On January 27, 2020, the U.S. Securities and Exchange Commission (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued examination observations related to cybersecurity and operational resiliency practices (“Examination Observations”). The observations highlight a set of best practices by market participants in the following areas:  (1) governance and risk management, (2) access rights and controls, (3) data loss prevention, (4) mobile security, (5) incident response and resiliency, (6) vendor management and (7) training and awareness.  Cybersecurity has been a key priority for OCIE since 2012.  Since then, it has published eight cybersecurity-related risk alerts, including an April 2019 alert addressing mobile security. OCIE has perennially included cybersecurity practices as part of its examination priorities (“Examination Priorities”) and listed all but mobile security as “particular focus areas” in the “information security” priority for 2020
Continue Reading

Insider trading law has remained a subject of significant debate and attention, including with a recent Second Circuit decision addressing the use of 18 U.S.C. §§ 1343 (wire fraud) and 1348 (securities fraud) in insider trading cases[1] and a new insider trading bill that passed the U.S. House of Representatives in December by an overwhelming majority.  Yesterday, a blue ribbon task force headed by Preet Bharara, the former U.S. Attorney for the Southern District of New York, published a report studying the history and current state of insider trading law and proposing reforms that would bring greater clarity and certainty to the law.
Continue Reading

Legal and regulatory scrutiny regarding the use of non-disclosure agreements by companies to resolve allegations of sexual harassment and misconduct continues to increase in the wake of the #MeToo movement.  Such scrutiny featured prominently this month in two high-profile sexual harassment matters: the Wynn Resorts investigation and the various legal proceedings following the allegations against Harvey Weinstein.  Both in-house and outside counsel for companies with senior executives facing such allegations should take note of these developments, as they call into question whether the use of NDAs could in certain circumstances amount to investigatory obstruction or a violation of ethical obligations.
Continue Reading

Earlier this month, partners Jennifer Kennedy Park and Kimberly Spoerri participated in a panel co-hosted by The Conference Board and Cleary Gottlieb to discuss the board’s oversight role in issues related to sexual harassment.

Moderator Doug Chia, executive director of The Conference Board, Jen and Kim discussed relevant legal regulations and frameworks and the risks of non-compliance, as well as the policies, procedures and best practices boards and senior management can employ to mitigate risks.  They discussed the responsibility the board has in setting company culture through tone at the top, and how the failure by the board and senior management to be proactive in this area can affect compliance and oversight throughout a company.  The discussion also included ways the board can tangibly address these issues. 
Continue Reading