SEC Offers More Guidance on Cybersecurity Best Practices and Pitfalls – Part 2 of 2

This post continues our discussion of the Risk Alert released on August 7, 2017, by the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) regarding conclusions drawn from its yearlong review of the cybersecurity practices of 75 asset management firms and funds. The sweep, deemed OCIE’s Cybersecurity 2 Initiative, covered broker-dealer, investment adviser, and investment company practices during the period from October 2014 through September 2015. Continue Reading

SEC Offers More Guidance on Cybersecurity Best Practices and Pitfalls – Part 1 of 2

On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) released a Risk Alert summarizing its conclusions from a year-long review of the cybersecurity practices of a 75 firms — including broker-dealers, investment advisers and investment companies.  The sweep, OCIE’s Cybersecurity 2 Initiative, ran from September 2015 to June 2016 and covered the review period from October 2014 through September 2015.  It follows OCIE’s 2014 Cybersecurity 1 Initiative, during which the staff examined a different group of firms from January 2013 to June 2014.  The Risk Alert that followed the first sweep was released in early 2015. Continue Reading

Blockchain and Digital Token Update: SEC Releases Investigative Report and Investor Bulletin

On July 25, 2017, the Securities and Exchange Commission (SEC) released groundbreaking materials relating to blockchain tokens. These materials provide significant and welcome insight to the SEC’s and its staff’s thinking in this area, although they leave a number of important questions unanswered. The SEC released a detailed investigative report under Section 21(a) of the… Continue reading the full post here.

The Financial Choice Act Aims to Help Angel Investors

The proper treatment of angel investing groups under the Federal securities laws can be a vexing question. If it were appropriate to describe the angel investing group as a “company” as defined in Section 2(a)(8) of the Investment Company Act of 1940, and if the “company” were appropriately viewed as issuing interests or shares, then the angel investing group would have to seek to rely on Sections 3(c)(1) or 3(c)(7) of the Investment Company Act and comply with the requirements of Regulation D under the Securities Act of 1933. Yet these views seem to beg the questions of who is giving investment advice to the “company” and who is acting as a broker in offering and selling interests in the “company.” Continue reading The Financial Choice Act Aims to Help Angel Investors.

Takeaways From TRANSACT: Payments Industry Legal and Regulatory Trends

The Electronic Transactions Association (ETA) hosted its annual TRANSACT conference focused on connecting and educating the various branches of the payments industry. Industry leaders spoke on technology, security, regulatory and policy issues affecting the industry.

This update highlights the key legal and regulatory takeaways from TRANSACT, which include regulatory red flags, the important role of compliance, recent litigation in the field of chip card and signature debit, nationwide-licensing and the potential impact of Dodd-Frank amendments and other changes brought by the Trump administration.


U.S. Government Accountability Office Report: Financial Technology – Information on Subsectors and Regulatory Oversight

The U.S. Government Accountability Office (“GAO” or the “Office”) recently published its study related to the financial technology (“fintech”) industry. Members of Congress (Hon. Sherrod Brown, Hon. Jeanne Shaheen, and Hon. Jeffrey A. Merkley) asked the GAO to review a number of issues related to the fintech industry including how fintech products and services are regulated. The GAO does not make any recommendations in this initial report, but the Office plans to issue a series of reports on fintech addressing four common subsectors of fintech (marketplace lenders, mobile payments, digital wealth management platforms, and distributed ledger technology) and each subsector’s regulatory oversight. This initial report attempts to define each subsector, explain how it works, who uses it, benefits and risks, industry trends, and regulation and oversight. The GAO provided a draft of the report for review and comment to the CFPB, CFTC, CSBS, FDIC, the Federal Reserve, FINRA, FTC, NCUA, OCC, SBA, SEC, and Treasury. The Office incorporated technical comments from these agencies as appropriate. The GAO conducted this study from July 2016 to April 2017 in accordance with generally accepted government auditing standards. The GAO reported, as an example, that depending on services provided a marketplace lender may be subject to:  federal regulation (e.g., Federal Reserve, FDIC, OCC), state licensing and regulation, securities offering registration (e.g., SEC), and/or enforcement actions (e.g., CFPB, FTC). The GAO noted that each subsector’s regulation depends on (1) the extent to which the firms provide a regulated service and (2) the format in which the services are provided.

GAO Report to Congress on Financial Technology

GAO Report Highlights