Category: SEC Enforcement
When it comes to settlements with the SEC’s Division of Enforcement (“Enforcement Division”), a question respondents often ask is how the SEC arrives at a given penalty amount? This blog post will discuss the SEC’s current approach to determining penalty amounts, as recently articulated by Gurbir Grewal, the Director of the SEC’s Enforcement Division, and also considers how the SEC’s recent settlement with Global Infrastructure Management, LLC (“Global”) may be indicative of the SEC’s new approach to penalties.
Last month, we wrote about three actions taken by the SEC signaling a renewed interest in cybersecurity disclosure enforcement. In keeping with this theme, the SEC announced a number of significant new cybersecurity actions just last week. On August 30, the SEC disclosed enforcement actions against eight brokerage firms for failing to implement adequate cybersecurity policies and procedures, as required by the SEC’s “Safeguards Rule.” All eight firms agreed to settle with the SEC and will collectively pay hundreds of thousands of dollars in fines. These most recent actions underscore that companies should be mindful of whether their cybersecurity policies and procedures comply with SEC requirements and expectations.