Category: Laws & Regulations
Non-fungible tokens (NFTs) are the latest trend to sweep markets from the art industry to professional sports leagues. These digital assets have existed for several years but have achieved explosive popularity only recently. In fact, the global market for NFTs reportedly hit over $40 billion in 2021. Despite this, the legal frameworks governing NFTs—which could significantly impact the risks and rewards of buying or selling NFTs—are still catching up. In this series of articles, we will explore the developing legal landscape surrounding NFTs and the increased legal and regulatory scrutiny that lawyers should consider.
To continue reading Gregory Baker, Anne-Laure Alléhaut and Catherine J. Djang's New York Law Journal article on this topic, please click here.
Last summer, Representative Alexandria Ocasio-Cortez (D-NY) introduced bill H.R. 4620 to limit the exemption from registration requirements applicable to certain family offices under the Investment Advisers Act of 1940 (the “Advisers Act”). If the bill becomes law, among other things, a family office with $750,000,000 or more in assets under management will no longer be exempt from registration under the Advisers Act.
Last month, we wrote about three actions taken by the SEC signaling a renewed interest in cybersecurity disclosure enforcement. In keeping with this theme, the SEC announced a number of significant new cybersecurity actions just last week. On August 30, the SEC disclosed enforcement actions against eight brokerage firms for failing to implement adequate cybersecurity policies and procedures, as required by the SEC’s “Safeguards Rule.” All eight firms agreed to settle with the SEC and will collectively pay hundreds of thousands of dollars in fines. These most recent actions underscore that companies should be mindful of whether their cybersecurity policies and procedures comply with SEC requirements and expectations.
The SEC is ramping up its cybersecurity disclosure enforcement. While the agency had made significant efforts relating to cybersecurity disclosure previously, there has been surprisingly little SEC activity in this area since 2018—even though the last three years has seen an explosion of high-profile data security incidents. That changed in June of this year, however, with the SEC taking three major actions that demonstrate a renewed interest in such enforcement. First, the SEC announced its intention to issue a new rule regulating cybersecurity risk governance disclosure. Second, it announced its first charges and settlement for cybersecurity disclosure violations since 2018. And third, it revealed a significant cybersecurity disclosure investigation relating to the recent SolarWinds supply-chain attack. In light of these developments, now would be a good time for issuers and registered entities to review the SEC’s expectations for cybersecurity disclosure, and implement any necessary changes to their respective policies and procedures, and disclosure practices.