Tag Archives: cybersecurity

August 2017 Cybersecurity & Risk Alert from SEC

On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued its third National Exam Program Risk Alert of the 2017 calendar year, detailing OCIE’s findings and observations from its Cybersecurity 2 Initiative. This Cybersecurity 2 Initiative, the name for OCIE’s second round of cybersecurity examinations, builds on OCIE’s prior 2015 Cybersecurity … Continue Reading

SEC Convenes Fintech Forum

On Nov. 14, 2016, the Securities and Exchange Commission (SEC) hosted an all-day forum on FinTech ( Forum).  The event highlighted the active role the SEC intends to take in monitoring and regulating technological innovation based upon the potential impact of innovation on investors and capital markets. In her remarks to Forum attendees, SEC Chair … Continue Reading

Banking Regulators Release Advanced Notice of Proposed Rulemaking on Enhanced Cyber Risk Management Standards

On Oct. 19, 2016, the Board of Governors of the Federal Reserve System (the Board), the Office of the Comptroller of the Currency (the OCC), and the Federal Deposit Insurance Corporation (the FDIC, and the three agencies collectively, the Agencies) jointly issued an advance notice of proposed rulemaking (the ANPR) soliciting public comment on enhanced … Continue Reading

Financial Stability Oversight Council Releases 2016 Annual Report

The Financial Stability Oversight Council (FSOC) has released its 2016 Annual Report, which was unanimously approved by its voting members on Tuesday, June 21, 2016. The FSOC is required by Congress to report on their activities annually. The Dodd-Frank Act created the FSOC in order to properly identify risks that may pose challenges in the … Continue Reading

Asset Managers and Cybersecurity Risk Management

As if 2016 wasn’t challenging enough for asset managers, the rise in Cybersecurity risk has certainly become increasingly prevalent.  As our industry continues to depend on digital platforms for real time processing from everything from data storage to clearing, asset managers must realize that the threat of a security breach is no longer just about … Continue Reading

SEC’s Office of Compliance Inspections and Examinations Releases Annual Examination Priorities

On Jan. 11, 2016, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) issued its annual Examinations Priorities for 2016 (Exam Priorities), which is available for download here. In the Exam Priorities, OCIE notes that its priorities focus on the same three thematic areas as in 2015 (which we … Continue Reading

OCIE Issues New Cybersecurity Risk

Two weeks ago, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued its newest guidance on the subject of cybersecurity in the form of a new National Exam Program (NEP) Risk Alert, issued Sept. 15. In addition to the matters discussed below, the Risk Alert contains links to several earlier Commission and OCIE materials, … Continue Reading

New SEC Cybersecurity Guidance for Investment Advisers and Fund Managers

This post summarizes the recent U.S. Securities and Exchange Commission (SEC) Guidance Update related to cybersecurity issues applicable to registered advisers and funds. This update will likely serve as a basis for any inspections by the SEC staff dealing with cybersecurity so investment advisers may want to review and revise their compliance policies accordingly. You … Continue Reading

Cybersecurity Viewed as Market Risk by CFTC

In a recent public speech, CFTC Chairman Timothy Massad described cybersecurity as “perhaps the single most important new risk to market integrity and financial stability.”  On March 18, 2015, CFTC staff conducted a roundtable regarding this topic, during which CFTC suggested possible proposed rulemaking.  CFTC staff said that CFTC is considering a rule imposing cybersecurity … Continue Reading

The SEC and FINRA Double-Down on Cybersecurity Enhancement and Prevention

In the wake of recent cybersecurity breaches, the SEC and FINRA simultaneously issued reports this week to the securities industry summarizing cybersecurity examination findings and to investors recommending certain precautions to safeguard online investment information. In its Risk Alert – Cybersecurity Examination Sweep Summary, the SEC describes the results from examinations of more than 100 … Continue Reading
LexBlog