund (and their lawyer) knows, noncompliance with Regulation S-P, the SEC’s primary rule on privacy notices and safeguard policies, can land a registrant in hot and expensive...more
The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more
In September, we reported that the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for a violation of Rule 30(a) of Regulation S-P (17 C.F.R. 248.30(a))(“Safeguards Rule”) for...more
The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more