In response to Russian President Vladimir Putin’s decision to invade Ukraine in February, the U.S. government announced sweeping sanctions against Russia. As the conflict nears the three-month mark, businesses around the world are continuing to address compliance with these sanctions. To that end, the SEC recently issued guidance on how companies affected by the Russian invasion of Ukraine should disclose how the conflict is affecting their operations, including the impact of evolving sanctions.
Cybersecurity
SolarWinds Government Data Breach Leads to Securities Action
The massive data breach of the United States Commerce and Treasury Departments that has roiled the federal government has resulted in federal securities litigation. On January 4, 2021, Plaintiff-Shareholder Timothy Bremer filed a class action complaint against SolarWinds and SolarWinds’ corporate executives in the United States District Court for the Western District of Texas. SolarWinds provides information technology and infrastructure management software products to entities around the globe, including to various U.S. government vendors in the executive branch, military, and intelligence services. According to the complaint, Russian hackers gained access to government email traffic by deceptively interfering with software updates released by SolarWinds. The complaint alleges that SolarWinds violated federal securities law by making false and/or misleading statements and failing to disclose material facts regarding SolarWinds’ cybersecurity practices and protocols, which artificially inflated the market price of SolarWinds’ shares. When news of the hack became public, the value of Solarwinds’ securities dropped, thereby producing an economic loss for investors within the class period of February 24, 2020 through December 15, 2020. The complaint asserts claims for violations of Section 10(b) of the Securities Exchange Act of 1934 (the “Exchange Act”) and Rule 10b-5 against SolarWinds and its corporate executives, and for violations of Section 20(a) of the Exchange Act against the corporate executives.
SEC Staff Announces 2018 OCIE Examination Priorities
Last week, the staff of the SEC’s Office of Compliance Inspections and Examinations (OCIE) recently released its sixth annual examination priorities announcement. The alert lays out general issues industry can expect OCIE to focus on during the administration of the agency’s examination program in 2018. While reflecting a renewed emphasis…
Key Takeaways from SEC/DOJ Enforcement Panel
Last week, representatives of the U.S. Securities and Exchange Commission (“SEC”) and the U.S. Department of Justice (“DOJ”) participated in Sandpiper Partners LLC’s Annual SEC/DOJ Enforcement 2016 Panel at the Metropolitan Club. Participants included: Stephanie Avakian (Deputy Director, Division of Enforcement, SEC), Nicole Friedlander (Chief, Complex Frauds and Cybercrime Unit, U.S. Attorney’s Office, Southern District of New York), and Telemachus Kasulis (Deputy Chief, Securities and Commodities Task Force, U.S. Attorney’s Office, Southern District of New York).
SEC to Conduct Second Round of Cybersecurity Examinations
On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing its second round of examinations of registered investment advisers and broker-dealers under its cybersecurity examination initiative.
SEC Brings First Major Cyber Insider Trading Case Against International Hacking Ring
In an action that emphasizes the agency’s commitment to cybersecurity, the SEC recently charged 32 defendants with violations of the federal antifraud laws and corresponding SEC rules, stemming from an alleged $100 million conspiracy to steal and trade on material non-public information contained in corporate earnings announcements that were obtained by hacking into the computer networks of three newswire services.
Cyber Security Regulations Ahead Says New York State’s Dept. of Financial Services
Based on a report released last week about cyber security vulnerabilities faced by financial institutions, New York State Department of Financial Services (“NYDFS”) Superintendent Benjamin Lawsky signaled that the agency will soon move forward with cyber security regulations. The report concluded that banks’ third-party vendors have significant potential cyber security vulnerabilities. Superintendent Lawsky said that the regulations will strengthen cyber security standards for banks’ third-party vendors, including potential measures related to cyber security representations and warranties that banks receive from their vendors.
SEC Releases Results of Cybersecurity Examination Sweep
On February 3, 2015, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert that summarized its findings about cybersecurity preparedness in the securities industry. As part of its Cyber Security Examination Initiative, the OCIE collected and analyzed information about cybersecurity practices and trends from over 100 …