|
Also Today
SEC Reg S-P Smaller Entity Deadline — June 3, 2026
Advisers with less than $1.5B AUM must comply with updated privacy and cybersecurity rules: 30-day breach notification, written incident response plan, and enhanced service provider oversight.
Action: Confirm your incident response plan documents a 30-day notification timeline.
SEC FY2025 Enforcement: 20-Year Low in Actions
456 enforcement actions — the lowest in 20 years. Actual monetary relief approximately $2.7B. Crypto enforcement narrowed to target only clear fraud.
Action: Expect more scrutiny of intent and causation, not just transaction volume.
OCC GENIUS Act Stablecoin NPRM — Comments Close May 1
Requirements for OCC-licensed payment stablecoin issuers: application/governance, reserve/redemption obligations, prohibition on interest/yield-bearing features.
Action: Submit comments now if you issue or plan to issue stablecoins.
DORA Active Supervision: EU's First Full Year
The Digital Operational Resilience Act enters its first full year of active supervisory enforcement. Regulators are testing ICT risk management, incident reporting, and third-party dependencies.
Action: Audit your ICT risk register against DORA expectations.
| 