The disclosures of major security breaches in 2017 such as Verizon, Equifax, Uber, the National Security Agency and the Transportation Safety Administration increased consumer concern about the safety of their personal and financial data. These disclosures also contributed to renewed Congressional analysis of data security standards in the financial services sector and review of current federal and state regulatory regimes. Insider cyber threats have become security remains a threat as well. In August 2017, the Securities and Exchange Commission (“SEC”) announced insider trading charges against seven individuals who gained access to confidential merger and acquisition data through a technology consultant’s misuse of an investment bank’s new computer system. State actions, governmental agencies and the financial services industry are actively combatting the growth of cyber-security threats.
Consistent with modern financial regulation, United States regulators are increasingly focusing upon individual accountability of corporate officers and directors. Once a regulatory agency contacts a corporation regarding an inquiry into the actions of its agents, it is the duty of the corporation to front the costs of legal defense and representation. Historically, corporate directors and officers liability insurance (“D&O”) covered the costs of legal defense and costs associated with the regulatory investigation. In light of the increasing government emphasis on individual liability within corporations, traditional D&O liability insurance is no longer guaranteed to protect corporate exposure to regulatory inquiry. As a result of these changes to corporate exposure, insurance agencies have begun to create novel insurance solutions to solve the problems created by the new regulatory policy.
The Securities and Exchange Commission, which has been notably quiet on the subject, is beginning to show an interest in the cryptocurrency craze. It published a report last July concluding that initial coin offerings (ICOs) are subject to securities laws and that one ICO which raised nearly $150 million worth of cryptocurrency violated securities law.
Many nations are increasingly attempting to regulate Bitcoin and other forms of cryptocurrency. Increased regulation could help legitimize the currency, but uncertainties about what regulation lies ahead threatens the value of the currencies. A main driver of the increased value of cryptocurrencies is the potential for increased usage in markets globally and greater integration of them into our economy. Regulation may be essential to successfully enabling such integration, because with instability in trade and valuation of the currency it is hard for consumers to know whether they should be spending the currency, or if it will dramatically change in value over the course of a short time period.
Under Rule 506 of Regulation D (“Reg D”), the U.S. Securities and Exchange Commission (“SEC”) exempts companies making private placements to accredited investors from all federal and state securities registration requirements. As a federal safe harbor, Rule 506 of Regulation D preempts all conflicting state securities regulations, but reserves the states’ rights to require issuers to make notice filings, and to investigate and prosecute securities fraud under state securities laws, commonly known as “Blue Sky Laws.” On its face, Rule 506 of Reg D creates a more efficient securities marketplace. However, the historical lack of consequences for non-compliance at the federal level, combined with inconsistent state notice requirements for using exemptions, further complicates an already over-regulated securities marketplace.
The Chief Compliance Officer (“CCO”) plays a vital role in in the business of broker dealers and investment advisors. Following the financial crisis, firms hired compliance officers in droves to help repair vulnerabilities in firm policies and to address emerging regulation. As regulatory complexity and demand for compliance professionals grew, firms looked to consultants, contractors and lawyers to help fulfill specialized compliance functions. Can an unaffiliated third party effectively fulfill the Chief Compliance Officer role?
In the last month, multiple large-scale data breaches were reported by various entities, with 3 breaches reported in the past week alone. Unfortunately, even the most well-known entities do not stand a chance against increasing technological abilities of bad actors. Since the Equifax breach in early September, Whole Foods, Sonic, Deloitte and the Securities Exchange Commission, among others, had similar large-scale breaches affecting consumers across the country.
In September 2017, United States economic markets implemented swap-regulating rules to reduce risk to U.S. investment firms. Signed into law in 2016, this regulation curbs the risk associated with swap derivatives in the United States. The Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, the Financial Conduct Authority, and the Federal Housing Finance Agency (the “Agencies”), constructed a joint rule requiring taxpayer-insured banks and financial institutions to collect greater collateral and provide greater transparency when involved in swap derivative agreements.
The U.S. Securities and Exchange Commission (the “SEC”) adopted Regulation Systems Compliance and Integrity (“Reg SCI”) to strengthen the technology infrastructure of the U.S. securities markets by imposing new regulatory requirements on SCI entities. The term “SCI entity” includes self-regulatory organizations (“SROs”) such as stock and options exchanges, registered clearing agencies, the Financial Industry Regulatory Authority (“FINRA”), and the Municipal Securities Rulemaking Board (“MSRB”); certain alternative trading systems; disseminators of consolidated market data, such as the Consolidated Tape Association; and certain exempt clearing agencies. The regulatory requirements were designed to reduce the occurrence of systems issues, improve resiliency when systems problems do occur, and to enhance the SEC’s oversight and enforcement of securities market technology infrastructure.
On August 30, 2017, Trump signed Proclamation 9632 declaring September 2017 as National Preparedness Month, encouraging “all Americans… take action to be prepared for disaster or emergency by making and practicing their plans,” also citing that fewer than half of American families report having an emergency response plan. While it is important to have a disaster plan in place for your family to take care of their physical needs, it is also vital to be prepared for the possibility of scams and fraudulent activity in the wake of a natural disaster such as Hurricane Harvey.