Tag: Cybersecurity and privacy

1
United States: A Record Year: SEC FY 2022 Enforcement Actions Bring Big Penalties
2
United States: SEC Reopens Comment Period for Eleven Significant Rulemaking Releases
3
Europe: Systemically important outsourced service providers, eg cloud services, to be identified and regulated in the UK    

United States: A Record Year: SEC FY 2022 Enforcement Actions Bring Big Penalties

By: Keri E. Riemer, Michael W. McGrath, Neil T. Smith, Hayley Trahan-Liptak, and Christopher F. Warner

On 15 November 2022, the U.S. Securities and Exchange Commission (SEC) announced its enforcement statistics for its 2022 fiscal year (FY 2022), noting that it filed 760 total enforcement actions — a 9% increase over fiscal year 2021.  This total was comprised of 462 new actions, 169 “follow-on” actions, and 129 actions for delinquent filings.  Money obtained in SEC actions, comprising civil penalties, disgorgement, and pre-judgment interest, totaled a record-breaking $6.439 billion (compared to $3.852 billion in fiscal year 2021).  Civil penalties, totaling $4.194 billion, were also the highest on record.

Read More

United States: SEC Reopens Comment Period for Eleven Significant Rulemaking Releases

By: Trayne S. Wheeler and Brian Doyle-Wenger

On October 7, 2022, the Securities and Exchange Commission (the “SEC”) announced that, due to a technological error, it was reopening the public comment periods for 11 pending rulemaking releases (“Rulemaking Releases”) and one request for comment. The comment periods will be reopened as of October 7th and will end 14 days after the publication of the release in Federal Register (if, for example, this release were to be published on October 15, then the comment periods would close on October 29, 2022). The SEC encouraged commenters that submitted a public comment through the internet comment process to check the SEC’s website, SEC.gov, to determine whether their comment was received and posted.

The SEC’s release did not elaborate on nature of the technological error but stated that a number of public comments submitted through the SEC’s internet comment form were not received. The SEC noted the majority of the affected comments were submitted in August 2022, but that the technological error is known to have occurred as early as June 2021.

The impact of the reopening of the public comment periods is not yet known, but will likely result in delaying the release of a number of highly anticipated SEC rules[1].  The Rulemaking Releases include the following proposals and request for comment:

• Reporting of Securities Loans

• Prohibition Against Fraud, Manipulation, or Deception in Connection with Security-Based Swaps; Prohibition against Undue Influence over Chief Compliance Officers; Position Reporting of Large Security-Based Swap Positions

• Money Market Fund Reforms

• Share Repurchase Disclosure Modernization

• Short Position and Short Activity Reporting by Institutional Investment Managers; see also Notice of the Text of the Proposed Amendments to the National Market System Plan Governing the Consolidated Audit Trail for Purposes of Short Sale-Related Data Collection,    

• Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure

• Private Fund Advisers; Documentation of Registered Investment Adviser Compliance Reviews

• The Enhancement and Standardization of Climate-Related Disclosures for Investors

• Special Purpose Acquisition Companies, Shell Companies, and Projections

• Investment Company Names

• Enhanced Disclosures by Certain Investment Advisers and Investment Companies About Environmental, Social, and Governance Investment Practices

• Request for Comment on Certain Information Providers Acting as Investment Advisers

(Certain SRO rules, not covered here, also have comment periods that have been reopened.)


[1] SEC Release, Resubmission of Comments and Reopening of Comment Periods for Several Rulemaking Releases Due to a Technological Error in Receiving Certain Comments, October 7, 2022 (https://www.sec.gov/rules/proposed/2022/33-11117.pdf)

Europe: Systemically important outsourced service providers, eg cloud services, to be identified and regulated in the UK    

By: Kai Zhang

In an 8 June 2022 policy statement,  the UK Government proposes a specific regime for supervising “critical” service providers to the financial services industry. This is to address concentration risk as many regulated firms rely on a few large service providers whose failure could potentially threaten the stability of, or confidence in, the UK’s financial system.   The Government observes that in 2020 over 65% of UK regulated firms used the same four cloud providers for cloud infrastructure services.

Read More

Copyright © 2022, K&L Gates LLP. All Rights Reserved.