SEC, FINRA, OCC, SOX, and Dodd-Frank considerations for financial services NDAs. Interactive checklist to ensure your NDA meets all requirements.
SEC Rule 21F-17 prohibits any person from taking action to impede an individual from communicating directly with SEC staff about a possible securities law violation. The SEC has brought enforcement actions against companies with NDAs that lacked proper whistleblower carve-outs, resulting in significant penalties.
Every finance NDA must include an explicit carve-out. Attempting to waive these rights is void as a matter of law and may subject your organization to SEC enforcement.
Review each item to ensure your finance NDA meets regulatory requirements
0 of 0 items reviewed
NDA explicitly permits reporting potential securities violations to SEC without prior approval or notice to the company.
Carve-out allows disclosure to SEC staff during examinations and investigations without triggering NDA breach.
If MNPI will be shared, NDA addresses trading restrictions and information barrier requirements.
For investment advisers: permits disclosure of information required on Form ADV public filings.
Carve-out permits disclosure during FINRA examinations without breaching NDA.
NDA terms do not conflict with standards of commercial honor and just principles of trade.
NDA permits disclosure of information necessary for FINRA arbitration proceedings.
Permits disclosure required on registration and termination forms.
For national banks: permits full disclosure to OCC examiners during safety and soundness examinations.
For insured institutions: permits disclosure during FDIC examinations.
NDA does not restrict SAR filing, CTR reporting, or FinCEN cooperation.
Permits disclosure to state banking regulators during examinations.
Vendor NDAs align with OCC Bulletin 2013-29 requirements for right-to-audit and oversight.
For public companies: NDA permits reporting of fraud without retaliation.
Return/destroy provisions do not conflict with SOX record retention requirements.
NDA does not restrict disclosure to board audit committees.
Carve-out permits disclosure to state securities regulators during examinations.
NDA permits disclosures required for state securities registrations and exemptions.
Verify NDA does not conflict with state-specific requirements under NASAA guidelines.
NDA aligns with Gramm-Leach-Bliley customer privacy requirements.
NDA accounts for state-specific privacy requirements (CCPA, etc.).
For payment data: NDA addresses PCI compliance and breach notification.
Understanding the legal framework for finance NDA compliance
Prohibits any action to impede communication with SEC about potential violations. SEC has assessed millions in penalties for NDAs without proper carve-outs.
Prohibits trading on material non-public information. NDAs involving MNPI should address trading restrictions and information barriers.
Establishes risk management requirements for bank vendor relationships including audit rights and oversight provisions that must align with NDA terms.
Protects employees of public companies who report securities fraud. NDAs cannot restrict these disclosures.
Requires members to observe high standards of commercial honor. NDA provisions must not conflict with these obligations.
Requires financial institutions to report suspicious activity. NDAs cannot restrict SAR filing or FinCEN cooperation.
This compliance guide provides general information about regulatory requirements affecting finance industry NDAs. It is not a substitute for legal advice. Regulatory requirements vary by entity type, registration status, and specific business activities. The checklist above addresses common requirements but may not cover all situations. Always consult with a securities attorney familiar with your specific regulatory environment before executing finance NDAs.