Photo of Steven M. Malina

Steven M. Malina, a former Senior Attorney in the SEC’s enforcement branch, focuses his practice on a variety of litigation and regulatory matters with representations of financial services industry clients, hedge fund matters, and securities and general commercial litigation. He represents officers, directors, broker-dealers, investment advisors, commercial banks, investment banks, investment management firms, and public issuers in investigations and disciplinary proceedings initiated by the SEC, CFTC, FINRA, FDIC, NYSE, CBOE, CME, and state regulators. In addition, Steve represents clients in related investor class-action, derivative, and other litigation and arbitration. He has also conducted internal investigations on behalf of publicly traded companies and represented committees and executive officers in internal investigations. Steve has represented brokerage firms and their management in customer-initiated cases, and injunction and arbitration proceedings.

Prior to entering private practice, Steve served as First Vice President and Deputy Regional Counsel for a large financial corporation and was a Senior Attorney in the Branch of Enforcement of the U.S. Securities and Exchange Commission.

On July 26, 2023, the Securities and Exchange Commission (SEC) adopted the long-awaited final rule requiring that public companies disclose information about cybersecurity incidents within four business days of determining

Continue Reading SEC Finalizes Cyber Rules for Public Companies: What You Need to Know

On Feb. 7, 2023, the Securities and Exchange Commission’s Division of Examinations announced its 2023 examination priorities. The announcement focuses on six different categories.

Continue reading the full GT Alert.

Continue Reading SEC Announces 2023 Examination Priorities

On Feb. 9, 2022, the SEC released its long-awaited proposed cybersecurity rule, and there’s a lot to unpack. As GT reported previously, the SEC increased enforcement of cybersecurity
Continue Reading SEC Issues Proposed Cyber Rule, Including 48-Hour Breach Reporting Requirement