Lessons From SEC’s First Cybersecurity Enforcement Action
This week, the SEC fined investment advisory firm R.T. Jones Capital Equities Management for failing to establish required cyber-security policies and procedures, which later led to a breach that compromised the personal data of roughly 100,000 customers. It is the first enforcement action the SEC has brought against a regulated ...
Related articles
-
Article
Frustrating Risk With the Right Internal Control Framework
Image: As cyber-security and IT controls rise up the priority list in corporate audits, a new wrinkle is emerging: numerous frameworks (COSO, NIST, CoBIT) used by numerous parties, all trying to build effective control systems. That could lead to painful detours in mapping controls, if compliance executives don’t plan carefully. ...
-
ArticleOCC drops $10M fine against former Wells Fargo risk officer fingered in “fake accounts” scandal
A former Wells Fargo risk officer previously ordered to pay $10 million by the Department of the Treasury’s Office of the Comptroller of the Currency (OCC) for her alleged role in the bank’s “fake accounts” scandal is completely off the hook, according to an OCC consent order issued Tuesday.
-
ArticleNY auto insurers on the hook for $19M for cybersecurity violations
Eight auto insurers failed to meet the requirements of New York’s cybersecurity regulations during widespread online attacks in 2021 and will pay $19 million under consent orders with the New York State Department of Financial Services (NYDFS).