John Mauro

John Mauro serves as a fractional general counsel for small-to-midsized organizations, prescribing measures to proactively protect and maintain their cybersecurity, support the integrity of their corporate governance practices, ensure their consistent compliance with applicable state and federal regulations, and reduce their overall risk.

A Trusted Advisor to Financial Institutions

Having long served as the in-house, full-time GC, Chief Compliance Officer, and Corporate Secretary at a consulting firm that caters to the financial services industry, John is intimately acquainted with the legal requirements, issues, and challenges facing community banks, credit unions, investment advisors and broker-dealers. A recognized authority on corporate governance and enterprise risk-management, he has delivered cybersecurity and third-party risk management seminars to banks and regulators nationwide, interfaced with federal and state regulators, and overseen external and internal audits.

The following are among the services that John performs for financial institutions:

• Advises on all facets of corporate formation, structuring and growth, including incorporation, financing, shareholders agreements or other founders agreements, intellectual property, contracts and transactional matters, and employee contracts
• Advises on corporate governance matters including environmental, social and governance (“ESG”) issues, risk-disclosure obligations and boards of directors’ fiduciary duties
• Implements risk-mitigation and risk-rating-improvement programs
• Advises on compliance with all relevant federal securities laws, rules, and regulations, including rules and regulations that apply to capital raising activities such as private placements, IPOs, and sub-debt raises
• Guide clients through both public and private mergers and acquisitions transactions, including tender offers, divestitures, taking companies private, and any form of public or private negotiated sale or shop process
• Assists in the negotiation and resolution of regulators’ formal and informal enforcement actions
• Assists with all aspects of the formation of new broker-dealerships, ensuring they meet FINRA membership standards; complete and file the necessary applications and registrations; and implement policies, procedures, and controls in accordance with best practices
• Drafts and maintains written supervisory procedures, including policies and procedures related to private securities transactions, outside business activities, trading, insider trading, brokerage accounts and trade monitoring, conflicts of interests, gifts, recordkeeping, supervision, and information security
• Helps firms respond to regulatory inquiries or prepare for FINRA cycle examinations
• Monitors the legality of internal and external communications

A Proactive Cybersecurity Advocate

John works with C-level executives and boards of directors to ensure that their companies have implemented the measures and protocols necessary to keep their data and communications secure, and meet the compliance standards established by applicable laws and regulations.

The cybersecurity services that John provides include:

• Developing and monitoring institutions’ cybersecurity practices, procedures and protocols to help ensure their compliance with state, federal and international laws and regulations including the Gramm-Leach-Bliley Act (“GLBA”), the New York State Department of Financial Services’ (“NYDFS”) Cybersecurity Regulations, the California Consumer Privacy Act and California Privacy Rights Act (“CCPA” and “CPRA”), and the General Data Protection Regulations (“GDPR”)
• Establishing information data security/privacy programs that follow the cybersecurity framework established by the U.S. Department of Commerce’s National Institute of Standards and Technology (the “NIST”) and meet the risk management standards established by the Federal Financial Institutions Examination Council (“FFIEC”)
• Helping companies to significantly decrease their cybersecurity insurance costs by decreasing cybersecurity risk exposure
• Serving as an independent Board advisor in the area of legal risks associated with privacy and general information security concerns

Certifications

• FINRA Securities Licenses:
  • Series 24
  • Series 27
  • Series 63 
  • Series 79