Cyber-Fraud Victim or Securities Law Violator?


Posted on October 23, 2018, by Mary P. Hansen and Peter Baldwin in Cybersecurity, SEC. Comments Off on Cyber-Fraud Victim or Securities Law Violator?

The Securities and Exchange Commission (SEC) recently released a report detailing whether or not certain companies that had fallen victim to cyber-related frauds had violated the Securities Exchange Act of 1934 by failing to have proper internal accounting controls. The nine companies investigated by the SEC fell prey to fraudulent “business email compromise” schemes, which are responsible for the highest estimated out-of-pocket losses of any cyber-related crimes in the last five years. The primary question for the SEC was whether or not the companies had failed to enact compliant internal accounting controls that may have prevented such fraud.

This alert details the SEC’s finding and advice for companies in an environment where cybersecurity is increasingly complicated and essential.

Read the full alert.





Comments are closed.



From the Blog:

Federal Prosecutor Faces Accusations that it Used the SEC to Collect Evidence for its Criminal Investigation

In a ruling handed down on Tuesday, a Southern District of New York judge ordered the U.S. Attorney’s Office for the Southern District of...

The Final Reg BI Package: What to Know and What’s Next

To nobody’s great surprise, on June 5, the SEC approved the “Reg BI Package,” which includes a series of new standards governing the fiduciary...

The SEC’s Reg BI Package Time to Vote

On June 5, the SEC will hold an Open Meeting to consider whether to adopt certain measures to reform retail investment standards. In this...