What types of compliance documents can ComplianceIQ generate?

ComplianceIQ generates privacy policies, terms of service, employee handbooks, data handling policies, OSHA compliance documents, acceptable use policies, HIPAA compliance docs, information security policies, and more — all tailored to your industry.

Are the generated documents legally valid?

ComplianceIQ generates comprehensive, industry-standard compliance documents informed by current regulations. While they provide an excellent foundation, we recommend having critical documents reviewed by legal counsel for your specific jurisdiction.

How does ComplianceIQ stay current with regulations?

Our AI models are continuously updated with the latest regulatory frameworks including GDPR, CCPA, HIPAA, SOC 2, OSHA, and more. Pro and Enterprise plans include regulatory update alerts.

← All enforcement actions

SEC DisclosureSecurities ActB2C Tech

Altaba (Yahoo) — $35M SEC + $117.5M class SOX fine (2018)

First SEC enforcement against a public company for failing to disclose a cyber breach

Penalty

$35M SEC + $117.5M class

Regulator

US SEC + class action

Jurisdiction

United States

Records affected

What happened

Yahoo experienced a 2014 breach affecting 500M (later revised to 3B) accounts but did not disclose it until late 2016. The SEC fined Yahoo $35M for misleading investors via securities filings that omitted the known breach, and a class action settled for $117.5M.

Root cause

Senior management aware of breach but did not escalate to disclosure controls
No mapping of cyber incidents to Item 105 / 1.05 disclosure triggers
ICFR / disclosure controls did not include security incident materiality assessment

What every team should do

Cyber incidents need a documented materiality-assessment path into Disclosure Committee
SEC Cybersecurity Rule (Dec 2023): material incidents disclosed within 4 business days on Form 8-K Item 1.05
Annual Form 10-K Reg S-K Item 106 — disclose cyber risk management + governance

Source: SEC press release (Apr 24, 2018).

Would your controls have stopped this?

ComplianceIQ audits your existing policies in 60 seconds and shows you exactly which SOX controls you are missing — mapped to enforcement patterns like this one.

Run my SOX audit Generate missing policies

Altaba (Yahoo) — $35M SEC + $117.5M class SOX fine (2018)

What happened

Root cause

What every team should do

Related enforcement actions