- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-06-29T21:32:00
The No. 1 priority at the Securities and Exchange Commission (SEC) after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to the agency’s enforcement head.
The SEC understands firms have to make quick decisions when responding to a cyberattack, including around disclosures, said Gurbir Grewal during a speech at a cyber resilience summit on June 22.
“But we cannot lose focus of the fact that those decisions directly impact customers” and might be material to investors, Grewal said. Publicly traded companies, investment advisers, and broker-dealers collect and hold an extensive amount of data about organizations and client accounts, plus personally identifiable information about individuals that’s valuable to bad actors, Grewal said.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Businesses can prepare for the Securities and Exchange Commission’s upcoming cybersecurity disclosure rule by going through it and identifying key gaps in compliance.
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s newly approved cybersecurity incident disclosure rule.
The Securities and Exchange Commission finalized its controversial rule requiring public companies to disclose the nature, scope, timing, and impact of cybersecurity incidents deemed to be material within four business days.
TD Bank said it set aside $450 million to settle regulatory and law enforcement investigations, including by the Department of Justice, into its anti-money laundering and Bank Secrecy Act programs.
Despite significant issues outside the control of most chief compliance officers, some regulators have signaled more individual liability cases are to be expected. Will accepting the wrong job, in hindsight, make it your last?
RBC Capital Markets agreed to pay nearly $769,000 to settle allegations levied by the Financial Industry Regulatory Authority, in part, over sending inaccurate information in trade confirmations to customers over nearly a decade.
