In a series of speeches earlier this year, Commodity Futures Trading Commission Chairman Timothy Massad repeated the remark that cybersecurity has become “perhaps the single most important new risk to market integrity and financial stability.” Indeed, with high-profile data breaches seemingly happening more frequently, cybersecurity has become an area of greater emphasis for companies and regulators alike.
How can Lexis® Securities Mosaic® help?
Securities Mosaic allows you to conduct research or stay current on a specific topic like cybersecurity across a broad spectrum of materials from a single gateway. Below are some examples.
- In April 2014, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced a series of examinations aimed at identifying cybersecurity risks and assessing cybersecurity preparedness in the securities industry. Following up on that initiative, OCIE recently issued a Risk Alert providing information on the areas of focus for the second round of cybersecurity examinations of broker-dealers and investment advisers. These examinations will involve more testing to assess implementation of firm procedures and controls and will focus on governance and risk assessment; access rights and controls; data loss prevention; vendor management; training; and incident response.
- In Comment Letter review of filings, SEC examiners may ask a company to clarify the technological and administrative procedures it has in place to ensure privacy and security, or to spell out the risks and potential costs of a cyber attack or breach.
- In the past two years, not just the SEC but the IRS, Federal Reserve Board, EPA, and FDA have offered official guidance or assessment tools in the area of cybersecurity. Find them on Lexis Securities Mosaic by going to our Laws, Rules, Agencies page, searching on “cybersecurity,” and narrowing by the “Guidance” category filter.
- Risk Factors. Risks disclosed to prospective and current shareholders via periodic reports and in registrations of securities offerings are always a barometer of trending topics. Recently, it has become common practice for companies that maintain access to sensitive or confidential data to disclose risks of potential data breaches or security concerns.
- Management’s Discussion & Analysis. When cyber attacks — or even the mere threat of such attacks — impact a company’s bottom line, it will merit discussion in the MD&A section of the annual report.
- Proxy statements. Cybersecurity has become a concern at companies’ annual meetings, as companies seek to adopt and refine risk mitigation policies and procedures. The issue can even impact the election of directors and officers, as a candidate’s credentials in the area of cybersecurity may be perceived as increasingly important.
- Earlier this year, the SEC formalized certain security standards for exchange-listed companies with the adoption of its final rule 34-73639 on Regulation Systems Compliance and Integrity (“SCI”).
- In August, the National Futures Association submitted to the CFTC a proposed interpretive notice focused on cybersecurity. If approved by the CFTC, NFA members would be required to adopt written procedures to keep customer data secure and safeguard access to members’ electronic systems.
- In late September, the SEC announced its first enforcement action related to cybersecurity, fining an investment adviser for failing to establish required policies and procedures in advance of a breach that compromised the personally identifiable information (“PII”) of approximately 100,000 individuals, including thousands of the firm’s clients. Without admitting or denying the allegations, R.T. Jones Capital Equities Management consented to the entry of an order finding that it violated Regulation S-P’s PII safeguard rules during a nearly four-year period when it failed to adopt any written policies and procedures to ensure the security and confidentiality of PII and protect it from anticipated threats or unauthorized access. The firm will pay a $75,000 penalty.
News and Commentary
- Stay well-informed on everything related to securities. Subscribe to our Daily Securities News in your inbox each morning. This comprehensive newsletter includes SEC updates, corporate and securities news stories from an assortment of notable world news sources, recent law firm memos, market regulation updates, pending securities legislation, SEC enforcement and an SEC Final Rules effective date calendar.
- Check out what the top U.S. law firms are saying. Go to our database of over 100,000 Law Firm Memos and type in relevant keywords (e.g., “cybersecurity,” “data breach”). Set up a daily alert to automatically receive the results of your personalized search in your inbox.
- See what other influential analysts are saying. Sign up for our SM Blogwatch email, which includes opinion and analysis from well-respected sources such as CorporateCounsel. net and the Harvard Law School Forum on Corporate Governance and Financial Regulation. You can also text-search the past six months of content in our Blogwatch archive.
Alerting capability on the Lexis Securities Mosaic SEDAR Filings search page is now live! Here are the highlights:
- Real-time delivery is available; or have your alerts bundled into a once-daily or -weekly digest.
- Alerts can be delivered as a “push” to your inbox via email or as a “pull” via RSS; the latter format is broadly compatible with news feeds, readers, aggregators, or your firm’s intranet.
- Set up alerts via advanced text search, including nested terms and Boolean and proximity operators.
- You can also construct an alert query to filter by filing type, document type, filing company, and company attributes (industry, exchange, location, issuer size).
- Add up to 10 additional recipients on any alert.
- There is no limit to the number of alerts a user may set up.
Feel free to reach out to us with any questions.
As a new crop of Fall Associates descends upon the nation’s top law firms, it’s a good time to remind our users that proficiency in SEC filings research bears little relationship to the kind of knowledge tested on the Bar Exam. The practical, nuts-and-bolts skills your Associates need to master are best gained by a direct plunge into what might appear to be murky, roiling waters.
Of course, there are ways of accelerating the learning process. First and foremost, we highly recommend you take advantage of the free training that is available to your subscriber base as part of your Lexis Securities Mosaic license. Did you know that we are in better position than ever to train Fall Associates in person in your firm? If that’s not a possibility, we’re happy to offer training via webinar. Reach out to your Securities Mosaic Solutions Consultant representative, or visit our training sign-up page at http://www.lexissecuritiesmosaic.com/net/public/Training.aspx.
If you missed last month’s inaugural installment of our series of 30-minute hosted webinars on trending topics in the arena of corporate law, securities, capital markets, finance, and M&A, now’s your chance to make amends. Later today, Tuesday, September 22 at 1:30 p.m. ET, Lexis Securities Mosaic will host a 30-minute webinar focusing on regulatory enforcement. Learn how to locate company disclosure of ongoing investigations and agency enforcement and adjudication releases from the SEC, Department of Justice, and other regulators. Gain insight on trends and track potential “show-stopper” violations. Viewers will learn where within Securities Mosaic they may find various stages of the enforcement and some tips on how to best expedite their searching plus much more. Register Now!
What’s great, new, and on the horizon for Securities Mosaic? Check out our Summer 2015 newsletter, featuring updates about recent enhancements to our SEC Comment Letters page and Reference Retriever tool, to get up to speed. You can access a PDF version of the newsletter here.
We are kicking off a series of 30-minute webinars on how to best use Securities Mosaic to follow and act on a particular topic. Today, Thursday, August 20, at 1:30 pm Eastern, we’ll be looking at the recent SEC proposed clawbacks rule. The rule, affecting most exchange-listed companies, enacts a Dodd-Frank mandate for the recovery of incentive-based compensation to executives that is later discovered to have been overpaid. Find out more about the rule and how you can use Securities Mosaic to stay on top of it.
Sean Coleman of our Solutions Consultants team will be leading the webinar. Registration is free and open, but is required for participation. Click here to register.