Skip to content

Enforcement Highlights

  • About Us
  • Contact
  • Cookie Policy
Enforcement
Highlights

Covering SEC, CFTC, FINRA, PCAOB, States, Exchanges, & FCA Enforcement Activities

SEC Announces Enforcement Division Cyber Specialty Unit

On September 25, 2017, the Securities and Exchange Commission announced the creation of an Enforcement Division “Cyber Unit” that will focus on cyber-related violative conduct. The timing of this is much more than coincidental; indeed it’s obvious. Just last week, SEC Chairman Jay Clayton disclosed: 1) a 2016 intrusion of the SEC’s EDGAR system due to a software vulnerability in the test filing component of the system, resulting in access to nonpublic information; and 2) the creation of a senior-level cybersecurity working group. Since the disclosure of the EDGAR breach, the financial press has reported that SEC Enforcement, the Secret Service, and the FBI have been investigating, and that Chairman Clayton asked the SEC’s Office of Inspector General to investigate. On September 26, 2017, Chairman Clayton appears before the Senate Committee on Banking, Housing, and Urban Affairs where he will provide testimony and likely be subject to intense questioning.

Returning to the SEC’s Cyber Unit, while not specifically described as such, it appears to be created in the mold of the other Enforcement Division Specialty Units. This new unit’s mandate includes targeting cyber-related violative conduct, such as: market manipulation schemes involving false information spread through electronic and social media; hacking to obtain material nonpublic information; misuse of distributed ledger technology; misconduct perpetrated via the dark web; intrusions into retail brokerage accounts; and cyber-related threats to trading platforms and other critical market infrastructure. Consistent with this being a new specialty unit, the “Chief” is a former Co-Chief of the SEC’s Market Abuse Specialty Unit. Thus, registrants can expect the Cyber Unit to evolve much as the SEC’s other specialty units have previously. Specifically, this unit will likely: develop and expand SEC internal cyber knowledge; seek to hire external cyber experts; and dedicate its efforts and resources to this specialty area. Consistent with the evolutions of the other specialty units, the Cyber Unit will likely pursue cases that the Enforcement Division generally and historically might not have pursued, such as non-fraud violations considered more technical in nature.

While it’s ironic that the SEC announced the Cyber Unit on the heels of its recent breach, issuers and registrants should take this opportunity to self-assess and implement plans to avoid the SEC’s Cyber Unit in the future. Among various strategies, actively monitoring and assessing the SEC’s cybersecurity guidance and, in particular, the Office of Compliance Inspections and Examinations Risk Alerts, and documenting this work will support arguments of reasonable and diligent efforts. For further and more detailed guidance, look to FINRA’s February 2015 Report on Cybersecurity Practices. While FINRA’s oversight is limited to its member broker-dealer firms, this 46-page report provides plain-language guidance that any company or firm may want to consider reviewing and implementing as appropriate.

Subscribe and Receive Alerts to New Articles

SUBSCRIBE
September 26, 2017
Written by: Enforcement Highlights
Category: Compliance and Supervision, Hedge Funds and Private Equity, Insider and Manipulative Trading, Investment Advisers and Broker Dealers, Public Companies, Accounting, and Auditing
Tags: General

Post navigation

Previous Previous post: Split Second Circuit Affirms Insider Trading Conviction While Rejecting Newman’s “Meaningfully Close Personal Relationship” Requirement
Next Next post: Second Circuit Will Not Revisit Opinion Barring Testimony Compelled by Foreign Sovereigns

Subscribe to Email Alerts

Categories

  • Compliance and Supervision
  • Futures and Derivatives
  • Hedge Funds and Private Equity
  • Insider and Manipulative Trading
  • Investment Advisers and Broker Dealers
  • Municipal Bond Offerings
  • Public Companies, Accounting, and Auditing

©2023 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

  • About Us
  • Contact
  • Cookie Policy
We use cookies to improve your experience with our website. By browsing our site, you are agreeing to the use of cookies. For more information about how we use cookies, please review our privacy policy and cookie policy. OK
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT