Data-Protection Compliance And Regulatory Defense
The Securities and Exchange Commission (“SEC”) has in recent years reported a spike in data breaches in the financial services industry. The Financial Crimes Enforcement Network (“FinCEN”) has established specific rules for reporting data breaches and attempted data breaches, and regulatory and enforcement actions regarding these matters are on the rise. For broker-dealers, allegations of failing to protect customer data can be extremely costly.
The law firm of Ford O'Brien, LLP, advises and represents clients facing SEC, FinCEN and Financial Industry Regulatory Authority (“FINRA”) investigations. Our attorneys have extensive experience in these matters, including data-protection compliance and other regulatory concerns that arise under the Bank Secrecy Act. Ford O'Brien, LLP, represents clients facing criminal prosecution or civil or administrative enforcement actions, including state regulatory actions. We serve clients in New York and nationwide.
Suspicious Activity Reports And Data Hacking
Even when a firm has a dedicated official focused on regulatory compliance, hacking and attempted hacking can result in unforeseen circumstances that expose the firm to enforcement actions by the SEC. Good-faith attempts to file proper suspicious-activity reports (SARs) may still lead to an investigation if particular items of information are omitted.
For example, FinCEN requires the following “five essential elements” to be included in reports of suspicious activity and potential data breaches: 1) who, 2) what, 3) when, 4) where and 5) why. This information must include email addresses and IP addresses if applicable.
Depending on the extent of the breach or attempted breach, failing to meet these or other reporting requirements could cost your firm millions of dollars in fines, as well as other required remedial actions such as implementing new policies and personnel changes.
The financial regulatory environment is ever-evolving. Our team of experienced trial attorneys is ready to help broker-dealers and other financial industry professionals defend against enforcement actions and regulatory investigations, as well as create effective compliance programs for protecting customer data.