Monthly Archives:

Pennies add up to $18.7 million in allegedly illicit gains

A bit different from the billion dollar frauds that frequently made the headlines in the years past, a complaint filed on October 5, 2014 by the justice department in the federal district court in Manhattan accuses two former New York brokers of securities fraud and conspiracy for secretly adding a few pennies to the cost of securities trades they processed to generate $18.7 million in gains. The SEC also filed civil charges against the men, and added another broker as a defendant. The SEC’s complaint alleges that from at least 2005 through at least February 2009, the defendants perpetrated the scheme by falsifying execution prices and embedding hidden markups or markdowns on over 36,000 customer transactions. According to the SEC, the defendants charged small commissions—typically pennies or fractions of pennies per share; the scheme was devious and difficult to detect because they selectively engaged in it when the volatility in the market was sufficient to conceal the fraud. One of the defendants, who was in charge of entering the prices into the trading records and playing a critical role by controlling the flow of information, already pleaded guilty to securities fraud and conspiracy.

New York City’s new bill would restrict using credit reports for employment decisions

Last month, the New York City Council’s Committee on Civil Rights held a hearing on a bill that would amend the city’s administrative code, prohibiting employers from using consumer credit reports for personnel decisions. Although the hearing ended without a disposition, it is expected that this bill will pass in some form in the near future. The Committee is holding a separate hearing in December on a bill that would prohibit employment discrimination based on an applicant’s or employee’s criminal history.

Congress proposes bill that protects regulated employers’ background checks

While the Equal Employment Opportunity Commission (the “EEOC”) is continuing its challenge of employers’ use of criminal history and credit report information in personnel decisions, and new “ban-the-box” laws are rapidly gaining momentum, on September 9, 2014, Congress proposed legislation that protects certain regulated employers from EEOC, state agency and private actions when they strive to comply with the screening laws that are particular to their industries. The Certainty in Enforcement Act of 2014 would amend Section 703 of the Civil Rights Act of 1964 (42 U.S.C. 2000e-2), and cover employers that include those engaged in “health care, childcare, in-home services, policing, security, education, finance, employee benefits, and fiduciary duties.”

SEC new rule: ABS issuers and underwriters must disclose any third-party due diligence report

On August 27, 2014, as mandated by the Dodd-Frank Act, the Securities & Exchange Commission (the “SEC”) adopted several new rules and amendments designed to improve the quality of credit ratings and increase the accountability of Nationally Recognized Statistical Rating Organizations (“NRSROs”). The new rules, which become effective nine months after their publication in the Federal Register, significantly affect services in connection with asset-backed securities (“ABS”). Among other provisions, included is a requirement for ABS issuers and underwriters to disclose the findings and conclusions of any third-party due diligence report they obtain. The rule applies to both registered and unregistered offerings. Additionally, providers of ABS due diligence services must submit a written certification (signed by an individual who is duly authorized to make such a certification) to any NRSRO that is producing a credit rating regarding the ABS, and disclose information about the due diligence performed, along with a summary of the findings and conclusions, and identification of any relevant NRSRO due diligence criteria that the third-party intended to meet in performing the due diligence.

California’s A.B. 1710 enhances privacy protections for sensitive personal information

Effective January 1, 2015, A.B. 1710 amends California’s breach notification, security procedures, and Social Security number (SSN) laws, generally outlined as follows:

  • provides that existing personal information data security obligations apply to businesses that maintain personal information, in addition to those who own or license the information;
  • provides that if the person or business issuing the notification was the source of the breach, an offer to provide appropriate identity theft prevention and mitigation services, if any, be made at no cost to the affected person for not less than 12 months, along with all information necessary to take advantage of the offer to any person whose information was or may have been breached, if the breach exposed or may have exposed SSN and driver’s license numbers;
  • provides that a person or entity may not sell, advertise for sale, or offer to sell an individual’s SSN, except as permitted.

The FFIEC issues “shellshock” vulnerability alert to financial institutions

The Federal Financial Institutions Examination Council (the “FFIEC”) issued an alert advising financial institutions about a material security vulnerability in the Bourne-again shell (Bash) system software widely used in servers and other computing devices that could allow attackers to access and gain control of operating systems. The vulnerability, nicknamed “shellshock,” could expose organizations and individuals to potential fraud, financial loss, or access to confidential information. Any financial institution that provides secure services with Linux or nix variants running a vulnerable version of the Bash shell could be at risk no matter what their vendor mix. Given the widespread use of Bash and the evolving nature of the risk, the FFIEC said that regulators expect financial institutions to perform a risk assessment and address the shellshock vulnerability not only in their own systems, but also with their third-party service providers.

Go to Top