Cyber-Fraud Victim or Securities Law Violator?


Posted on October 23, 2018, by Mary P. Hansen and Peter Baldwin in Cybersecurity, SEC. Comments Off on Cyber-Fraud Victim or Securities Law Violator?

The Securities and Exchange Commission (SEC) recently released a report detailing whether or not certain companies that had fallen victim to cyber-related frauds had violated the Securities Exchange Act of 1934 by failing to have proper internal accounting controls. The nine companies investigated by the SEC fell prey to fraudulent “business email compromise” schemes, which are responsible for the highest estimated out-of-pocket losses of any cyber-related crimes in the last five years. The primary question for the SEC was whether or not the companies had failed to enact compliant internal accounting controls that may have prevented such fraud.

This alert details the SEC’s finding and advice for companies in an environment where cybersecurity is increasingly complicated and essential.

Read the full alert.





Comments are closed.



From the Blog:

The SEC Speaks . . . and Cooperation is Key

SEC Speaks, the SEC’s annual conference in Washington, D.C., often provides valuable insight into developments at the agency, as well as pronouncements about policy...

District Court Holds SEC Cannot Use CEO’s Criminal Conviction to Establish Company’s Liability

Recently, the Northern District of Illinois denied the SEC summary judgment on its claims against a company charged with fraudulently offering and failing to register securities....

The First SEC Share Class Selection Disclosure Settlements: What We Learned & What’s Next?

Jim Lundy and Ben McCulloch authored an article entitled “The First SEC Share Class Selection Disclosure Settlements: What We Learned & What’s Next?” for...