Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more
On October 21, 2024, the Securities and Exchange Commission’s (SEC) Division of Examinations (the Division) published its annual examination priorities for 2025 (2025 Priorities), which focus on certain “practices, products,...more
On October 22, 2024, the SEC charged two current reporting companies, Unisys Corp. and Check Point Software Technologies, and two former public companies, Mimecast Limited and Avaya Holdings Corp., with making materially...more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the...more
Over the past few months, the Securities and Exchange Commission (the "SEC") has issued several warnings to companies to ensure accurate disclosure of the role and risks of artificial intelligence ("AI") in their businesses....more
The SEC, through its Office of Compliance Inspections and Examinations (“OCIE”), recently issued its most detailed cyber guidance to date. OCIE had previously issued several cybersecurity risk alerts over the past few years....more
On January 7, 2020, the Securities and Exchange Commission (“SEC”) released its 2020 examination priorities, an annual report by the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) meant to apprise the public...more
The SEC’s Office of Compliance Inspections and Examinations published a series of observations gleaned from thousands of exams over a period of years. While OCIE’s charge is the inspection of certain SEC registrants the...more
On July 24, 2019, both the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) announced landmark settlements with Facebook. The agreements were significant not only because of the hefty fines...more
Recently, the Financial Industry Regulatory Authority (“FINRA”) and the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) separately issued important guidance regarding customer communications surrounding the...more
Did you know that as an investment advisor you may "own" your clients’ personal data? That’s right; for purposes of Massachusetts’ data privacy regulations, any person or entity that receives, stores, maintains, processes, or...more
Insight into where e-discovery, information governance cybersecurity, and digital transformation are heading – who is doing what now or in the future, what works and what doesn’t, and what people wish they could do but can’t...more
Just when you thought the hazards of cyberfraud couldn’t get worse, the SEC recently issued a Report of Investigation (more on that later) stating that nine recent corporate victims of cyberfraud may have compounded their...more
In an October 16, 2018 investigation report, the Securities and Exchange Commission found that nine companies that suffered Business Email Compromise, or BEC, had insufficient internal controls to prevent such attacks....more
It is a strange combination of events today, but two different agencies released reports on cybersecurity issues that all companies should consider when looking at their systems, controls and checks. The U.S. Department of...more
On September 26, 2018, the United States Securities and Exchange Commission (“SEC”) announced a $1 million settlement with an Iowa-based broker-dealer over allegations that it maintained deficient cybersecurity policies and...more
On February 21, 2018, the Securities and Exchange Commission issued an interpretive release1 providing important guidance to certain registrants on cybersecurity disclosure. Coming on the heels of dozens of high-profile...more
On August 7, 2017 the Securities and Exchange Committee (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released yet another cybersecurity Risk Alert entitled, “Observations from Cybersecurity...more
On April 12, 2016, the U.S. Securities and Exchange Commission (“SEC”) continued its enforcement of reasonable cybersecurity controls, announcing cease and desist proceedings against a broker-dealer and two of its principals...more
The last two months certainly have been eventful in the world of privacy. In this issue of The WSGR Data Advisor, we examine the Court of Justice of the European Union’s recent and highly significant Schrems decision that...more
Investment firm R.T. Jones Capital Equities Management (R.T. Jones) has agreed to settle with the Securities and Exchange Commission (SEC) and pay a $75,000 penalty over charges that it failed to adopt written policies and...more
Recently, the SEC announced that R.T. Jones Capital Equities Management, a St. Louis-based investment adviser, agreed to settle charges that it failed to establish the required cybersecurity policies and procedures before a...more
On September 22, 2015, the Securities and Exchange Commission (SEC) filed a settled administrative proceeding[1] alleging that a registered investment adviser failed to adopt cybersecurity procedures in violation of an SEC...more
Cybersecurity is one of the current hot topics of discussion. Regulators here and abroad have expressed concern regarding cybersecurity. Breaches are periodically reported in the media. Now the SEC has brought its first...more