On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted amendments augmenting and standardizing required disclosures for public companies related to cybersecurity. The rules apply to all registrants, and includes comparable requirements of foreign private issuers. The rules reflect several changes to elements described in the 2022 proposed rule and in previous guidance.
On December 8, 2022, the Division of Corporation Finance within the Securities and Exchange Commission (“SEC”) published guidance on disclosure obligations related to recent disruptions in the crypto asset market. The Sample Letter to Companies Regarding Recent Developments in Crypto Asset Markets aims to improve compliance with disclosure obligations under SEC regulations.
Federal law requires
On August 30, 2021, the Securities and Exchange Commission (SEC) sanctioned eight firms in three actions for cybersecurity failures in their policies and procedures that exposed the personal information of thousands of customers at each firm. These firms included: Cetera Advisor Networks LLC, Cetera Investment Services LLC, Cetera Financial Specialists LLC, Cetera Advisors LLC,
On February 21, 2018, the Securities and Exchange Commission (SEC) published a release entitled “Commission Statement and Guidance on Public Company Cybersecurity Disclosures” (“Release”). Designed to assist public companies in preparing disclosures concerning cybersecurity risk and incidents, the release expands upon the SEC’s previous guidance in 2011 to emphasize particular areas, including board
On August 7 2017, the U.S. Securities and Exchange Commission (SEC), through its Office of Compliance Inspections and Examinations (OCIE), published a Risk Alert summarizing observations on how broker dealers, investment advisers, and investment companies have addressed cybersecurity issues. The OCIE examined 75 financial firms registered with the SEC. The examinations focused on the firms’
