As we have previously discussed, Rule 30 of Regulation S-P (“Regulation S-P”) issued by the U.S. Securities and Exchange Commission (“SEC”) requires SEC registered investment advisers to adopt written policies and procedures designed to ensure the security and confidentiality of client information. For state registered investment advisers, the Federal Trade Commission (“FTC”) has enacted Safeguard Rules which are similar to Regulation S-P and apply to state registered investment advisers. Additionally some states have enacted their own information security requirements that apply to SEC and state registered investment advisers.
- A general description of the investment adviser’s policies and procedures to protect the confidentiality, security and integrity of clients’ non-public personal information;
- Categories of clients’ non-public personal information collected by the investment adviser;
- Categories of clients’ non-public personal information disclosed by the investment adviser;
- If applicable, categories of all affiliates or non-affiliated third-parties of the investment adviser that may receive the information; and
- If applicable, an explanation of a client’s right to opt-out or opt-in to the investment adviser’s disclosures and the method used to exercise that right.
The SEC has created a safe-harbor model form that includes all of this information and satisfies the disclosure requirements under Regulation S-P.
RIA Compliance Consultants will be presenting a webinar, “Establishing Information Security Programs for Registered Investment Advisers”, on Thursday, September 13, 2012 at 12:00pm CDT to provide investment advisers guidance on the importance of establishing and implementing written information security programs designed to protect confidential client information. Click here to register for this event.