The Securities and Exchange Commission unanimously voted to approve additional guidance for reporting cybersecurity risks last month. However, it is unclear what, if any, impact the new guidance will have on the rate of SEC enforcement actions in the coming months.
A recent study shows that SEC enforcement actions significantly declined from 2016 to 2017: from 92 to 62, with only 17 in the last half of 2017. Similarly, the total monetary settlements declined from $1 billion over the first half of 2017, to $196 million in the second half.
The timing of the decline suggests that the Trump Administration may be reining in regulatory enforcement. However the co-directors of the SEC’s enforcement divisions deny that there has been any directive to slow enforcement. In fact, during the annual ABA white collar conference, they cautioned that more enforcement actions – especially related to cybersecurity – may be on the horizon.