Regulation S-P, Cyber Incident Reporting, Data Protection

Tech Moves Fast, the SEC is Trying to Keep Up

Royer Cooper Cohen Braunfeld LLC on 8/2/2024

On May 16, the Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P, aimed at modernizing and enhancing the rules governing the treatment of consumers’ nonpublic personal...more

Understanding the Enhanced Regulation S-P Requirements

Stark & Stark on 6/18/2024

On May 16, 2024, the Securities and Exchange Commission adopted amendments to Regulation S-P, the regulation that governs the treatment of nonpublic personal information about consumers by certain financial institutions....more

A Closer Look at the SEC’s Cybersecurity Rules for Covered Entities and Market Entities

Goodwin on 10/19/2023

The SEC is continuing its campaign to overhaul cybersecurity, cyber incident reporting, and privacy controls and requirements for financial services industry registrants, their service providers, and corporate America...more

SEC’s New Cybersecurity & Tech Proposals Target Gaps in Incident Response and Notification

Akin Gump Strauss Hauer & Feld LLP on 4/3/2023

On March 15, 2023, the U.S. Securities and Exchange Commission (SEC) voted to propose three measures to protect customer information and hold covered institutions accountable for cyberattacks....more

SEC Proposes Cybersecurity Incident Reporting and Broker-Dealer Cyber Risk Management Requirements

Morgan Lewis on 3/30/2023

The US Securities and Exchange Commission (SEC) issued a notice of proposed rulemaking (the Proposal) on March 15 that would require SEC-regulated investment advisers, investment companies, and broker dealers to provide...more

SEC Makes Cybersecurity Top Priority; Sanctions Firms for Cybersecurity Failures

Goodwin on 9/16/2021

There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more

SEC Cybersecurity Update

Proskauer on Privacy on 10/20/2015

Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more

Proactive Approach To Cybersecurity: Recent SEC guidance and enforcement actions suggest that reactive firms may be in the SEC’s...

Morgan Lewis on 10/12/2015

In an environment where even the largest and most powerful corporations have fallen victim to data breaches, it can be challenging to fathom how to protect against the sophisticated and ever-evolving threat of cyber attacks....more

SEC Ramps up Cybersecurity Scrutiny With Examination Priorities and an Enforcement Action

Manatt, Phelps & Phillips, LLP on 10/7/2015

Why it matters - Signaling that it will continue to increase its scrutiny of firms' cybersecurity readiness, the Office of Compliance, Inspections and Examinations of the Securities and Exchange Commission (SEC) issued a...more

The SEC Charges Investment Adviser with Violating Regulation S-P by Failing to Adopt Cybersecurity Policies and Procedures

Foley Hoag LLP - Security, Privacy and the... on 9/28/2015

In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more

SEC Charges Investment Adviser With Failure to Adopt Proper Cybersecurity Policies and Procedures

Broker-Dealer Compliance + Regulation on 9/25/2015

A registered investment adviser agreed to settle SEC charges that it failed to adopt adequate cybersecurity policies and procedures reasonably designed to protect customer records and information as required by Rule 30(a) of...more

Regulation S-P › Cyber Incident Reporting › Data Protection

"My best business intelligence, in one easy email…"