The SEC Data Breach And Impact On New Reporting Rules

The U.S. Securities and Exchange Commission disclosed recently that its Electronic Data Gathering, Analysis and Retrieval (EDGAR) system, a comprehensive database of filings by public companies and other industry participants, was hacked in 2016 and that the intruders may have traded on the information. The announcement comes on the heels of the mutual fund industry requesting revisions to new SEC rules and reporting requirements, partly due to significant concerns over cybersecurity at the SEC.

The EDGAR breach perfectly illustrates those concerns at the same time that…

The full article can be accessed on the Law360 website.


Subscribe to CSS Blog

CSS frequently publishes blog posts which are written by our team from their observations in the field, at conferences and through experiences with compliance professionals. These posts are designed to further knowledge and share industry best practices. Topics run the gamut, including Form ADV, cybersecurity, MiFID II, position limit monitoring, technology challenges and more. Complete and submit the brief form below to receive notifications when we publish new content.

Loading form...

Latest Content

Improving Mutual Funds’ Principal Risks Disclosure

The Securities and Exchange Commission (SEC) has for years stressed that registrants’ disclosure in regulatory filings needs to be written in “plain English.” The SEC’s Disclosure Review and Accounting Office recently reiterated the plain English directive in “ADI 2019 – 08 – Improving Principal Risks Disclosure.” The guidance focuses specifically on making disclosure of principal risks … Continued

Cayman Islands Data Protection Law Nears Taking Effect

Cybersecurity regulations have landed ashore on the islands, and life is about to become anything but a beach for firms forced to comply with the Cayman Islands’ new Data Protection Law (DPL), slated to take effect September 30, 2019. With provisions largely mirroring the EU’s General Data Protection Regulation (GDPR), entities with a presence or … Continued