SEC's New Cybersecurity Appointment And What It Tells Us
|
|
- Jesse Summers
- 7 years ago
- Views:
Transcription
1 Portfolio Media. Inc. 111 West 19 th Street, 5th Floor New York, NY Phone: Fax: SEC's New Cybersecurity Appointment And What It Tells Us Law360, New York (July 6, 2016, 12:02 PM ET) -- The U.S. Securities and Exchange Commission announced last month both the creation of a new position senior adviser to the chair for cybersecurity policy as well as the first incumbent of that role Christopher R. Hetner. Amid increasing global concerns over data privacy and security practices, and frequent indications from the SEC that cybersecurity remains a priority, this move comes as no surprise, but will likely impact the financial industry. In his capacity as senior adviser, Hetner will report directly to SEC Chairwoman Mary Jo White on all matters related to cybersecurity policy. The SEC press release described Hetner s senior adviser responsibilities as threefold: (1) coordinating efforts across the SEC to address cybersecurity policy, (2) engaging with external stakeholders, and (3) further enhancing the commission s mechanisms for assessing broad-based market risk.[1] Hetner has more than 20 years of experience in information technology and security. In addition, he holds several industry-leading certifications, including the CISSP (Certified Information Systems Security Professional), the NSA INFOSEC (National Security Agency Information Security) Assessment Certification, and the CISM (Certified Information Security Manager). He is not a lawyer, and is thus representative of the broader trend within the commission of hiring substantive subject-matter experts (such as economic analysts and experts in complex financial products) who can assist others, including enforcement attorneys, in identifying potential areas of investigation. Phyllis Sumner Matt Baughman The creation of the cybersecurity policy senior adviser position, coupled with Hetner s substantial industry experience, will almost certainly affect SEC-regulated entities with respect to enforcement actions. The SEC will also likely undertake housekeeping measures to strengthen commission information security policies, practices and infrastructure both internally and externally, further altering the landscape for financial firms. Implications for the Financial Industry Nick Oldham The creation of the new senior adviser for cybersecurity policy at the SEC will likely have significant and immediate consequences for the financial industry, including an uptick in the number of cybersecurity investigations pursued by the SEC, as well as the nature of those investigations. In light of increased
2 scrutiny on SEC-regulated entities, it is also possible that the commission will issue further cybersecurity guidance. Increased Cybersecurity Enforcement Activity The SEC, along with other governmental agencies, is increasingly focused on cybersecurity issues in the financial industry. About two weeks ago, White described cybersecurity as one of the greatest risks facing the financial services industry and will be for the foreseeable future in testimony before the Senate Appropriations subcommittee.[2] She also told the subcommittee that the SEC would continue to bolster its risk-based approach to examinations of registered entities, including broker-dealers and investment advisers. Lest you think the commission will not make good on its promise to crack down on cybersecurity violators, consider this: when the SEC makes a point of putting its considerable resources to work for a particular end, and takes concrete steps in that direction, the commission tends to get results. Take the SEC Office of the Whistleblower, for example. For some 20 years, the SEC operated the precursor to today s whistleblower program, the much more limited Bounty Program, which resulted in few whistleblower tips to the commission and even fewer monetary payments to individuals. With the advent of a new SEC whistleblower program in 2010, put in place as a result of the Dodd-Frank Wall Street Reform and Consumer Protection Act, the SEC prioritized the collection of information from whistleblowers, as well as financially rewarding those whistleblowers whose tips pay off in the form of million-dollar-plus enforcement actions. Although some criticized the commission for what they argued was a slow start after the creation of the new whistleblower program, the Office of the Whistleblower is now active and has achieved significant results. A quick look at the office s web page reveals numerous splashy news titles of recent whistleblower awards, including the largest such award ever distributed by the commission that soar into the many millions of dollars.[3] Some might argue that the commission has gotten a slow start in the cybersecurity sphere as well. However, the SEC has already been ramping up cybersecurity enforcement over the past few years and is quickly gaining momentum. In 2015, for example, the SEC s Office of Compliance Inspections and Examinations conducted its second cybersweep, in which it examined 57 broker-dealers and 49 investment advisers for compliance with relevant legal and regulatory cybersecurity requirements. And White indicated that the commission is already building off the success of that cybersweep: she told the Senate Appropriations subcommittee that [t]his year s efforts will involve more testing to assess firms' preparedness and implementation of firms procedures and controls. In fact, just days after publicizing Hetner s appointment, the SEC announced Morgan Stanley s agreement to pay a $1 million penalty to settle charges related to the company s failures to protect confidential customer information in violation of the Safeguards Rule.[4] There is no doubt that the new emphasis on cybersecurity at the commission will lead to more numerous and larger investigations of SEC-regulated entities that focus on cybersecurity issues. Where regulatory resources lead, enforcement activity is sure to follow. SEC Cybersecurity Guidance For public company issuers, the SEC s Division of Corporation Finance first sought to clarify the disclosure requirements of securities issuers related to cybersecurity risks and incidents in 2011.[5]
