The SEC brings its first enforcement action under the identity theft red flags rule

Purpose: To explain the significance of the first enforcement action under the Identity Theft Red Flags Rule by the US Securities and Exchange Commission (SEC), which was announced on September 26, 2018. Design/methodology/approach: Explains how the SEC’s order not only cites violations of the Safeguards Rule under Regulation S-P (a staple of SEC cybersecurity enforcement actions against broker-dealers and investment advisers) but also is the SEC’s first enforcement action for a violation of the Identity Theft Red Flags Rule under Regulation S-ID, which requires certain SEC registrants to create and implement policies to detect, prevent and mitigate identity theft. Findings: Cybersecurity policies and procedures must match business risks and change as business risks change. Originality/value: Practical guidance from experienced cybersecurity and privacy lawyers.

MoreLess

Year of publication:	2019
Authors:	Martinez, Vincente L. ; Jacobson, Julia B. ; Iheanacho, Nancy C.
Published in:	Journal of Investment Compliance. - Emerald, ISSN 1528-5812, ZDB-ID 2048718-6. - Vol. 20.2019, 1 (07.05.), p. 31-35
Publisher:	Emerald

Online Resource

Check full text access |

More access options

Check Google Scholar

In libraries world-wide (WorldCat)

In German libraries (KVK)

subito order

I need help

More details

Type of publication:	Article
Language:	English
Other identifiers:	10.1108/joic-01-2019-0007 [DOI]
Source:	Other ZBW resources

Persistent link: https://www.econbiz.de/10012076515