This blog from Steve Quinlivan shares the details on the Trump Administration’s decision to order an immediate freeze on the adoption of new regulations. Media reports have noted that the incoming Obama and Bush Administrations both instituted a similar freeze – but as this Davis Polk blog points out, those reports have overlooked the fact that Trump’s freeze doesn’t apply to independent agencies, like the SEC:
Like past memoranda, the Priebus Memo does not attempt to freeze rulemaking by independent agencies, nor does it request that independent agencies voluntarily comply with a regulatory moratorium, as did a similar memorandum issued shortly after the inauguration of President George W. Bush. Accordingly, the Priebus Memo means little for the financial sector, because most financial regulatory agencies—including the CFTC, FDIC, Federal Reserve, OCC, SEC and, at least for the meantime, the CFPB—are treated as independent agencies.
Although there wasn’t a request for voluntary compliance with the freeze, with an interim GOP Chair now in place, it’s unlikely that the SEC would “go rogue” and issue new regulations in any event.
Unlike the actions taken by the last two incoming Administrations, the Priebus Memo freezes not only executive-agency rulemaking, but also the issuance of any “guidance document[s]” by an executive agency. Again, because the SEC is an independent agency, this directive does not apply to it – but for those agencies subject to it, issuance of formal agency guidance on existing rules & statutory provisions is off the table for the duration of the freeze.
Tomorrow’s Webcast: “Audit Committees in Action – The Latest Developments”
Tune in tomorrow for the webcast – “Audit Committees in Action: The Latest Developments” – to hear Morgan Lewis’ Rani Doyle, Deloitte’s Consuelo Hitchcock and Gibson Dunn’s Mike Scanlon catch us up on a host of new SEC & PCAOB developments that impact how audit committees operate – and more.
Cybersecurity: The Russians Are Coming! The Russians Are Coming!
This Womble Carlyle memo reviews the DHS/FBI report on Russia’s hacking of the DNC in connection with the 2016 election, & says it’s time for US companies to start building cyber-fallout shelters:
The report is best understood as a call to arms for U.S. private sector and government entities to strengthen their vigilance and defenses against Russian Intelligence Services and join DHS and FBI in their effort to counter them. Many organizations believe that because they hold no state secrets, defense related intellectual property, or sensitive information on government employees, they have no stake in geopolitical cyber security. DHS and the FBI are saying that this is not true.
The national interest in cyber security is materially weakened whenever organizations with credibility and standing allow their domains to be breached and used conduits for cyber attacks on others – as happened in the DNC breach. Furthermore, data collected from breaches of non-traditional targets is often used to create the highly targeted and highly credible email packages for use in spear phishing campaigns against more traditional targets.
Aside from the recent unpleasantness, the Center for Strategic & International Studies’ cybersecurity recommendations for the incoming President include actions to “incentivize companies to make cybersecurity and data protection a priority for Boards and C-Suites.”
– John Jenkins