On May 22, 2024, the SEC announced the settlement of administrative proceedings against a U.S. securities exchange and certain of its subsidiaries for their alleged failure to timely inform the SEC of a systems intrusion in violation of Rules 1002(b)(1) and 1002(b)(2) of Regulation Systems Compliance and Integrity (Regulation SCI). The rules require that covered entities notify the SEC of a system disruption or intrusion within 24 hours unless the covered entity immediately determined that the disruption or intrusion would have no or a de minimis impact on operations or market participants.

Continue Reading SEC Settles Charges Against Exchange for Alleged Failure to Inform SEC of Cyber Intrusion

On May 21, 2024, the SEC announced the settlement of administrative proceedings brought against a dually-registered broker-dealer and investment adviser for its alleged failure to address conflicts of interest in compliance with Rule 15l-1(a) of the Securities Exchange Act of 1934 (Regulation Best Interest) and the Investment Advisers Act of 1940.

Continue Reading SEC Settles Charges Against Dually-Registered Broker-Dealer and Adviser for Alleged Failure to Address Conflicts of Interest

The annual ALI-CLE Accountants’ Liability Conference occurred in Washington, D.C. on May 16 and 17, 2024 and was co-hosted by Junaid A. Zubairi, Chair of Vedder Price’s Government Investigations and White Collar Defense group, and Veronica Callahan of Arnold & Porter LLP. The conference featured a wide variety of speakers, including regulators from the Securities and Exchange Commission (“SEC”) and the Public Company Accounting Oversight Board (“PCAOB”), in-house counsel, outside counsel, and consultants.

Continue Reading Highlights from 2024 ALI-CLE Accountants’ Liability Conference

On May 1, 2024, the Financial Industry Regulatory Authority (FINRA) proposed a new series of rules—FINRA Rule 6500 Series—regarding reporting of securities lending transactions pursuant to the requirements under new Rule 10c-1a under the Securities Exchange Act of 1934 which the SEC adopted on October 13, 2023. Rule 10c-1a requires “covered persons” to report specified information about “covered securities loans” (as these terms are defined in Rule 10c-1a) to FINRA by the end of the day on which a loan is made or modified, in accordance with rules that FINRA is required to adopt by May 2, 2024 and that detail the format and manner by which the loan information is reported.

Continue Reading FINRA Proposes Rules Regarding SEC-Mandated Reporting of Securities Lending Transactions

On May 13, 2024, the SEC and FinCEN jointly proposed a new rule under the Bank Secrecy Act (BSA) that would impose new customer identification program (CIP) requirements on registered investment advisers and exempt reporting advisers.

Continue Reading SEC and FinCEN Propose Customer Identification Program Requirements for Investment Advisers

On May 16, 2024, the SEC adopted amendments to Regulation S-P to enhance and modernize consumer privacy protections in light of technological developments in how individuals’ personal information is collected, shared and maintained. Regulation S-P applies to broker-dealers (including funding portals), investment companies, registered investment advisers and transfer agents (“covered institutions”) and currently requires (1) covered institutions (excluding transfer agents) to adopt written policies and procedures that address administrative, technical and physical safeguards for the protection of customer records and information (the “safeguards rule”), and (2) covered institutions (including transfer agents) to properly dispose of consumer report information (the “disposal rule”). The amendments are described below.

Continue Reading SEC Adopts Regulation S-P Amendments to Enhance Protection of Customer Information

In a 3-0 decision, the Fifth Circuit Court of Appeals vacated the SEC’s private fund adviser rules (“Final Rule”). Each component of the Final Rule was vacated, including the Private Fund Audit Rule, Private Fund Quarterly Statement Rule, Private Fund Adviser Restricted Activities Rule, Adviser-Led Secondaries Rule, Preferential Treatment Rule and Books and Records Rule Amendments. The original lawsuit was brought by several trade associations who sued the SEC over the Final Rule in imposition of undue regulatory burdens and costs.

Continue Reading Fifth Circuit Vacates Private Fund Adviser Rules

On April 26, 2024, the Federal Trade Commission (FTC) announced that it had finalized changes to the Health Breach Notification Rule (HBNR). These changes, which go into effect on June 25, 2024, are intended to modernize aspects of the HBNR such that the HBNR applies to entities not covered under the Health Insurance Portability and Accountability Act (HIPAA). The updated HBNR follows the FTC’s previously stated intention in a 2021 policy statement to broaden the interpretation of the HBNR to address the growing number of digital health applications, websites, and consumer-facing technology that were not subject to HIPAA. The scope of the finalized rule therefore aims to apply the HBNR to health care technology and digital health companies that obtain personal health records (PHR) and PHR identifiable health information.

Continue Reading FTC Finalizes Broader Changes to the Health Breach Notification Rule

On April 29, 2024, the U.S. Equal Employment Opportunity Commission (the “EEOC” or the “Commission”) published its “Enforcement Guidance on Harassment in the Workplace” (the “Guidance”), which outlines the legal standards for harassment and employer liability under the equal employment opportunity laws enforced by the Commission.  (See here.)  The Guidance replaces the five prior harassment guidance documents from the EEOC, issued between 1987 and 1999, and serves as a single resource for workplace harassment law.  The Guidance addresses several timely topics, including, but not limited to, protections for LGBTQ+ workers, harassment in the remote workplace, and the interplay between religious freedom and unlawful harassment.  The Guidance also includes over 70 illustrative examples of permissible and impermissible conduct.   

Continue Reading EEOC Updates Anti-Harassment Guidance for First Time in 25 Years

On April 17, 2024, the SEC’s Division of Examinations issued its latest risk alert regarding Rule 206(4)-1 of the Investment Advisers Act of 1940, known as the Marketing Rule. Following the examinations staff’s June 2023 and September 2022 risk alerts regarding areas of emphasis in examinations focused on compliance with the Marketing Rule, the latest risk alert highlighted initial observations from examinations of investment advisers’ compliance with the Marketing Rule and related rules under the Advisers Act. The risk alert focused on compliance with the Marketing Rule’s general prohibitions, Rule 206(4)-7 (the Compliance Rule), Rule 204-2 (the Books and Records Rule), and Form ADV disclosure requirements.

Continue Reading SEC Staff’s Latest Marketing Rule Risk Alert Highlights Initial Observations from Examinations