3 Notably, the 2011 guidance is considered the most concrete action taken by the commission staff to put issuers on notice that cybersecurity breaches could and often do trigger a duty to disclose. Despite the 2011 guidance, public companies still struggle with disclosure requirements almost five years later. One potential result of the new senior adviser position would be the issuance of additional guidance from the staff in this area, which many would welcome. During the 2015 calendar year, the commission staff issued additional guidance to registered investment advisers and investment companies. The SEC s Division of Investment Management released a cybersecurity guidance update in April 2015 that contained measures for consideration by advisers and funds to address cybersecurity risk.[6] In addition to formal guidance issued to registered broker-dealers, the OCIE s 2014 and 2015 cybersweeps provide insight into the commission s cybersecurity examination priorities as well as the weaknesses identified by OCIE staff across the financial sector. The 2015 cybersweep, for example, revealed that 84 percent of broker-dealers, and a paltry 32 percent of investment advisers, perform cybersecurity risk assessments of vendors with access to the firms networks. SEC-registered entities would be wise to take notice of the findings from the cybersweeps, and confirm their own compliance where relevant. Changes to SEC Security Practices The timing of Hetner s appointment does not appear to be coincidental. The SEC announced its new senior adviser for cybersecurity policy position only a month after an April 2016 Government Accountability Office report highlighted continuing weaknesses with the security of the SEC s financial data.[7] The GAO determined that the SEC resolved five of 20 previously reported information security control deficiencies. However, the report also found that, despite progress, the SEC had yet to fully address the remaining 15 previously reported weaknesses. As a result of the audit, the GAO recommended that White direct the SEC s chief information officer to take six actions to better manage the Commission s information security program: (1) Review and appropriately update information technology and guidance consistent with SEC policy; (2) Document artifacts that support recommendation closure consistent with SEC policy; (3) Document a comprehensive physical inventory of the systems and applications in the production environment; (4) Review and update current configuration baseline settings for the operating systems; (5) Provide personnel appropriate access to continuous monitoring reports and tools to monitor, evaluate and remedy identified weaknesses; (6) Institute a process and assign the necessary personnel to review information produced by the vulnerability scanning tools to monitor, evaluate and remedy identified weaknesses. Given the potential consequences of mismanaged information security at the commission and in an effort to avoid repeated chastising for failure to resolve identified IT security weaknesses the SEC will certainly continue to address these deficiencies. The GAO directed the content of its report primarily
4 toward the SEC s chief information officer; but, of course, the senior adviser for cybersecurity policy did not exist at the time of the report s release. One can assume that, given Hetner s expertise, he will also play a key role in strengthening the commission s internal and external information security programs. Conclusion It is clear that the 21st century SEC is here to stay. The commission has invested substantial resources into the creation of state-of-the-art information gathering and data analytics systems that are used to flag suspicious trading, identify problematic accounting practices, and focus on investments yielding outlier results. Cybersecurity is a natural investigatory focus for the commission staff, not just for registered entities but also for public companies whose cybersecurity practices the staff is increasingly scrutinizing. At the same time, criticisms of the commission s own IT infrastructure have particular bite, if only because the commission has placed such a high priority on formulating sophisticated methods of slicing and dicing the huge amounts of potentially sensitive financial information collected from public companies, registered entities and exchanges. Whether to put its own house in order, or to further its investigatory aims, the SEC is certain to stay focused on cybersecurity issues for the foreseeable future. And that focus will doubtless lead to increased investigations and enforcement activity in this developing space. By Phyllis Sumner, Matt Baughman, Nick Oldham and Bailey Langner, King & Spalding LLP Phyllis Sumner is a partner in King & Spalding's Atlanta office and leads the firm s data, privacy and security practice. She is a former assistant U.S. attorney for the Northern District of Illinois and the Northern District of Georgia. Matt Baughman is a partner in the firm's Atlanta office and a former SEC enforcement attorney. Nick Oldham is a counsel in King & Spalding's Washington, D.C., office. He is a former counsel for cyberinvestigations for the DOJ s National Security Division and a former assistant U.S. attorney in the Northern District of Georgia. Bailey Langner is an associate in the firm's San Francisco office. The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice. [1] SEC Names Christopher Hetner as Senior Advisor to the Chair for Cybersecurity Policy, Press Release, June 2, 2016, available at [2] Chair Mary Jo White, Testimony on Oversight of the U.S. Securities and Exchange Commission, before the Committee on Banking, Housing, and Urban Affairs, United States Senate (June 14, 2016), available at [3] See Welcome to the Office of the Whistleblower, Latest News, U.S. Securities and Exchange Commission, (last visited June 22, 2016). [4] SEC: Morgan Stanley Failed to Safeguard Customer Data, Press Release, U.S. Securities and Exchange Commission (June 8, 2016), available at
5 [5] CF Disclosure Guidance: Topic No. 2 Cybersecurity ( 2011 SEC Guidance ), U.S. Securities and Exchange Commission, Division of Corporate Finance (Oct. 13, 2011), available at [6] Cybersecurity Guidance ( 2015 SEC Guidance ), Guidance Update, U.S. Securities and Exchange Commission, Division of Investment Management (April 2015), available at [7] Information Security: Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data, Report to the Chair, U.S. Securities and Exchange Commission, U.S. Government Accountability Office, April 2016, available at Security. All Content , Portfolio Media, Inc.
