Episode 335 -- The New DOJ Whistleblower Program
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Implications of the SEC Cybersecurity Disclosure Rule
Corruption, Crime and Compliance: SEC Suffers Dismissal of Claims in Solarwinds Securities Fraud Case
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Woody Report: The Solar Winds Dismissal
In That Case: Securities and Exchange Commission v. Jarkesy
Corruption, Crime and Compliance: Deep Dive into The SEC’s Settlement with R&R Donnelly on Cybersecurity Controls
Episode 332 -- Deep Dive into SEC’s Internal Controls and Cybersecurity Settlement with R&R Donnelly
The Justice Insiders Podcast: Jarkesy’s Implications for the Administrative State
DE Under 3: OFCCP Must Shut Down its Administrative Court Prosecutions as a Result of SCOTUS’ SEC Jury Trial Case Decision
Dogecoin’s Day in Court
Unpacking the Lummis-Gillibrand Payment Stablecoin Act: Implications for the Digital Asset Industry — The Crypto Exchange Podcast
Podcast: Is Cryptocurrency a Security (like an orange grove)?
Navigating the Regulatory Waters: The SEC's Wells Notice to Uniswap and its Impact on DeFi — The Crypto Exchange Podcast
Will Resiliency Carry the Digital Asset Sector Through 2024: Federal Legislative Developments and OFAC Consent Orders — The Crypto Exchange Podcast
Compliance into the Weeds: The WACKO Enforcement Action Involving BF Borgers
Meeting the Proposed SEC Climate Disclosure Requirements
Understanding the Whistleblower Pilot Program in the Southern District of New York
2 Gurus Talk Compliance: Episode 26 – The Compliance Week Wrap Up Edition
The SEC recently issued an order and settlement against a company from a pair of cyberattacks in which millions of dollars of client funds were stolen. While the company was able to recover a portion of the funds and...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
What do the SolarWinds ruling and other recent developments mean for the future of the SEC’s cyber regulatory program? Will the SEC’s “lack of moderation” result in “violent ends” for its cyber agenda? Or will the current...more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
On June 18, 2024, the Securities and Exchange Commission (“SEC”) announced a $2.1 million civil penalty settlement of charges against R.R. Donnelley & Sons (“RRD”), a global provider of business communications services and...more
On June 24, the staff of the U.S. Securities and Exchange Commission's (SEC) Division of Corporation Finance (Division of Corporation Finance) released five new Compliance & Disclosure Interpretations (C&DIs) relating to the...more
In the ever-evolving compliance landscape, the recent enforcement action by the Securities and Exchange Commission (SEC) against RR Donnelley is a significant case study. This incident underscores the importance of robust...more
In a significant expansion of internal controls enforcement, the SEC announced a $2.1 million settlement with R.R. Donnelley & Sons Co. (“RRD”) for its handling of a 2021 ransomware attack and resulting disclosure failures. ...more
AT&T Inc. announced in a July 12, 2024, SEC filing that hackers stole a cache of six months’ worth of mobile phone customer data, illegally downloading the records from a workspace account at the cloud-service provider...more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
On May 15, 2024, the SEC announced it would make amendments to Regulation S-P (Reg S-P). This will be the first amendment to the regulation since its adoption 24 years ago in 2000. The regulation focuses on how institutions...more
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach - On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
Who may be interested: Investment Companies; Investment Advisers; Broker-Dealers; Transfer Agents - The SEC adopted amendments to Regulation S-P imposing new data privacy and security requirements on broker-dealers,...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
Intercontinental Exchange, Inc. (ICE), the owner of the New York Stock Exchange, has agreed to settle with the Securities and Exchange Commission (SEC) for $10 million over allegations that it failed to timely notify the SEC...more
Technological advances, especially in Artificial Intelligence and quantum computing, will continue to amaze in the coming years. They will open up vast new opportunities while presenting profound regulatory, litigation, and...more
At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more
On February 1, the Federal Trade Commission (FTC or “the Commission”) announced that it had reached a settlement with Blackbaud, a software company, resolving claims related to a 2020 data breach that resulted in the...more
The General Data Protection Regulation (GDPR) has brought about significant changes in the way organizations handle data protection and privacy. It emphasizes the importance of transparency and honesty in disclosing data...more
On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a...more
On October 30, 2023, the Securities and Exchange Commission filed claims against a software company (the “Company”) and its Chief Information Security Officer for alleged fraud and internal control failures relating to known...more
The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more
The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more