We recently wrote about the new policy statement issued by the Securities and Exchange Commission (SEC) “that the presence of an issuer-investor mandatory arbitration provision will not impact decisions whether to accelerate the effectiveness of a registration statement under the Securities Act.” This reverses the agency’s previous position that it would not use its authority to accelerate the effective date of a company’s registration statement when the company’s governing documents contained a mandatory arbitration provision covering disputes under the federal securities laws.
The Office of the Comptroller of the Currency (OCC) today published the fall 2025 edition of the Interest Rate Risk Statistics Report. The report presents interest rate risk data gathered during examinations of OCC-supervised midsize and community banks and federal savings associations (collectively, banks). The statistics are for informational purposes only and do not represent OCC-suggested limits or exposures.
The New York Department of Financial Services (NYDFS) will implement new cybersecurity requirements on Nov. 1, introducing enhanced rules around multifactor authentication (MFA) and asset management for covered entities under the state’s financial services law.
After its creation the Consumer Financial Protection Bureau (CFPB) had a broad mandate covering nearly all consumer financial products. The CFPB wielded expansive rulemaking, supervision and enforcement powers. As noted in their Fiscal Year 2024 Financial Report, in 2024 alone, the CFPB conducted 26 public enforcement actions through settlement, litigation or default judgment. With the administration change, the CFPB has entered a deregulatory phase.
In less than 3 months, any company doing business in California impacted by a data breach must notify individuals within 30 days of the discovery under SB 446. The 30-day deadline may be delayed to (1) accommodate the needs of law enforcement, or (2) as necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
.jpg)
.jpg)