SEC Cybersecurity Findings May Establish De Facto Standard
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com SEC Cybersecurity Findings May Establish De Facto
More informationSEC Focus On Administrative Proceedings: Midyear Checkup
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com SEC Focus On Administrative Proceedings: Midyear Checkup
More informationGuide to Pcaob Inspections
Guide to Pcaob Inspections october 2012 Since 2002, a new regulator, the Public Company Accounting Oversight Board (PCAOB), has had responsibility for overseeing auditors of public companies. Regular inspections
More informationOCIE CYBERSECURITY INITIATIVE
Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.
More informationReforms To FINRA's Examination Program are Focused on Fraud Detection: What Does this Mean for Those Who are the Subject ofa FINRA Inquiry?
Reforms To FINRA's Examination Program are Focused on Fraud Detection: What Does this Mean for Those Who are the Subject ofa FINRA Inquiry? By Sylvia Scott Since the financial crisis, the Madoff and Stanford
More informationHow To Protect Your Cybersecurity From Cyber Incidents
SEC ENFORCEMENT The SEC s Two Primary Theories in Cybersecurity Enforcement Actions By Daniel F. Schubert, Jonathan G. Cedarbaum and Leah Schloss WilmerHale Cyber attacks are increasingly common and affect
More informationClient Alert. SEC Proposes Rules for Implementing the Whistleblower Program Established by the Dodd-Frank Act; Comments Due December 17, 2010
Contact Attorneys Regarding This Matter: Joseph Alley Jr. 404.873.8688 - direct 404.873.8689 - fax joseph.alley@agg.com Aaron M. Danzig 404.873.8504 - direct 404.873.8505 - fax aaron.danzig@agg.com Robert
More informationCYBERSECURITY EXAMINATION SWEEP SUMMARY
This Risk Alert provides summary observations from OCIE s examinations of registered broker-dealers and investment advisers, conducted under the Cybersecurity Examination Initiative, announced April 15,
More informationSEC update: Cybersecurity initiatives. SEC update: Cybersecurity initiatives. Intelligize // 02
Intelligize // 02 As is tradition, at the beginning of the year, the U.S. Securities and Exchange Commission outlined both its current state of affairs and annual goals for maintaining proper compliance
More informationSecurities and Futures & Derivatives Alert
Securities and Futures & Derivatives Alert April 25, 2013 SECURITIES SEC and CFTC Issue Identity Theft Red Flags Rules I. Introduction On April 10, 2013, the Securities and Exchange Commission (SEC) and
More information10 Important Aspects Of The CFTC Whistleblower Program
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com 10 Important Aspects Of The CFTC Whistleblower Program
More informationGAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement
GAO For Release on Delivery Expected at time 1:00 p.m. EDT Thursday, April 19, 2007 United States Government Accountability Office Testimony Before the Subcommittee on Emerging Threats, Cybersecurity,
More informationWhistleblower Claims: Are You Covered?
