On October 16, the SEC published an investigative report examining the efficacy of internal accounting controls for nine public companies that lost millions of dollars as a result of cyber-related fraud. Though public companies are required to implement internal accounting controls designed to safeguard against cyber-related fraud, as required by Section 13(b)(2)(B) of the Securities Exchange Act of 1934, the SEC found that the fraudulent schemes "were not sophisticated in design or the use of technology." The SEC recommended that public companies reassess and calibrate their internal accounting controls to the current cybersecurity risk environment.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.