On July 16, 2019, the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) issued an “Updated Advisory on Email Compromise Fraud Schemes Targeting Vulnerable Business Processes” (the “Advisory”). The Advisory provides a detailed and helpful overview of trends in Business Email Compromise (“BEC”) schemes affecting U.S. financial institutions and other businesses.
Category: Financial Services
House Committee Staff Report Finds Equifax Data Breach Entirely Preventable, Provides Recommendations for Consumer Reporting Agencies
After a 14-month investigation into the 2017 Equifax data breach, which was one the largest in U.S. history, the House Oversight and Government Reform Committee released a report in December.
NFA Proposes Enhanced Disclosure Requirements for Members Engaging in Virtual Currency Activities
The virtual currency market continues to grow, and this growth has fueled increased attention from retail investors and financial regulators. Financial institutions active in the virtual currency market have seen a trend towards increased regulatory oversight and the latest development imposes new client disclosure requirements upon certain companies.
SEC Freezes $27 Million Related to a Blockchain/Cryptocurrency Acquisition
The Securities and Exchange Commission (SEC) obtained a court order freezing more than $27 million in proceeds from alleged illegal distributions and sales of restricted shares of a public company , and charged the company, its CEO, and three other affiliated individuals on April 6, 2018. That same day, the Nasdaq Stock Market halted trading in the company’s stock.
The SEC’s complaint alleges that shortly after the company began trading on the Nasdaq Stock Market and announced the acquisition of a purported blockchain-empowered cryptocurrency business, its stock price rose dramatically until its market capitalization exceeded $3 billion. The SEC further alleges that the CEO and the three other individual defendants then illegally sold large blocks of their restricted shares to the public while the stock price was excessively elevated and that they collectively reaped more than $27 million in profits.
Continue reading “SEC Freezes $27 Million Related to a Blockchain/Cryptocurrency Acquisition”
NAIC Adopts Insurance Data Security Model Law
The National Association of Insurance Commissioners (NAIC) adopted the Insurance Data Security Model Law (“Model Law”) in October 2017. The purpose of the Model Law is to establish standards for data security and the investigation of and notification to the Insurance Commissioner of a Cybersecurity Event[1], but is not intended to create a private right of action.
The Model Law is based largely on the New York Department of Financial Services’ Cybersecurity Regulations, 23 NYCRR 500 (“NYDFS Cyber Regulations”), which took effect on March 1, 2017. [2] In fact, a drafting note to the Model Law indicates that compliance with the NYDFS Cyber Regulations is intended to constitute compliance with the Model Law.
Continue reading “NAIC Adopts Insurance Data Security Model Law”
Equifax Breach: Good Data Security Practices Matter
The Equifax breach affecting as many as 143 million U.S. consumers highlights the segmented legal landscape surrounding data security as well as the challenges of regulating it. News reports indicate that federal agencies, including the FTC, and a number of state Attorneys General either are or have been called to investigate Equifax and a number of class actions have already been filed.
Some commentators have suggested that the Equifax breach requires a regulatory response, but it is not clear that regulation would have prevented the breach.
Continue reading “Equifax Breach: Good Data Security Practices Matter”