The Securities and Exchange Commission said yesterday that public companies that are easy targets of cyber scams could be in violation of accounting rules that call for firms to safeguard assets, the Wall Street Journal reported. The SEC said in an investigative report that nine public companies wired nearly $100 million to hackers who impersonated corporate executives or vendors using emails. One company made 14 wire payments to a hacker, resulting in more than $45 million in losses, the SEC said. The agency declined to punish the companies, which weren’t identified. “Cyber frauds are a pervasive, significant, and growing threat to all companies, including our public companies,” SEC Chairman Jay Clayton said in a statement. “Investors rely on our public issuers to put in place, monitor, and update internal accounting controls that appropriately address these threats.” The type of scam the companies faced, known as business email compromises, have been responsible for more than $5 billion in losses since 2013 and ranked last year as the top cause of estimated losses linked to any cybercrime, the SEC said, citing data from the Federal Bureau of Investigation.
