Peter Chan, Author at Connect On Tech

In Artificial Intelligence

Recent SEC Actions Highlight Increased Regulatory Scrutiny over Artificial Intelligence and “AI Washing”

April 4, 2024 by Usman Sheikh, Jerome Tomas, Peter Chan, David Gadsden and Anton Rizor 5 Mins Read

On March 18, 2024, the United States Securities and Exchange Commission (the “SEC“) announced that it settled charges against two investment advisers for making false and misleading statements about their purported use of artificial intelligence (AI). This SEC enforcement action marks the latest efforts by securities regulators to combat the adverse effects of “AI washing” and confirms that AI, and particularly “AI washing”, is at the forefront of securities regulators’ minds. What is “AI washing”? “AI washing”…

In Cybersecurity

CISOs, Internal Accounting Controls, Crown Jewels and Disclosure Procedures: Peeling Back The Onion of the Solar Winds Enforcement Action

November 7, 2023 by Peter Chan, Cynthia Cole, Brian Hengesbaugh, Manisha Reddy, Elizabeth Roper, Avi Toltzis, Jerome Tomas and Cyrus R. Vance Jr. 12 Mins Read

In many ways, the Securities and Exchange Commission’s (“SEC”) October 30, 2023 enforcement action against software company SolarWinds Corporation (“SolarWinds”) and its chief information security officer (“CISO”) is a typical securities case. The first four counts involve alleged material misstatements by the public company related to widely reported operational turmoil that allegedly materially impacted the company. But aspects of the case may signal a change in how the SEC looks at cyber incidents, including internal…

In Cybersecurity

SEC Adopts Final Cybersecurity Rules

In brief On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) approved the final rules for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (“Final Rules”). As previously reported, the SEC first proposed amendments to its rules on disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies on March 9, 2022 (“Proposed Rules”). Similar to the Proposed Rules, the Final Rules, broadly speaking, require (i) issuers to make disclosures…

In Financial Institutions

SEC Ramping Up Examination and Enforcement Scrutiny of Cybersecurity at Financial Institutions

August 31, 2021 by Peter Chan, Valerie Mirko, Amy Greer, Brian Hengesbaugh and Harry Valetk 3 Mins Read

As predicted in our Connect on Tech discussion in March, the U.S. Securities and Exchange Commission (“SEC”) is ramping up its examination and enforcement focus on cybersecurity at financial institutions, including scrutiny on actual implementation and deployment of published procedures in response to discovery of cyber breach incidents. Furthermore, the SEC appears to signal its expectation that multi-factor authentication (“MFA”) for email accounts containing sensitive client and customer information should be in place. Email Account…

In Podcast

Podcast Episode 30 — Cybersecurity and the SEC: Looking Forward Following Market Turmoil

March 26, 2021 by Brian Hengesbaugh, Peter Chan and Valerie Mirko 1 Min Read

Partners Peter Chan and Valerie Mirko join Brian Hengesbaugh to discuss the SEC and cybersecurity, leveraging their own experiences with the agency to give an overview of the past, present and future. Listen to learn about: The evolution of the SEC’s focus on cybersecurity, particularly with regard to financial institutionsAn insider’s take on what may trigger SEC investigationWhat’s in store with the Biden administration and how companies should prepare https://open.spotify.com/episode/5Z4nHbjxtrntljyEBMRRqF?si=J3ucfdTRQF6lArxRf540FA Related Resources: SEC Announces 2021…

In Data Privacy

SEC Signals Heightened Scrutiny of Cybersecurity Practices

February 4, 2020 by Brian Hengesbaugh, Harry Valetk, Amy Greer, Jennifer Klass, Valerie Mirko, Peter Chan and Jerome Tomas 5 Mins Read

On January 7, 2020, the U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) announced its 2020 Examination Priorities that included cybersecurity practices. Soon after the publication of the OCIE Examination Priorities, on January 27, 2020, OCIE followed-up with a report entitled Cybersecurity and Resiliency Observations These two OCIE releases, along with prior SEC alerts and actions, provide strong indications that the SEC, in 2020, will be ramping up its focus…