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Whistleblower Claims: Are You Covered? Law360, New
More informationThe SEC's New Whistleblower Program: What It Means for Companies and How to Respond. July 22, 2011
The SEC's New Whistleblower Program: What It Means for Companies and How to Respond July 22, 2011 Agenda Introduction Presentation Questions and Answers (anonymous) Slides now available on front page of
More informationIFIAR 2015 Member Profile - PCAOB
Jurisdiction United States of America (USA) 1. Organization Insert the name of the Organization, both in the local language and in English: Public Company Accounting Oversight Board ( PCAOB ) Include relevant
More informationWhat The OMB Cybersecurity Proposal Does And Doesn't Do
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com What The OMB Cybersecurity Proposal Does And Doesn't
More informationCybersecurity..Is your PE Firm Ready? October 30, 2014
Cybersecurity..Is your PE Firm Ready? October 30, 2014 The Panel Melinda Scott, Founding Partner, Scott Goldring Eric Feldman, Chief Information Officer, The Riverside Company Joe Campbell, CTO, PEF Services
More informationSemiannual Report to Congress. Office of Inspector General
Semiannual Report to Congress Office of Inspector General Federal Election Commission 999 E Street, N.W., Suite 940 Washington, DC 20463 April 1, 2005 September 30, 2005 November 2005 TABLE OF CONTENTS
More informationNovember 16, 2011. The Honorable Elisse B. Walter Member United States Securities and Exchange Commission 100 F Street NE Washington, DC 200549
November 16, 2011 The Honorable Elisse B. Walter Member United States Securities and Exchange Commission 100 F Street NE Washington, DC 200549 Re: Underwriters and Financial Advisors Dear Commissioner
More informationAlert Memo. SEC Proposes Rules for Whistleblower Program
Alert Memo NOVEMBER 5, 2010 SEC Proposes Rules for Whistleblower Program On November 3, 2010, the SEC voted unanimously to propose rules governing a whistleblower program to reward individuals who provide
More informationOne Hundred Thirteenth Congress of the United States of America
S. 2519 One Hundred Thirteenth Congress of the United States of America AT THE SECOND SESSION Begun held at the City of Washington on Friday, the third day of January, two thous fourteen An Act To codify
More informationPaging Providers, CMS Changes To Stark Law May Help You
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Paging Providers, CMS Changes To Stark Law May Help
More informationKey Takeaways From The SEC's Whistleblower Report
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Key Takeaways From The SEC's Whistleblower Report
More informationCybersecurity and the Threat to Your Company
Why is BIG Data Important? March 2012 1 Cybersecurity and the Threat to Your Company A Navint Partners White Paper September 2014 www.navint.com Cyber Security and the threat to your company September
More informationNine Network Considerations in the New HIPAA Landscape
Guide Nine Network Considerations in the New HIPAA Landscape The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Omnibus Final Rule, released January 2013, introduced some significant
More informationCybersecurity For Brokers: 'Only The Paranoid Survive'
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Cybersecurity For Brokers: 'Only The Paranoid Survive'
More informationThe Problems With SEC s Cybersecurity Approach
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com The Problems With SEC s Cybersecurity Approach Law360,
More informationUnprecedented Hacking and Trading Scheme Highlights Important Cybersecurity Lessons
Securities Enforcement and Data, Privacy & Security Practice Groups August 21, 2015 Unprecedented Hacking and Trading Scheme Highlights Important Cybersecurity Lessons DOJ and SEC charge hackers and traders
More informationPresidential Summit Reveals Cybersecurity Concerns, Trends
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Presidential Summit Reveals Cybersecurity Concerns,
More informationCHARTER. the performance of the Company s internal audit function and independent auditor; and
DISCOVERY COMMUNICATIONS, INC. AUDIT COMMITTEE OF THE BOARD OF DIRECTORS CHARTER I. Purpose/Overview There will be a committee of the Board of Directors (the Board ) of Discovery Communications, Inc. (the
More informationQUANTUM MATERIALS CORP. AUDIT COMMITTEE CHARTER
