SEC Risk-Based Exam Navigation Utilize FINRA’s RCA Survey for SEC Examination Prep Many Investment Advisers pay little attention to the Financial Industry Regulatory Authority’s guidance and news items. This is a mistake, not only because FINRA has been out in front on issues such as Business Continuity, Identity Theft, AML, and Cybersecurity, [...]
Three Simple Principles of Governance in Financial Services The word governance comes from the Greek word kubernan, which means “to steer a ship.” This definition applies to what governance is: a methodology of successfully steering a company through waters that are oftentimes rough. Successful seafaring relies on 3 simple principles: Any activity that is [...]
What to Expect from the SEC as Cybersecurity Hits the Docket The New York Times reported on Sunday that the Securities and Exchange Commission has enforcement with cybersecurity implications on the schedule. The authors speculated about something that we have all known for years, the SEC is going for high-profile or impact [...]
Due Diligence For Your Vendors And Your Firm Bolstering fortifications around vendors is a critical area of any firm's cybersecurity program. At the same time, investment advisers, investment companies, and broker-dealers, as vendors themselves, are subject to increasing scrutiny by their institutional investors. Both the SEC and FINRA have recognized the importance [...]
A compliance officer knows that he or she must consider third party risks in any assessment. As the threat landscape has changed, third-party risk has become more and more focused on information security. The need for initial and ongoing due diligence of critical third parties is understood and should be part of [...]
A first glance, Cyber Liability Insurance seems like a panacea for the harried financial services firm looking to shore up its defenses from nefarious hackers. However, if you don’t have your cybersecurity house in order, you can find yourself doubling down on the losing end: paying for a policy that doesn’t pay [...]
Regulatory guidance on cybersecurity shows little sign of abating and additional governmental legislation continues to complicate every CCO’s day. With the regulatory landscape continuing to grow more complex, we pause to ask the question: Have you thought about your next presence exam? Preparing today can be the most important step you as [...]
Commissioner Luis A. Aguilar delivered the morning keynote address last Thursday at the SINET Innovation Summit 2015 in New York. We continue to pay close attention when the Commissioner speaks as he has been a proponent on the subject of Cybersecurity, has contributed key guidance in previous speeches, and was the driving [...]
Recent guidance from the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the FBI suggests that Business Email Compromise (BEC) that leads to fraudulent wire transactions remains a significant threat to the industry. While the controls listed in the June 19th Fraud Alert were primarily directed at executives, Advisors and other [...]
This may be one of those cases where regulatory expectation is just as important as the written Rule. The Division of Investment Management's April 28 guidance used the following language: “In the staff’s view, there are a number of measures that funds and advisers may wish to consider in addressing cybersecurity risk.” [...]