In an unintended consequence of the Securities and Exchange Commission's (SEC) unprecedented rulemaking agenda, a black-hat hacker gang has filed a whistleblower complaint against its victim for not reporting a cybersecurity incident "as mandated" by a Rule reporting requirement that isn't even required yet.
The ransomware gang ALPHV/BlackCat claimed to have hacked publicly traded MeridianLink (NYSE: MLNK), a provider of cloud-based software solutions to financial institutions, in early November. Apparently dissatisfied by the victim's response time, BlackCat posted a ...
In September, the Securities Exchange Commission’s new Cybersecurity Rule for reporting public companies became effective. The SEC Cybersecurity Rule applies to public companies and generally requires (1) disclosure of material cybersecurity incidents on Form 8K within four days, (2) the firm’s risk assessment and management efforts, and (3) management’s involvement and board’s oversight of these issues. It became effective Sept. 5, 2023, but has various compliance dates depending upon particular issues and company size. Exchange Act Release No. 97989 is here.
A panel of the D.C. Circuit recently relied on Lucia and Cochran to enjoin a FINRA regulatory enforcement action pending appeal of an Appointments Clause challenge.
In securities-regulatory enforcement, the Securities Exchange Commission (“SEC”) and its delegates long have had a trinity-like advantage over those it seeks to punish: It is prosecutor, judge, and jury, with home-field advantage. Enabling the Commission, Congress empowered it to prosecute violations of the securities laws and the regulations promulgated under them. The SEC can choose to proceed in federal ...
On August 10, 2023, the Securities Industry and Financial Markets Association (“SIFMA”) – a leading Wall Street industry association – filed suit to enjoin new Missouri regulations requiring investment advisors (“IA’s”) and broker-dealers (“BDs”) there to obtain a prescribed form of client consent, if they use “social” or “nonfinancial” objectives in their investment analysis. The Missouri Rules are unique among the state and federal regulation of investment advisors.
“The new rules, effective July 30, 2023, require financial firms and ...
On June 20, 2023, the Supreme Court granted certiorari to review three questions about the Securities and Exchange Commission’s (SEC’s) administrative courts:
- Do they violate the 7th Amendment’s right to jury trial of actions then known at common-law, rather than “public rights”?
- Do they violate the non-delegation doctrine by enabling statutes giving the SEC discretion to choose to bring enforcement actions in its administrative courts or Article III courts?
- Do the two levels of “for cause” removal protection for SEC ALJs violate Article II by protecting them ...
Last week, a divided Securities and Exchange Commission adopted a set of rule changes requiring next-day (T+1) settlement of most equity trades by May 24, 2024. The suite of rules also require same-day trade allocations and affirmations, and T+2 settlement for firm-commitment underwritings priced after 4:30 p.m. Finally, the rules require clearing agencies providing matching services to work toward fully-automated “straight-through processing,” and to report to the SEC annually on their progress.
Announcing the rules, SEC Chair Gensler noted they were partially in ...
Every year the Financial Institution Regulatory Authority (FINRA) issues its “Report on FINRA’s Examination and Risk Monitoring Program.” The Report covers issues noted during the prior year’s exams and topics that examiners will look for going forward. It also foreshadows where Enforcement is likely to follow.
FINRA continues to improve the format, making it more user-friendly. This year’s Report highlights new material, includes expanded questions to ask about your firm’s activities, describes best practices, and provides resource links.
NEW FOR 2023
On July 27, 2022, FINRA filed a proposed rule change with the SEC that would “modernize” its supervision rule to make permanent pandemic-related temporary exemptions that allowed limited-scope work-from-home (“WFH”) for brokers.
The filing proposes “to adopt new Supplementary Material .19 (Residential Supervisory Location) under FINRA Rule 3110 (Supervision) that would align FINRA’s definition of an office of supervisory jurisdiction (“OSJ”) and the classification of a location that supervises activities at non-branch locations with the existing ...
On June 29, 2022, FINRA released the report of its independent investigation, concluding that allegations of a “secret agreement” to avoid certain arbitrators on an industry lawyer’s cases were untrue.
The allegations were the basis for a Georgia state court’s January 2022, vacatur of an award in favor of a large bank’s brokerage unit. The ruling is pending appeal. Based on the Georgia court’s finding that the Respondents had “manipulated the arbitration process,” FINRA’s Audit Committee commissioned an independent review. The review was led by a Lowenstein ...
In its April 27 Weekly Update, the Financial Industry Regulatory Authority’s (“FINRA”) National Cause and Financial Crimes Detection program urged FINRA member firms to review a cyber-threat alert arising from Russia’s invasion of Ukraine.
The Cybersecurity and Infrastructure Security Administration (“CISA”) issued an April 20, 2022, Advisory warning of increased Russian state-sponsored and criminal cyber threats in retaliation for Western support for resistance to Russia’s invasion of Ukraine. The cybersecurity authorities of Australia, Canada, New ...