The SEC recently reminded public companies that they have an affirmative obligation to prevent cyber-theft and that failing to do so could mean that their internal controls are ineffective, a violation of the Securities Exchange Act of 1934.
In an October 16, 2018 investigative report describing recent cyber-related frauds against nine public companies, the SEC noted that public companies must maintain a system of internal accounting controls sufficient to provide reasonable assurance that “access to assets is permitted only in accordance with management’s general or specific authorization.” In each of the nine cases,… More