Observations From SEC Cybersecurity Examinations
Cybersecurity is all the rage and appropriately, the SEC recently concluded its second cybersecurity exam initiative of investment advisers, broker-dealers and investment companies.
SEC Cybersecurity Exam Requests
Cybersecurity seems to be all the rage with both SEC and state regulators. However, advisers have been flying blind as to what the regulators may actually request during a cybersecurity exam. Thanks to our contacts in the industry, we were able … Continued
Top 4 Regulatory Filing Deficiencies
As stated in the recent SEC Risk Alert, the 4 most frequent regulatory filing issues identified in examinations of investment advisers are as follows:
Some Tips for Safeguarding Client Info
Six good safeguarding tips: Shred financial documents and other printed personal material before discarding. Do not leave your laptop computer, iPad, iPhone or Blackberry in your car (or Starbucks) unattended. Do not leave a computer you are logged on to … Continued
Cybersecurity and Regulatory Enforcement
No one wants to be a victim of a cybersecurity attack. But if you are an investment adviser and your clients’ personally identifiable information (PII) is hacked, you will be a victim and, in the view of the regulators, you might just … Continued
Do You Have a Mobile Device Policy?
With the proliferation of smart phones, iPads and table computers in the advisory business, I would suggest that all advisers probably would benefit from developing and implementing policies and procedures regarding their use. Here are some issues you should consider: … Continued
Alert – Information Security
The purpose of this compliance training material is to familiarize you with key issues regarding information security. Overview One of the most pressing compliance issues for investment advisers is how to satisfy SEC requirements in the area of information security. … Continued
Alert – Cybersecurity
Dear Compliance Professional, On April 15, 2014, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert as part of its 2014 initiative to assess Cybersecurity preparedness. OCIE’s cybersecurity initiative is designed to assess cybersecurity preparedness in … Continued
Year-End Compliance Checklist
Dear Compliance Professional, There are a few compliance actions that all investment advisers can benefit from undertaking at this time of year. Some obvious, some not so obvious. All important. So, without further ado, here is our end-of-the year checklist: … Continued
The SEC Speaks (and Speaks)
Dear Compliance Professional, In recent weeks SEC officials have been quite chatty. What differentiates these recent pronouncements from the SEC’s usual speechifying is that the recent stuff contains a trove of useful compliance insights. This Compliance Newsletter summarizes what advisers … Continued
Federal Regulators Issue Guidance on Reporting Financial Abuse of Older Adults
Seven federal regulatory agencies today issued guidance to clarify that the privacy provisions of the Gramm-Leach-Bliley Act generally permit financial institutions to report suspected elder financial abuse to appropriate authorities. The Gramm-Leach-Bliley Act generally requires that a financial institution notify … Continued
Identity Theft Red Flags Rules
Frequently Asked Questions regarding the Identity Theft Red Flags Rules have just been added to our resources page.
Identity Theft Red Flag Rules
On April 10th, the Securities and Exchange Commission (“SEC”) and the Commodity Futures Trading Commission (“CFTC”) jointly approved a final rule requiring broker-dealers, mutual funds, federally registered investment advisers, and certain other regulated entities to adopt programs designed to detect … Continued
States Requiring Identify Theft Notification
With the recent passage of the Identity Theft Red Flags Rules by the SEC (in effect, applying existing rules specifically to investment advisers), the topic of identity theft has once again moved front and center. However, whatever their obligations on … Continued
SEC Adopts Rules to Help Protect Investors from Identity Theft
The Securities and Exchange Commission today voted unanimously to adopt rules requiring broker-dealers, mutual funds, investment advisers, and certain other entities regulated by the agency to adopt programs to detect red flags and prevent identity theft. FACT SHEET Preventing and … Continued
SEC Proposes Rules To Help Prevent And Detect Identity Theft
From the SEC’s alert: Washington, D.C., Feb. 28, 2012 – The Securities and Exchange Commission today announced a rule proposal to help protect investors from identity theft by ensuring that broker-dealers, mutual funds, and other SEC-regulated entities create programs to … Continued
Massachusetts Data Privacy Act
Please note by March 1, 2012, advisers must ensure their agreements with third-party service providers with which they share personal information meet Massachusetts Data Privacy Act (201 CMR 17) requirements. http://www.mass.gov/ocabr/docs/idtheft/201cmr1700reg.pdf
Compliance Alert! Data Security
Dear Compliance Professional, The protection of a client’s non-public personal information is one of the most important tasks entrusted to an investment adviser. Unfortunately, it is also one of the most vexing issues confronting compliance professionals. Any time an adviser … Continued