Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
[Podcast] The FTC Safeguards Rule: A Deep Dive into the Revisions Effective June 9, 2023
Throughout 2024, financial sector regulators sharpened their focus on data protection and cybersecurity issues impacting financial institutions and the public. Key federal agencies like the Securities and Exchange Commission...more
Amid intense focus on AI and a flurry of consumer privacy law updates, legislative activity has continued to change data breach notification requirements in a variety of ways. Similar to 2023, a handful of changes to...more
Welcome to the Data Privacy and Cybersecurity chapter of our annual report Consumer Financial Services 2023 Year in Review. Looking Ahead to 2024 - Amendments to key rules and regulations will take effect in 2024,...more
On October 30, 2023, the Securities and Exchange Commission (SEC) announced a civil suit against SolarWinds and their chief information security officer (CISO) for fraudulent cybersecurity information. The SEC claims that...more
Cybersecurity is a looming threat for most businesses. The impact of a major cyber event can resonate for weeks, months, and even years after the initial attack. To mitigate the risks to consumers, there have been several...more
The U.S. Securities and Exchange Commission (“SEC”) recently identified cyberthreats as an enforcement priority (see 2021 Examination Priorities). Within months of the Commission’s announcement, the Commission brought three...more
Demonstrating its continued focus on cybersecurity enforcement, the Securities and Exchange Commission (SEC) announced three new actions on Aug. 30 charging eight firms with maintaining deficient cybersecurity policies and...more
On May 23, 2019, the United States Securities and Exchange Commission (“SEC”)’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert entitled “Safeguarding Customer Records and Information in Network...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
As every investment adviser, broker-dealer, and fund (and their lawyer) knows, noncompliance with Regulation S-P, the SEC’s primary rule on privacy notices and safeguard policies, can land a registrant in hot and expensive...more
SEC Chicago Regional Director David Glockner spoke at a PLI Conference in New York on June 6 regarding the SEC’s data security regulations and enforcement efforts. Mr. Glockner acknowledged frustration with the Division of...more
In September, we reported that the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for a violation of Rule 30(a) of Regulation S-P (17 C.F.R. 248.30(a))(“Safeguards Rule”) for...more
Last week, the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for failing to comply with Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a)) (“Safeguards Rule”). The...more
The Securities and Exchange Commission (“SEC”) has sanctioned an investment adviser and fined it $75,000 for failing to “adopt written policies and procedures reasonably designed to protect customer records and information.”...more