QUANTUM MATERIALS CORP. AUDIT COMMITTEE CHARTER Purpose The role of the Audit Committee is to oversee the accounting and financial reporting processes of the Company and the audits of the financial statements
More informationSEC Adopts Rules on Compliance Programs for Funds & Advisers
Investment Management Group Legal Update: SEC Adopts Rules on Compliance Programs for Funds & Advisers If you have questions or would like additional information on the material presented herein, please
More informationA Shield For Accounting Firm Docs Under PCAOB Inspection
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com A Shield For Accounting Firm Docs Under PCAOB Inspection
More informationFS Regulatory Brief SEC Proposes Amendments to Broker- Dealer Financial Reporting Rule
SEC Proposes Amendments to Broker- Dealer Financial Reporting Rule Amendments call for brokerdealers assertion of compliance with the Financial Responsibility Rules, new reviews by independent auditors,
More informationCo-Location Takeaways From The NYSE Settlement
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Co-Location Takeaways From The NYSE Settlement Law360,
More informationPRIORITIZING CYBERSECURITY
April 2016 PRIORITIZING CYBERSECURITY Five Investor Questions for Portfolio Company Boards Foreword As the frequency and severity of cyber attacks against global businesses continue to escalate, both companies
More informationSEC Finalizes Investment Adviser Pay-to-Play Rules
July 2010 SEC Finalizes Investment Adviser Pay-to-Play Rules BY LAWRENCE J. HASS & MATTHEW NADWORNY On June 30, 2010, the Securities and Exchange Commission (the SEC ) voted unanimously to adopt new Rule
More informationOECD GUIDELINES FOR PENSION FUND GOVERNANCE
OECD GUIDELINES FOR PENSION FUND GOVERNANCE These Guidelines were approved by the Working Party on Private Pensions on 5 June 2009. OECD GUIDELINES FOR PENSION FUND GOVERNANCE 1 I. GOVERNANCE STRUCTURE
More informationDodd-Frank Act Provides Rewards for Whistleblowers Who Report FCPA Violations
September 2010 Dodd-Frank Act Provides Rewards for Whistleblowers Who Report FCPA Violations BY MORGAN J. MILLER, SARA A. MURPHY & RUSSELL D. JOHNSON On July 21, 2010, President Obama signed into law the
More informationSan Francisco, California WEDNESDAY, NOVEMBER 12, 2014 (All times Pacific Standard Time)
9:00 am 9:05 am Welcome and Introduction Presented by Mark D. Perlow and Richard M. Phillips Mr. Phillips concentrates his practice in securities regulation, particularly SEC enforcement, investment management
More informationSears Hometown and Outlet Stores, Inc. Audit Committee of the Board of Directors Charter
Sears Hometown and Outlet Stores, Inc. Audit Committee of the Board of Directors Charter Purpose The Audit Committee is appointed by the Board of Directors (the Board ) of Sears Hometown and Outlet Stores,
More informationFINANCIAL REFORM LEGISLATION OFFERS WHISTLEBLOWERS LUCRATIVE INCENTIVES AND ROBUST PROTECTION. Philip H. Hilder 1 Sunida A.
FINANCIAL REFORM LEGISLATION OFFERS WHISTLEBLOWERS LUCRATIVE INCENTIVES AND ROBUST PROTECTION Philip H. Hilder 1 Sunida A. Louangsichampa 2 The Dodd-Frank Wall Street Reform and Consumer Protection Act
More informationS. 2519 AN ACT. To codify an existing operations center for cybersecurity.
TH CONGRESS D SESSION S. 1 AN ACT To codify an existing operations center for cybersecurity. 1 Be it enacted by the Senate and House of Representa- tives of the United States of America in Congress assembled,
More informationUnited States General Accounting Office GAO. High-Risk Series. February 1995. Farm Loan Programs GAO/HR-95-9
GAO United States General Accounting Office High-Risk Series February 1995 Farm Loan Programs GAO/HR-95-9 GAO United States General Accounting Office Washington, D.C. 20548 Comptroller General of the
More informationCompliance and Ethics at the Federal Reserve Bank of New York
Compliance and Ethics at the Federal Reserve Bank of New York Operational Risk and Internal Audit Course Marina Adams, Compliance Officer and AVP David K. Clune, Compliance and Ethics Officer Kevin White,
More informationTHE NEW YORK TIMES COMPANY AUDIT COMMITTEE CHARTER (Last amended February 21, 2013)
THE NEW YORK TIMES COMPANY AUDIT COMMITTEE CHARTER (Last amended February 21, 2013) Purpose and Responsibilities of the Committee The Board of Directors of The New York Times Company (the Company ) has
More informationBrexit: Corporate Communications And UK Election Laws
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Brexit: Corporate Communications And UK Election Laws
More informationWhat is Independent Knowledge?
