Posts Tagged ‘SEC enforcement’
Another Take on Messaging Apps
For nearly three years now, the Securities and Exchange Commission has fired off one enforcement action after another at the financial services industry for employees’ improper use of messaging apps. Today let’s consider two contrarian voices that raise a fair question: exactly how are firms supposed to satisfy this nearly impossible compliance goal? Those contrarian…
Read MoreLessons From Deere FCPA Sanction
Deere & Co. is paying $10 million to settle one of the more colorful FCPA cases we’ve seen in a while, replete with Thai massage parlors, envelopes of cash, sketchy overseas agents — and even a few lessons about compliance fundamentals from due diligence of acquisitions to program remediation. Let’s take a look. The Securities…
Read MoreK-Cup Disclosures Cost Keurig $1.5M
Well here’s news that will wake up all you sustainability reporting enthusiasts: the Securities and Exchange Commission just fined coffee giant Keurig Dr. Pepper $1.5 million for making misleading disclosures about the recyclability of those little K-cups. The SEC announced the enforcement action Tuesday morning. According to the settlement order, Keurig stated in its annual…
Read MoreAnother Pre-Taliation Sweep!
The Securities and Exchange Commission’s campaign against companies using pre-taliation language in their employment contracts continues, with seven businesses sanctioned this week for making employees sign away their eligibility for whistleblower rewards. In total the companies will pay more than $3 million in penalties. The SEC announced its enforcement action Monday morning. The worst offender,…
Read MoreA Fresh Example of Poor Control Environment
The Securities and Exchange Commission has charged a Massachusetts company with allowing a poor control environment and weak segregation of duties, which in turn allowed one of the company’s corporate finance directors to inflate his division’s financial performance for years. The company in question is Circor International, a maker of industrial valve systems for the…
Read MoreMore Lessons on Cyber Control Failures
We have another glimpse into modern cybersecurity threats and the control weaknesses that allow those threats to happen, courtesy of an enforcement action against a financial services firm that twice was duped by hackers into selling their customers’ assets. The financial services firm is Equiniti Trust Co., a registered transfer agent — that is, a…
Read MoreAnother Round of Messaging Fines
The crackdown on employees’ use of off-channel messaging apps continues! The Securities and Exchange Commission just announced settlements with a whopping 26 financial firms for messaging offenses, and those firms will collectively pay more than $390 million in civil penalties — although three firms that self-reported their offenses will pay much less. By now we…
Read MoreSEC Lawsuit Against SolarWinds Gutted
A federal judge has dismissed a high-profile lawsuit that the Securities and Exchange Commission filed last year against software firm SolarWinds and its chief information security officer, finding that SEC rules requiring companies to have strong internal accounting controls cannot be interpreted to include cybersecurity measures. The SEC filed its lawsuit against SolarWinds and the…
Read MoreUnitedHealth’s Big Cyber Compliance Mess
UnitedHealth filed its latest quarterly earnings report today, complete with an update on the staggering costs of a ransomware attack the healthcare giant suffered earlier this year — and if anyone needs a fresh example of how cyber attacks can tie your company into compliance knots, pull up a chair. The attack itself happened in…
Read MoreInternal Accounting Controls and Cyber Risk
Today I want to return to that recent enforcement action against RR Donnelley, where the Securities and Exchange Commission cited faulty internal accounting controls at Donnelley as grounds to impose a $2.1 million sanction over the company’s poor handling of a cybersecurity incident. What are internal control professionals supposed to make of an enforcement action…
Read More