New Topics and Content Highlight FINRA’s Increased Focus on Cybersecurity, Crypto Assets, Artificial Intelligence, Market Integrity, Off-Channel Communications and Other Key Risk Areas

On January 9, 2024, the Financial Industry Regulatory Authority, Inc. (“FINRA”) published the 2024 FINRA Annual Regulatory Oversight Report (the “Report”), which builds on the structure and content of FINRA’s prior reports

Recently, in advance of the effective date (December 18, 2023), the Director of the SEC’s Division of Corporation Finance provided additional guidance regarding the final rules relating to cybersecurity incident disclosure and cybersecurity risk management, strategy and governance.  The Director noted his remarks were intended to “clear up potential misconceptions.”  The comments reiterate the observations

This practice note provides guidance on the disclosure of cybersecurity risks and incidents that public companies should include in their offering materials and periodic reports filed with the Securities and Exchange Commission (SEC). The practice note explains the SEC’s focus and rulemaking activities on cybersecurity issues, such as the 2018 interpretive guidance on disclosing material

Webinar: November 6, 2023
3:00 p.m. – 4:00 p.m. ET
Register here.

The New York Department of Financial Services (NYDFS) has finalized its cybersecurity regulation for banks, branches and agencies of foreign banks, insurance companies, mortgage loan originators, mortgage loan servicers, mortgage brokers, licensed lenders, sales finance companies, money transmitters and other financial services

August 18, 2023 Webinar

1:00 p.m. – 2:00 p.m. EDT

Register here.

On July 26, 2023, the Securities and Exchange Commission voted to adopt amendments aimed at enhancing and standardizing disclosures related to cybersecurity risks and incidents.  The amendments were first proposed in March 2022 and generated significant comment both as a result of

On July 26, 2023, the U.S. Securities and Exchange Commission (the “SEC”) issued a release, adopting final rules (the “Final Rules”) aimed at standardizing and enhancing disclosure relating to cybersecurity incidents and risk management processes. The SEC had proposed rules (the “Proposed Rules”) on March 9, 2022. The Final Rules reflect the considerable comments received

At an open meeting this morning, the Securities and Exchange Commission voted (with dissenters—see, for example, Commissioner Peirce’s statements) to adopt amendments aimed at enhancing and standardizing disclosures related to cybersecurity risks and incidents.  The amendments were first proposed in March 2022 and generated significant comment both as a result of the prescriptive nature

The Securities and Exchange Commission announced an open meeting to be held on July 26, 2023.  The agenda includes consideration of the final amendments to the rules relating to enhanced and standardized disclosures regarding cybersecurity for public companies.  The amendments were proposed in March 2022 (see our alert on the proposed rules) and were the

Webinar: July 12, 2023

3:00 p.m. – 4:00 p.m. EDT

Register here.

The New York Department of Financial Services (NYDFS) has proposed revisions to its cybersecurity regulation for banks, insurance companies and other financial services companies. The proposal significantly expands requirements for covered entities, including new requirements for larger companies, expanded governance requirements, additional

Public companies should note a recent settlement with the US Securities and Exchange Commission (“SEC”). On March 9, 2023, the SEC announced that Blackbaud Inc. agreed to pay $3 million to settle charges for alleged misleading disclosures about its 2020 ransomware attack and for alleged disclosure control failures. This serves as a reminder for public