Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: SEC

Posted in Social Media

Financial Regulators Finalize Social Media Guidance and Address Industry Questions

The Federal Financial Institutions Examination Council (FFIEC) has released final supervisory guidance on the use of social media by financial institutions. We last reported on the guidance when it was published in draft form in January 2013. The final guidance is substantially similar to the proposal (and we encourage you to read our prior post for more details on the elements of the guidance), but the FFIEC made certain revisions in light of the 81 public comments it received on the proposal.

Posted in Cybersecurity & Data Breaches

SEC and CFTC Propose Identity Theft Red Flags Rules

The FTC Red Flags Rules were not specific to the securities industry and there was some confusion as to which entities were subject to their requirements. This blog entry describes proposed rulesto applyRed Flag rules to certain broker-dealers, investment companies, investment advisers, futures commission merchants, commodity pool operators, introducing brokers, and other SEC- and CFTC-regulated entities

Posted in Cybersecurity & Data Breaches, News & Events

Invitation to Complimentary Webinar on SEC Cybersecurity Disclosure Guidance

On October 31st, Hogan Lovells will present a complimentary webinar exploring the impact of the SEC cybersecurity risk Disclosure Guidance, featuring senior lawyers in the Hogan Lovells Capital Markets and Privacy and Information Management practices, as well as a managing director of Stroz Friedberg LLC, a technology firm assisting clients with digital risks. This blog entry invites readers to register for the webinar.

Posted in Cybersecurity & Data Breaches, Financial Privacy

SEC Issues First-Ever Guidance on Disclosure to Investors of Cybersecurity Risks

On October 13 the Division of Corporate Finance at the US Securities and Exchange Commission issued a Disclosure Guidance that for the first time advises registrants — public companies — to evaluate their cybersecurity risks and, if deemed material, to disclose such risks to investors. This Guidance is likely to lead to public companies performing formal and detailed assessments of the cybersecurity risks, and may lead to shareholder litigation following data security breaches with claims that a company failed to perform the assessment and disclose the risks recommended in the Guidance for complaince with securities disclosure laws.

Posted in Financial Privacy

For First Time, SEC Imposes Fines Based Solely on Privacy Violations

The Securities and Exchange Commission (SEC) announced yesterday that three former executives of GunnAllen Financial, Inc., a Tampa-based broker-dealer, agreed to settle charges that they had violated Regulation S-P by failing to protect confidential information about their customers. This action marked the first time that the SEC had assessed financial penalties against individuals charged solely with violations of Regulation S-P, which requires broker-dealers, investment advisers, and other financial institutions under the SEC’s jurisdiction to protect their customers’ nonpublic personal information and to provide their customers the right to opt out of having their information shared with unaffiliated third parties.