Lessons From SEC’s First Cybersecurity Enforcement Action
This week, the SEC fined investment advisory firm R.T. Jones Capital Equities Management for failing to establish required cyber-security policies and procedures, which later led to a breach that compromised the personal data of roughly 100,000 customers. It is the first enforcement action the SEC has brought against a regulated ...
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
Article
Frustrating Risk With the Right Internal Control Framework
Image: As cyber-security and IT controls rise up the priority list in corporate audits, a new wrinkle is emerging: numerous frameworks (COSO, NIST, CoBIT) used by numerous parties, all trying to build effective control systems. That could lead to painful detours in mapping controls, if compliance executives don’t plan carefully. ...
-
PremiumDelayed UK antitrust case underscores compliance, reputational risks
Antitrust infringement cases in the United Kingdom can run on for years, but there’s a question whether issuing fines that are dwarfed by the revenues of those organisations involved is a worthy deterrent—particularly if they are imposed over a decade after the misconduct ended. It’s also debatable whether the first ...
-
PremiumDespite uncertainty, whistleblowers still have incentives to report misconduct
Whistleblowing in the United States is being buffered by uncertainty from regulators who are backing off policing corruption and consumer protections. Regulators like the Department of Justice and the Securities and Exchange Commission are being thrown into disarray by layoffs and restructuring. Still, whistleblowers will likely continue coming forward.