Andrew P. Pontano

May 8, 2024 | mondaq.com | Linda Ann Bartosch |Mauricio España |Ralph R. Mazzeo |Andrew P. Pontano

A long-awaited Third Circuit decision held that securitization trusts holding student loans are "covered persons" subject to the CFPB's enforcement and investigative powers because they "engage" in offering or providing consumer financial products or services. The Third Circuit's decision was rooted in the language of the trust agreement, which provided that the trusts' purpose was to "engage in" certain activities relating to the ownership of the student loans.

May 7, 2024 | lexology.com | Linda Ann Bartosch |Mauricio España |Ralph R. Mazzeo |Andrew P. Pontano |John Ludwig

Key TakeawaysA long-awaited Third Circuit decision held that securitization trusts holding student loans are “covered persons” subject to the CFPB’s enforcement and investigative powers because they “engage” in offering or providing consumer financial products or services. The Third Circuit’s decision was rooted in the language of the trust agreement, which provided that the trusts’ purpose was to “engage in” certain activities relating to the ownership of the student loans.

Aug 17, 2023 | jdsupra.com | Ralph R. Mazzeo |Georgina McLeod |Andrew P. Pontano

Key Takeaways ABS issuers have been exempted from the U.S. Securities and Exchange Commission's (“SEC”) final rule requiring certain cybersecurity risk and incident disclosure (the “Final Rule”).1 The SEC left open the possibility of disclosure and reporting requirements for cybersecurity risks tailored to ABS issuers noting that the SEC may “consider cybersecurity disclosure rules specific to asset-backed securities at a later date.” In March 2022, the SEC issued a proposed rule (the...

Aug 16, 2023 | lexology.com | Ralph R. Mazzeo |Andrew P. Pontano |Brenda R. Sharton |Timothy Spangler |Georgina McLeod

BackgroundIn March 2022, the SEC issued a proposed rule (the “Proposed Rule”) to expand and standardize disclosure and reporting requirements for public companies regarding cybersecurity risks, incidents and management.2 The SEC issued the Proposed Rule in response to a perceived rise in cybersecurity risks, the severity in cost and impact to companies experiencing cybersecurity attacks and the lack of standardization regarding disclosure.