DODD-FRANK ALERT DECEMBER 2010 SEC Proposes Dodd-Frank Whistleblower Rules New York Office 2 Park Avenue New York, New York 10016 Phone: (212) 592-1400 Fax: (212) 592-1500 Princeton Office 210 Carnegie
More informationIncreased Regulatory Focus on Cybersecurity Underscores Need for Public Companies to Review Cybersecurity-Related Disclosures
Increased Regulatory Focus on Cybersecurity Underscores Need for Public Companies to Review Cybersecurity-Related Disclosures March 11, 2014 I. RECENT FOCUS ON CYBERSECURITY As a result of recent highly-publicized
More informationWhite Paper on Financial Industry Regulatory Climate
White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during
More informationEFFECT OF THE SARBANES-OXLEY ACT OF 2002
EFFECT OF THE SARBANES-OXLEY ACT OF 2002 August 15, 2002 President Bush signed the Sarbanes-Oxley Act of 2002 (the Act ) into law on July 30, 2002, after numerous business and accounting scandals had rocked
More informationGAO GOVERNMENTWIDE TRAVEL MANAGEMENT. Views on the Proposed Travel Reform and Savings Act
GAO For Release on Delivery Expected at 9:30 a.m. Tuesday July 9, 1996 United States General Accounting Office Testimony Before the Subcommittee on Government Management, Information and Technology Committee
More informationHEWLETT-PACKARD COMPANY BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER
HEWLETT-PACKARD COMPANY BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER I. Purpose and Authority The purpose of the Audit Committee (the Committee ) of the Board of Directors (the Board ) of Hewlett-Packard
More informationFIRST CITIZENS BANCSHARES, INC. FIRST-CITIZENS BANK & TRUST COMPANY CHARTER OF THE JOINT AUDIT COMMITTEE
FIRST CITIZENS BANCSHARES, INC. FIRST-CITIZENS BANK & TRUST COMPANY CHARTER OF THE JOINT AUDIT COMMITTEE As amended, restated, and approved by the Boards of Directors on July 28, 2015 This Charter sets
More informationBUREAU OF CONSUMER FINANCIAL PROTECTION. Request for Information Regarding Scope, Methods, and Data Sources for
Billing Code: 4810-AM-P BUREAU OF CONSUMER FINANCIAL PROTECTION [Docket No. CFPB-2012-0017] Request for Information Regarding Scope, Methods, and Data Sources for Conducting Study of Pre-Dispute Arbitration
More informationChanges to Broker-Dealer Reporting & Auditing
Background The Sarbanes-Oxley Act of 2002 created the Public Company Accounting Oversight Board (PCAOB) and required that auditors of U.S. public companies be subject to external, independent oversight
More informationCybersecurity for Nonprofits: How to Protect Your Organization's Data While Still Fulfilling Your Mission. June 25, 2015
Cybersecurity for Nonprofits: How to Protect Your Organization's Data While Still Fulfilling Your Mission June 25, 2015 1 Your Panelists Kenneth L. Chernof Partner, Litigation, Arnold & Porter LLP Nicholas
More informationMost registered investment advisers have now been
By Nabil Sabki and Nadia Sager Private funds are issuers that rely on the Section 3(c)(1) or 3(c)(7) exemptions from registration as investment companies under the Investment Company Act of 1940. Private
More informationEPA Needs to Improve Security Planning and Remediation of Identified Weaknesses in Systems Used to Protect Human Health and the Environment
U.S. ENVIRONMENTAL PROTECTION AGENCY OFFICE OF INSPECTOR GENERAL Information Technology EPA Needs to Improve Security Planning and Remediation of Identified Weaknesses in Systems Used to Protect Human
More informationCONDUCTING A RISK ASSESSMENT
CONDUCTING A RISK ASSESSMENT This article should be read in conjunction with the attached Risk Identification Questionnaire and Sample Risk Identification & Assessment Chart. Many firms are preparing for
More informationGeorgia Society of CPAs North Perimeter Chapter A 2015 User Guide for Employers
Georgia Society of CPAs North Perimeter Chapter A 2015 User Guide for Employers Presented by: AGG s Employment Law and Securities and Corporate Governance Teams February 17, 2015 How to Prepare for the
More informationInvestment Advisers Act of 1940
Investment Advisers Act of 1940 Robert Bramnik August 2014 2014 Duane Morris LLP. All Rights Reserved. Duane Morris is a registered service mark of Duane Morris LLP. Duane Morris Firm and Affiliate Offices
More informationCOUPONS.COM INCORPORATED CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS
COUPONS.COM INCORPORATED CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS I. STATEMENT OF POLICY This Charter specifies the authority and scope of the responsibilities of the Audit Committee (the
More informationCVS HEALTH CORPORATION A Delaware corporation (the Company ) Audit Committee Charter Amended as of September 24, 2014
CVS HEALTH CORPORATION A Delaware corporation (the Company ) Audit Committee Charter Amended as of September 24, 2014 Purpose The Audit Committee (the Committee ) is created by the Board of Directors of
More informationClient Alert July 27, 2010
Corporate Compliance North America Client Alert July 27, 2010 For additional information, please see our Dodd-Frank Wall Street Reform And Consumer Protection Act website at http://www.bakermckenzie.com/
More informationSecurities Litigation ADVISORY
Securities Litigation ADVISORY SEC Approves Final Rule for Whistleblower Provisions of Dodd-Frank Act 1 June 8, 2011 The Dodd-Frank Wall Street Reform and Consumer Protection Act (the Dodd-Frank Act ),
More informationWhich Describes Your Cybersecurity Program Eager Beaver or Deer in Headlights? October 29, 2015
Which Describes Your Cybersecurity Program Eager Beaver or Deer in Headlights? October 29, 2015 What you will learn. How to apply the results from The Office of Compliance Inspections and Examinations
More informationSTATEMENT OF JOHN E. MCCOY II DEPUTY ASSISTANT INSPECTOR GENERAL FOR AUDITS U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE
STATEMENT OF JOHN E. MCCOY II DEPUTY ASSISTANT INSPECTOR GENERAL FOR AUDITS U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM SUBCOMMITTEE ON GOVERNMENT ORGANIZATION,
More informationZero Deficiencies: Closing the Gap
Zero Deficiencies: Closing the Gap By Francois Cooke July 2012 INTRODUCTION Broker-dealers face constant regulatory risks that continue to increase. These risks have short-term and long-term ramifications.
