Tagged: internal accounting controls

SEC Expands Internal Controls Provision to Cover Cybersecurity Incidents and Reaches $2.1 Million Settlement with R.R. Donnelley & Sons Co.

SEC Expands Internal Controls Provision to Cover Cybersecurity Incidents and Reaches $2.1 Million Settlement with R.R. Donnelley & Sons Co.

In a significant expansion of internal controls enforcement, the SEC announced a $2.1 million settlement with R.R. Donnelley & Sons Co. (“RRD”) for its handling of a 2021 ransomware attack and resulting disclosure failures.  The settlement represents the SEC’s first application of its internal controls enforcement authority to include cybersecurity policies and procedures.  In 2021, RRD suffered a cyber attack in which a threat actor...