203-658-8454

Cybersecurity Representative Matters

Litigation Experience

In the Matter of LPL Financial Corp., Respondent Admin. Proc. File No. 3-13181 (2008)

A P&D lawyer was appointed the independent consultant in an SEC enforcement action settlement against LPL Financial, one of the largest independent broker-dealers in the U.S. This matter involved numerous violations of Reg S-P including the firm’s failure to safeguard their customers’ personally identifiable information. The consultant was required to review the firm’s systems and written policies and procedures relating to Reg S-P; make recommendations on revisions to these and file a report with the SEC concerning these policies and procedures with a view to assuring the firm’s compliance with Reg S-P.

Represented broker-dealers and investment advisers in various state regulatory inquiries relating to cybersecurity incidents.

Advisory Experience

Advised numerous broker-dealers and investment advisers on the development and implementation of their cybersecurity Information Security Programs

Advised numerous broker-dealers and investment advisers during cybersecurity incidents including an analysis of the ongoing incident, the assessment of PII, the remediation of damage and all communications with regulatory authorities.

Advised numerous broker-dealer and investment adviser clients on their registration with the SEC and FINRA including the development of their operational, compliance and cybersecurity procedures.

Advised one of the country's largest insurance companies on its development and implementation of a records management program and an information security program. This involved the review and analysis of numerous operational and record retention systems and the integration of these systems into a single records management program and, for the ISP, the development and implementation of a risk management system, an access policy, a mobile policy, a vendor policy and an incident response plan.

Advised one of the largest U.S. online broker-dealers on the development and implementation of their record management program. This involved the review and analysis of numerous back office, trading, e-mail and record retention systems and the integration of these systems into a single records management program.

Advised one of the country’s largest broker-dealers in its development and implementation of remedial measures relating to the firm’s failure to comply with the Rule 17a-4 WORM requirement.