Katherine Mooney Carroll

Katherine Mooney Carroll’s practice focuses on advising U.S. and international financial institutions on U.S. regulatory matters, including recent reforms pursuant to the Dodd-Frank Act, regulatory aspects of bank M&A, cybersecurity and privacy matters, and compliance with U.S. sanctions and anti-money laundering laws.

Firm/Organization: Cleary Gottlieb Steen & Hamilton LLP

Blogs: Cleary Cybersecurity and Privacy Watch, Cleary FinTech Update, Cleary International Trade and Sanctions Watch, Cleary M&A and Corporate Governance Watch

Latest Articles

Cleary Cybersecurity and Privacy Watch

California AG Proposes Modified CCPA Regulations

By Katherine Mooney Carroll, Alexis Collins, Daniel Ilan, Jonathan S. Kolodner, Rahul Mukhi, Michelle Butler & Jane C. Rosen

February 12, 2020

On Friday, February 7, 2020, the California Attorney General released an amended set of proposed regulations (supplemented on February 10, 2020) implementing the California Consumer Privacy Act of 2018 (the “CCPA”), including substantial changes to the draft regulations issued in October. While the revised regulations eliminate certain requirements that businesses found to be onerous and provide clarification on several points of lingering ambiguity, they also impose additional new compliance obligations and still fail to address…

Cleary Cybersecurity and Privacy Watch

2019 Cybersecurity Developments: A Year in Review

By Katherine Mooney Carroll, Jonathan S. Kolodner, Daniel Ilan, James Norris-Jones, Rahul Mukhi, Alexis Collins & Emmanuel Ronco

January 31, 2020

In 2019, boards and senior management across a range of industries continued to cite cybersecurity as one of the most significant risks facing their companies. At the same time, comprehensive data privacy regulation became a new reality in the United States as many companies implemented major revisions to their privacy policies and data systems to achieve compliance with California’s groundbreaking privacy legislation. New York also imposed for the first time affirmative cybersecurity obligations on companies,…

Cleary Cybersecurity and Privacy Watch

The CCPA Takes Shape with Proposed Regulations, as Companies are Encouraged to Comply by January 1

By Katherine Mooney Carroll, Jonathan S. Kolodner, Daniel Ilan, Rahul Mukhi, Alexis Collins, Jane C. Rosen & Michelle Butler

October 22, 2019

The final version of the California Consumer Privacy Act of 2018 is coming into view. On October 10, California’s Attorney General released the long-anticipated draft regulations to implement the CCPA, and on October 12, the Governor signed into law five amendments to the CCPA passed during the 2019 legislative session. (We previously discussed the CCPA here and the amendments here.) While the Regulations are currently subject to public comment and may be further modified…

Cleary FinTech Update

SEC Files First Suit Against Alleged Unregistered Broker-Dealer Operating in Digital Asset Markets

By Michael H. Krimminger, Katherine Mooney Carroll, Alexis Collins, Carl F. Emigholz & Jim Wintering

October 10, 2019

On September 18, 2019, the Securities and Exchange Commission (“SEC”) filed its first civil suit alleging violations of broker-dealer registration requirements in U.S. digital asset markets. In a case filed in the U.S. District Court for the Central District of California, the SEC alleged that Defendants ICOBox and its founder, Nikolay Evdokimov, illegally conducted an unregistered public securities offering for their 2017 initial coin offering (“ICO”), and have operated an unregistered brokerage service facilitating the…

Cleary Cybersecurity and Privacy Watch

SEC Files First Suit Against Alleged Unregistered Broker-Dealer Operating in Digital Asset Markets

By Michael H. Krimminger, Katherine Mooney Carroll, Alexis Collins, Carl F. Emigholz & Jim Wintering

October 10, 2019

Cleary Cybersecurity and Privacy Watch

California Consumer Privacy Act Amendments Offer Relief, but Challenges Remain

By Katherine Mooney Carroll, Jonathan S. Kolodner, Daniel Ilan, Rahul Mukhi, Alexis Collins, Jane C. Rosen & Whitney A. Lee

September 24, 2019

California’s 2019 legislative session has drawn to a close with passage of five amendments to the California Consumer Privacy Act (CCPA) during the final days of the session. Assuming that the bills are timely signed by the Governor before the October 13 deadline, businesses will finally have the complete version of the statute that will come into effect January 1, 2020 (with the exception of regulations expected to be issued by the California Attorney General…

Cleary Cybersecurity and Privacy Watch

Canadian Financial Regulator Publishes New Cyber Incident Reporting Guidelines Effective March 2019

By Katherine Mooney Carroll, Phillip L. Hurst & Whitney A. Lee

March 5, 2019

On January 24 2019, Canada’s Office of the Superintendent of Financial Institutions (“OSFI”) released an Advisory detailing new requirements for Canadian federally regulated financial institutions (“FRFIs”) to report cyber incidents within 72 hours. FRFIs include banks, trust companies, loan companies, life insurance companies, property and casualty insurance companies, and fraternal benefit societies. The new reporting requirements become effective on March 31, 2019.…

Cleary Cybersecurity and Privacy Watch

FINRA 2019 Examination Priorities Letter Includes Focus on FinTech and Cybersecurity

By Katherine Mooney Carroll, Colin D. Lloyd & Jim Wintering

February 12, 2019

On January 22, the Financial Industry Regulatory Authority (“FINRA”)[1] released its 2019 Risk Monitoring and Examination Priorities Letter (the “Letter”). The Letter highlights material new priorities for FINRA examinations in the coming year, as well as priorities in areas of ongoing concern. The topics highlighted in this year’s Letter reflect FINRA’s increasing focus on its members’ interaction with, and adoption of, innovative financial technologies, as well as its implicit acknowledgement of the ability for…

Cleary FinTech Update

FINRA 2019 Examination Priorities Letter Includes Focus on FinTech and Cybersecurity

By Katherine Mooney Carroll, Colin D. Lloyd & Jim Wintering

February 12, 2019

Cleary Cybersecurity and Privacy Watch

2018 Cybersecurity and Data Privacy Developments: A Year in Review

By Daniel Ilan, Jonathan S. Kolodner, Pamela L. Marcogliese, Rahul Mukhi, Katherine Mooney Carroll, Alexis Collins & Emmanuel Ronco

January 30, 2019

In 2018, data privacy and cyber breaches made headlines throughout the year. Major companies continued to suffer data breaches, highlighting the risks and potential costs of cyber incidents across industries. At the same time, a growing and overlapping thicket of data security and privacy regulations—within the U.S., European Union, Latin America, and elsewhere—continued to increase compliance costs and regulatory risks. This memo surveys some of the key cybersecurity and data privacy developments of 2018, including…

Katherine Mooney Carroll

California AG Proposes Modified CCPA Regulations

2019 Cybersecurity Developments: A Year in Review

The CCPA Takes Shape with Proposed Regulations, as Companies are Encouraged to Comply by January 1

SEC Files First Suit Against Alleged Unregistered Broker-Dealer Operating in Digital Asset Markets

SEC Files First Suit Against Alleged Unregistered Broker-Dealer Operating in Digital Asset Markets

California Consumer Privacy Act Amendments Offer Relief, but Challenges Remain

Canadian Financial Regulator Publishes New Cyber Incident Reporting Guidelines Effective March 2019

FINRA 2019 Examination Priorities Letter Includes Focus on FinTech and Cybersecurity

FINRA 2019 Examination Priorities Letter Includes Focus on FinTech and Cybersecurity

2018 Cybersecurity and Data Privacy Developments: A Year in Review

Stay Connected

Company

Support

New to the Network