More informationFS Regulatory Brief. How the SEC s Custody Rule Impacts Private Fund Advisers. Introduction. The Custody Rule: An overview
How the SEC s Custody Rule Impacts Private Fund Advisers Introduction Under the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank, or the Act ) and rules recently adopted by the Securities
More informationCenter for Audit Quality Update
Center for Audit Quality Update Cindy Fornelli Executive Director, The Center for Audit Quality AICPA Conference on Current SEC and PCAOB Developments Washington, DC December 9, 2013 Thank you. I will
More informationClient Update SEC Releases Updated Cybersecurity Examination Guidelines
Client Update September 18, 2015 1 Client Update SEC Releases Updated Cybersecurity Examination Guidelines NEW YORK Jeremy Feigelson jfeigelson@debevoise.com Jim Pastore jjpastore@debevoise.com David Sarratt
More informationDISTRICT OF COLUMBIA RETIREMENT BOARD Position Vacancy Announcement
DISTRICT OF COLUMBIA RETIREMENT BOARD Position Vacancy Announcement ANNOUNCEMENT NO: 20130411 POSITION: Security Administrator OPENING DATE: April 11, 2013 CLOSING DATE: Open until filled TOUR OF DUTY:
More informationCHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF ARMSTRONG FLOORING, INC. ADOPTED AS OF MARCH 30, 2016
CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF ARMSTRONG FLOORING, INC. ADOPTED AS OF MARCH 30, 2016 I. PURPOSE OF THE COMMITTEE The purpose of the Audit Committee (the Committee ) of the
More informationSEC Requests Additional Information on Conduct Standards for Broker-Dealers and Investment Advisers
CURRENT ISSUES RELEVANT TO OUR CLIENTS MARCH 18, 2013 SEC Requests Additional Information on Conduct Standards for Broker-Dealers and Investment Advisers In 2010 the Dodd-Frank Wall Street Reform and Consumer
More informationFINRA Publishes its 2015 Report on Cybersecurity Practices
Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February
More informationCHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS
CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS PURPOSE The Audit Committee (the Audit Committee ) is appointed by the Board of Directors (the Board ) of NVIDIA Corporation, a Delaware corporation
More informationRe: FINRA Regulatory Notice 13-42: FINRA Requests Comments on a Concept Proposal to Develop the Comprehensive Automated Risk Data System
Ms. Marcia E. Asquith Office of the Corporate Secretary FINRA 1735 K Street, NW Washington, DC 20006 Re: FINRA Regulatory Notice 13-42: FINRA Requests Comments on a Concept Proposal to Develop the Comprehensive
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationSEC s Proposed Rules for Implementing Dodd-Frank Whistleblower Provisions: Important Implications for Employers. November 12, 2010
SEC s Proposed Rules for Implementing Dodd-Frank Whistleblower Provisions: Important Implications for Employers November 12, 2010 The Securities and Exchange Commission (SEC) has proposed rules to implement
More informationSMALL BUSINESS ADMINISTRATION. Review of 7(a) Guaranteed Loans to Select Franchisees. Report to Congressional Requesters
United States Government Accountability Office Report to Congressional Requesters September 2013 SMALL BUSINESS ADMINISTRATION Review of 7(a) Guaranteed Loans to Select Franchisees GAO-13-759 September
More informationResearch Analyst Regulation 1 February 2012
Research Analyst Regulation 1 February 2012 Meeting of the SEC Advisory Committee on Small and Emerging Companies Brad Gude Special Counsel Office of Trading Practices, Division of Trading and Markets
More informationSEC s Final Rules for Implementing Dodd-Frank Whistleblower Provisions: Important Implications for Covered Entities. May 25, 2011
SEC s Final Rules for Implementing Dodd-Frank Whistleblower Provisions: Important Implications for Covered Entities May 25, 2011 Today, the Securities and Exchange Commission (SEC or Commission) voted
More informationNATIONAL CYBERSECURITY PROTECTION ACT OF 2014
PUBLIC LAW 113 282 DEC. 18, 2014 NATIONAL CYBERSECURITY PROTECTION ACT OF 2014 VerDate Mar 15 2010 21:01 Feb 12, 2015 Jkt 049139 PO 00282 Frm 00001 Fmt 6579 Sfmt 6579 E:\PUBLAW\PUBL282.113 PUBL282 128
More informationAmerica s New Cybersecurity Framework: Help or New Source of Exposure?
