Alexander Madrid

Alex's litigation and regulatory experience focuses on representation of financial services firms, broker-dealers, and investment advisers.

Firm/Organization: McGuireWoods LLP

Blogs: Consumer FinSights, Password Protected, Subject to Inquiry

Latest Articles

Subject to Inquiry

North American Securities Administrators Association (NASAA) Releases Model Cybersecurity Rule

By Alexander Madrid, Emily P. Gordy & Cheryl Haas on May 24, 2019

On May 21, the North American Securities Administrators Association (NASAA)—an organization comprised of 67 securities regulators within the United States (all fifty states as well as districts and territories), Canada, and Mexico—released a model cybersecurity rule package governing state-registered investment advisors’ cybersecurity and privacy practices. The model rule package, which would need to be adopted by an individual state so as to become law in that jurisdiction, provides a structure for how state-registered investment advisers…

Password Protected

North American Securities Administrators Association (NASAA) Releases Model Cybersecurity Rule

By Alexander Madrid, Emily P. Gordy & Cheryl Haas on May 24, 2019

Consumer FinSights

New York Launches New Consumer Protection and Financial Enforcement Division

By Joshua Davey, Joseph J. Reilly & Alexander Madrid on May 8, 2019

On April 29, the New York Department of Financial Services (NY DFS)—the state’s principal banking and insurance regulator—announced that it is creating a new Consumer Protection and Financial Enforcement (CPFE) division. The new division, described by commentators as a state-level version of the Consumer Financial Protection Bureau (CFPB), or “mini CFPB,” will have responsibility for consumer financial enforcement and have oversight over consumer financial services institutions within the state. The NY DFS’s announcement highlighted…

Subject to Inquiry

SEC OCIE Highlights Potential Deficiencies in Firm Privacy Policies

By Emily P. Gordy, Alexander Madrid & Cheryl Haas on April 25, 2019

On April 16, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert highlighting Regulation S-P compliance deficiencies and issues it found in recent examinations of broker-dealers and investment advisers. Regulation S-P is the primary SEC rule detailing the safeguards these firms must take to protect customer privacy. The Risk Alert provides an important reminder for firms to assess their supervisory and compliance programs related to Regulation S-P and make any necessary…

Password Protected

SEC OCIE Highlights Potential Deficiencies in Firm Privacy Policies

By Emily P. Gordy, Cheryl Haas & Alexander Madrid on April 25, 2019

On April 16, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting Regulation S-P compliance deficiencies and issues it found in recent examinations of broker-dealers and investment advisers. Regulation S-P is the primary SEC rule detailing the safeguards these firms must take to protect customer privacy. The Risk Alert provides an important reminder for firms to assess their supervisory and compliance programs related to Regulation S-P and make any necessary…

Subject to Inquiry

Recent New Jersey Rule Proposal Progresses State Efforts to Impose Fiduciary Duties on Brokers

By Kiran V. Somashekara, Alexander Madrid & Amanda J. Goldstein on April 22, 2019

On April 15, the New Jersey Bureau of Securities (the “Bureau”) issued a rule proposal to establish a uniform fiduciary duty standard applicable to investment advisers, brokers-dealers and their registered representatives and agents. Specifically, the proposed rule (N.J.A.C. 13:47A-6.4), which could take effect as early as the end of the year, will require all investment professionals registered with the Bureau to provide investment advice, recommend investment strategies, open or transfer assets to any type of…

Password Protected

Between a Rock and a Hard Place: SEC Disclosure Analysis in Light of Yahoo

By Andrew Konia, Alexander Madrid, David S. Wolpa & Jane Whitt Sellers on May 8, 2018

On April 25, the Securities and Exchange Commission announced a settlement with Yahoo that constituted its first enforcement action against a public company for failing to disclose a data breach. This settlement demonstrates that companies in post-data breach environments must engage in a thorough, fulsome analysis of whether to disclose the cybersecurity incident in their public filings. In conducting this analysis, companies face a difficult choice: disclose and face public and investor backlash, or decline…

Password Protected

Your Credit Card Number’s Been Stolen. Have You Been Injured? Courts’ Answers Continue to Vary

By Alexander Madrid on October 10, 2016

Seemingly not a day goes by without news of another major data breach. In the past few weeks, Yahoo! announced that at least 500 million of its user accounts were stolen in 2014, hot on the heels of Dropbox’s announcement that more than 68 million of its accounts were compromised. Data breach announcements by major companies are inevitably swiftly followed by class action complaints alleging a bevy of state and common-law claims. Yet despite the…

Password Protected

A Storm Brews: Retailers Push Back Against Payment Card Industry Data Security Standards

By Alexander Madrid on June 29, 2016

As businesses and financial institutions grapple with data security in the wake of high profile breaches, tensions between retailers and the credit card industry over the creation and implementation of security standards appear to be growing. The disagreements between these two groups manifested themselves on June 2, when the National Retail Federation (“NRF”), the world’s largest retail trade association, announced that it sent a nineteen-page white paper to the Federal Trade Commission (“FTC”) encouraging it…

Password Protected

Vizio and Google Data Privacy Class Actions Illustrate Risks of Data Collection – And Defensive Value of Robust Disclosures

By Alexander Madrid on November 30, 2015

Two recent developments in data privacy litigation highlight the continuing challenges to companies that collect internet usage information without clearly disclosing the manner and method in which they are doing so to users. As these events demonstrate, plaintiffs’ attorneys are aggressively bringing actions against companies that collect user data, including through the invocation of California’s broad consumer-protection laws and even through an antiquated statute originally designed to prevent Blockbuster and its ilk from disclosing patrons’…

Alexander Madrid

North American Securities Administrators Association (NASAA) Releases Model Cybersecurity Rule

North American Securities Administrators Association (NASAA) Releases Model Cybersecurity Rule

New York Launches New Consumer Protection and Financial Enforcement Division

SEC OCIE Highlights Potential Deficiencies in Firm Privacy Policies

SEC OCIE Highlights Potential Deficiencies in Firm Privacy Policies

Recent New Jersey Rule Proposal Progresses State Efforts to Impose Fiduciary Duties on Brokers

Between a Rock and a Hard Place: SEC Disclosure Analysis in Light of Yahoo

Your Credit Card Number’s Been Stolen. Have You Been Injured? Courts’ Answers Continue to Vary

A Storm Brews: Retailers Push Back Against Payment Card Industry Data Security Standards

Vizio and Google Data Privacy Class Actions Illustrate Risks of Data Collection – And Defensive Value of Robust Disclosures

Company

Support

New to the Network