Joseph Lazzarotti of JacksonLewis writes: Following recent examinations of SEC-registered investment advisers and broker-dealers, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) published a privacy risk alert on April 16, 2019. OCIE is hoping to remind advisers and broker-dealers about providing compliant privacy and opt-out notices, and adopting and implementing effective policies and…
Category: Financial Sector
Ottawa should impose cyber obligations on banks, says national security expert
Howard Solomon reports: Ottawa has to give Canadian banks more pointed direction to improve their ability to withstand cyber attacks, says the country’s former national security advisor. “Government legislatively has to impose obligations on financial institutions, much in the same way they have done with money laundering,” Richard Fadden told parliament’s Public Safety committee on…
Swiss Banker Guilty of Corporate Espionage for Leaking Data on Tax Dodge
Hugo Miller reports: A Zurich court convicted a former employee of Bank J. Safra Sarasin AG of one count of corporate espionage for leaking internal documents about a controversial tax deal. The man, who can only be identified as Volker S., was found guilty Thursday of giving a journalist the information, which was used by…
How Hackers Pulled Off a $20 Million Mexican Bank Heist
Lily Hay Newman reports: In January 2018 a group of hackers, now thought to be working for the North Korean state-sponsored group Lazarus, attempted to steal $110 million from the Mexican commercial bank Bancomext. That effort failed. But just a few months later, a smaller yet still elaborate series of attacks allowed hackers to siphon…
Turkish Data Protection Authority Announced Data Leakage Of A Dutch Bank Revealing The Importance Of Effective Information Security
Ertuğrul Can Canbolat LL.M., S. İrem Akin and Baran Can Yildirim, LL.M. write: Under Article 12/5 of the Turkish Data Protection Law, the data controllers are obliged to inform the Turkish Data Protection Authority (“DPA“) in case the personal data processed on their behalf is acquired by others unlawfully. In line with this provision, ING…
Payment card dumps on dark web indicate compromise at Meezan Bank — researchers
In October, 2015, The Daily Times reported: The State Bank of Pakistan (SBP) has directed the banks to report in details about all established security breaches, its analysis and its designated payment systems department, on quarterly basis to explain the impact of security breaches on institution’s business, systems, applications and customers. The directives were issued…