America s New Cybersecurity Framework: Help or New Source of Exposure? BY BEHNAM DAYANIM, RYAN NIER & ELIZABETH DORSI March 2014 Data theft is on the rise, and the federal government is concerned. In 2013
More information2. What do people mean when they say "Sarbanes-Oxley"?
SARBANES-OXLEY: WHAT IT MEANS TO NONPROFITS Marcus S. Owens Caplin & Drysdale, Chartered One Thomas Circle, NW, Suite 1100 Washington, DC 20005 202-862- 5020/mso(a),capdale.com 1. Introduction On July
More informationMajor IT Projects: Continue Expanding Oversight and Strengthen Accountability
Secretary of State Audit Report Jeanne P. Atkins, Secretary of State Gary Blackmer, Director, Audits Division Major IT Projects: Continue Expanding Oversight and Strengthen Accountability Summary Information
More informationThe Procter & Gamble Company Board of Directors Audit Committee Charter
The Procter & Gamble Company Board of Directors Audit Committee Charter I. Purposes. The Audit Committee (the Committee ) is appointed by the Board of Directors for the primary purposes of: A. Assisting
More informationSEC Whistleblower Program
SEC Whistleblower Program Presented by: Karl M. Strait, Partner Jennifer L. Farer, Associate Eric B. Martin, Associate www.mcguirewoods.com SEC Whistleblower Program Key Features SEC may pay rewards to
More informationGAO. SINGLE-FAMILY HOUSING Stronger Oversight of FHA Lenders Could Reduce HUD s Insurance Risk
GAO United States General Accounting Office Testimony Before the Permanent Subcommittee on Investigations, Committee on Governmental Affairs, U.S. Senate For Release on Delivery Expected at 9:30 a.m.,
More informationForensic Services. kpmg.hu
Forensic Services kpmg.hu We help you curb your losses. Our forensic team provides services designed to assist you in matters of a commercial or financial nature that may result in a legal or regulatory
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationTip of the Month. New State Laws. Background Check "Crunch" It's Not Just the EEOC Two More States Restrict Use of Credit Checks in Employment
September 2011 in this issue Published by Proskauer Rose, the "Employment Law Counseling & Training Tip of the Month" provides best practice tips to assist employers in meeting today's challenging workplace
More informationHALOZYME THERAPEUTICS, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS ORGANIZATION AND MEMBERSHIP REQUIREMENTS
HALOZYME THERAPEUTICS, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS I. STATEMENT OF POLICY The Audit Committee (the Committee ) of the Board of Directors (the Board ) of Halozyme Therapeutics,
More informationYOUR LEGAL RIGHTS AND OPTIONS IN THIS SETTLEMENT
UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF GEORGIA If You Used a Credit or Debit Card at a Self-Checkout Lane at a U. S. Home Depot Store Between April 10, 2014 and September 13, 2014 or
More informationTestimony of James W. Runcie Chief Operating Officer Federal Student Aid U.S. Department of Education
Testimony of James W. Runcie Chief Operating Officer Federal Student Aid U.S. Department of Education Before the Subcommittee on Higher Education and Workforce Training, House Education and the Workforce
More informationWhat You Don t Know Can Hurt You
What You Don t Know Can Hurt You Your 401(k) Plan Investment Advisor May Be Forced to Drop Your Retirement Plan. What You Need to Know About The Dodd-Frank Reform and Consumer Protection Act And the Meaning
More informationAudit Committee Charter
Audit Committee Charter Role The Audit Committee of the Board of Directors assists the Board of Directors in fulfilling its responsibility for oversight of the quality and integrity of the accounting,
More informationSymantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,
Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security, streamline compliance reporting, and reduce the overall
More informationDOD Takes Data-Centric Approach To Contractor Cybersecurity
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com DOD Takes Data-Centric Approach To Contractor Cybersecurity
More information