On May 21, 2024, U.S. Securities and Exchange Commission Director of the Division of Corporation Finance Erik Gerding issued a statement clarifying when the SEC expects companies to disclose a
Continue Reading SEC Clarifies Confusion Concerning Cybersecurity Incident ReportingCybersecurity
Chief Information Security Officers in SEC Crosshairs: The SolarWinds Case
In a Halloween-eve move sure to send shivers down the spines of every public company’s CISO, on Oct. 30, the SEC filed a securities fraud complaint targeting SolarWinds’ CISO in…
Continue Reading Chief Information Security Officers in SEC Crosshairs: The SolarWinds CaseSEC Finalizes Cyber Rules for Public Companies: What You Need to Know
On July 26, 2023, the Securities and Exchange Commission (SEC) adopted the long-awaited final rule requiring that public companies disclose information about cybersecurity incidents within four business days of determining…
Continue Reading SEC Finalizes Cyber Rules for Public Companies: What You Need to KnowNYDFS Proposes Significant Changes to Its Cybersecurity Regulation
On Nov. 9, 2022, the New York Department of Financial Services (NYDFS) issued a proposed second amendment to its 2017 cybersecurity regulation for financial service companies.[1] In July 2022…
Continue Reading NYDFS Proposes Significant Changes to Its Cybersecurity RegulationFTC Delays Compliance Date of the Safeguards Rule
On Nov. 15, 2022, the Federal Trade Commission (FTC) announced that it is delaying the effective date of its recent amendments to the Safeguards Rule, promulgated under the Gramm-Leach-Bliley Act…
Continue Reading FTC Delays Compliance Date of the Safeguards RuleCFPB Warns Insufficient Data Security Measures May Violate Consumer Financial Protection Act
On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer…
Continue Reading CFPB Warns Insufficient Data Security Measures May Violate Consumer Financial Protection Act
SEC Issues Proposed Cyber Rule, Including 48-Hour Breach Reporting Requirement
On Feb. 9, 2022, the SEC released its long-awaited proposed cybersecurity rule, and there’s a lot to unpack. As GT reported previously, the SEC increased enforcement of cybersecurity…
Continue Reading SEC Issues Proposed Cyber Rule, Including 48-Hour Breach Reporting Requirement
2021 Report on FINRA’s Examination and Risk Monitoring Program
On Feb. 1, 2021, the Financial Regulatory Authority (FINRA) released its 2021 Report on FINRA’s Examination and Risk Monitoring Program (Report), in which it identifies its areas of examination focus…
Continue Reading 2021 Report on FINRA’s Examination and Risk Monitoring Program
SEC Issues No-Action Letter Facilitating the Secondary Trading of Digital Assets
On Sept. 25, 2020, the SEC issued a No-Action Letter to FINRA, in response to a previously issued Joint Statement by the SEC and FINRA. This No-Action Letter detailed how…
Continue Reading SEC Issues No-Action Letter Facilitating the Secondary Trading of Digital Assets
The OCC and SEC’s FinHub Issue Guidance on Fiat-Backed Stablecoin Reserves
On Sept. 21, 2020, the Office of the Comptroller of the Currency (the OCC) issued guidance pertaining to whether national banks could hold stablecoin reserves. That same day, the Securities…
Continue Reading The OCC and SEC’s FinHub Issue Guidance on Fiat-Backed Stablecoin Reserves