RIA Compliance Consultants updated it Cybersecurity Identity Theft Best Practices checklist in light of the U.S. Department of Treasury Financial Crimes Enforcement Network’s (FinCEN) Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime. On October 25, 2016, FinCEN issued an advisory on reporting requirements for cyber-events. FinCEN issued the advisory because,
Category Archives: Cyber Security
SEC Continues to Focus on Cybersecurity for Investment Advisers
August 02, 2016
As in 2015, the Securities and Exchange Commission (“SEC”) Examination Priorities for 2016 identify cybersecurity as an area of “potentially heightened [market-wide] risk.” Citing the Office of Compliance Inspections and Examinations (“OCIE”) 2015 Risk Alert, the SEC promised to continue using its exams to evaluate investment adviser firms’ cybersecurity preparedness. Click here to read our blog on the OCIE Cybersecurity Risk Alert.
The U.S. Securities and Exchange Commission (SEC) continues to promote the importance of cybersecurity and protecting confidential investor information. On September 22, 2015 the SEC’s Office of Investor Education and Advocacy issued an Investor Alert regarding investment accounts if they become victims of identity theft or a data breach. This Investor Alert came one week after the SEC issued a Risk Alert on the topic of its Cybersecurity Exam Initiative (September 15, 2015).
When cybersecurity is covered in the industry press these days, there often is discussion about its importance but unfortunately a lack of specificity in what steps an investment adviser can take to improve information security and IT practices. Even the recent cybersecurity exam sweep results of the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (“SEC”) are somewhat difficult for investment advisers to interpret and translate into an information security plan; however, the SEC’s Office of Investor Education and Advocacy recently issued a bulletin giving investors tips on protecting their online accounts. These recommendations to help protect an investor’s online account from fraud appear to RIA Compliance just as applicable to an investment adviser devising its cybersecurity policies and practices.
SEC’s 2015 Examination Priorities for Investment Advisers
January 13, 2015
The Office of Compliance Inspections and Examinations (“OCIE”) of the U.S. Securities and Exchange Commission (“SEC”) released its selected 2015 examination priorities for investment advisers, broker-dealers and transfer agents. Click here to view.
Cybersecurity for Investment Advisers
October 28, 2014
In its Examination Priorities for 2014 notice the U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) indicated that technology would be one of the most significant initiatives in 2014. This focus on technology will include an assessment on an investment adviser’s cybersecurity preparedness. In April 2014, OCIE issued a National Exam Program Risk Alert to provide additional information regarding its focus on assessing cybersecurity preparedness in the securities industry. The Risk Alert discusses OCIE’s cybersecurity initiative and the registered investment adviser and broker-dealer examinations OCIE is conducting of as part of this initiative that will, at a minimum, focus on the following:
