The SEC Has Issued New Guidance On Cybersecurity Disclosures
On February 20, 2018, the SEC issued new interpretative guidance on public company disclosures related to cybersecurity risks and incidents. In addition to addressing public company disclosures, the new guidance reminds companies of the importance of maintaining disclosure controls and procedures to address cyber-risks and incidents and reminds insiders that trading while having non-public information related to cyber-matters could violate federal insider-trading laws.
The prior SEC guidance on the topic was dated, having been issued on October 13, 2011. For a review of this prior guidance, see HERE. The new guidance is not dramatically different from the 2011 guidance.
The topic of cybersecurity has been in the forefront in recent years, with the SEC issuing a series of statements and creating two new cyber-based enforcement initiatives targeting the protection of retail investors, including protection related to distributed ledger technology (DLT) and initial coin or cryptocurrency offerings (ICO’s). Moreover, the SEC has asked the House Committee on Financial
SEC and NASAA Statements on ICOs and More Enforcement Proceedings
The message from the SEC is very clear: participants in initial coin offerings (ICO’s) and cryptocurrencies in general need to comply with the federal securities laws or they will be the subject of enforcement proceedings. This message spreads beyond companies and entities issuing cryptocurrencies, also including securities lawyers, accountants, consultants and secondary trading platforms. Moreover, the SEC is not the only watchdog. State securities regulators and the plaintiffs’ bar are both taking aim at the crypto marketplace. Several class actions have been filed recently against companies that have completed ICO’s.
After a period of silence, on July 25, 2017, the SEC issued a Section 21(a) Report on an investigation and related activities by the DAO, with concurrent statements by both the Divisions of Corporation Finance and Enforcement. On the same day, the SEC issued an Investor Bulletin related to ICO’s. For more on the Section 21(a) Report, statements and investor bulletin, see HERE. Since that time,
An Introduction To Distributed Ledger Technology (Blockchain Technology)
On July 13, 2017, FINRA held a Blockchain Symposium to assess the use of distributed ledger technology (DLT) in the financial industry, including the maintenance of shareholder and corporate records. DLT is commonly referred to as blockchain. The symposium included participation by the Office of the Comptroller of Currency, the US Commodity Futures Trading Commission (CFTC), the Federal Reserve Board and the SEC.
FINRA also published a report earlier in the year discussing the implications of DLT for the securities industry. Delaware, Nevada and Arizona have already passed statutes allowing for the use of DLT for corporate and shareholder records. This is the first in many blogs that will discuss DLT as this exciting new era of technology continues to unfold and impact the securities markets. In this blog I will discuss FINRA’s report published in January 2017 and in the next in the series, I will summarize the recent SEC investigative report on initial coin offerings and conclusion