The SEC's proposed due diligence requirements could cover services like portfolio management and trading software.
The rule excludes services such as clerical, ministerial, utility and general office services.
The Investment Adviser Association says the rule is overly burdensome, especially for small firms.
The Securities and Exchange Commission has a busy rulemaking agenda, and brokers and advisors can look ahead to new regulations concerning cybersecurity and safeguarding clients’ personal information.
The commission is currently reviewing the comments it received for its cybersecurity proposal, but Chairman Gary Gensler is indicating that the agency is also working on an overhaul of Regulation S-P, the 22-year-old rule stipulating how registrants must protect sensitive client data.
Gensler briefly addressed the topic when he appeared via web conference at the Investment Adviser Association’s conference this week, saying that he believes the rule, which was last amended in 2004, needs to be updated.
Read MoreCybersecurity insurance is an absolute necessity for any business operating in the modern world. However, increasing demand and threats of attacks have made insurance companies much more hesitant to offer claims. Here are some of the most common reasons claims are rejected, and how organizations can ensure they receive the coverage they need.
Read MoreSEC is Scrutinizing RIAs’ Remote Work for Violations, Attorney Warns
Failure to supervise a remote advisor led to IFP Advisors recent $400,000 Fine
The SEC is focused on the regulatory risks associated with advisors with personnel working from home or other locations other than their firm's central office, securities attorney Richard L. Chen warned in a new blog.
Read MoreThe Securities and Exchange Commission wants advisors to take a closer look at cybersecurity risks.
In February, the SEC proposed rules that would require advisors to periodically assess their information systems and categorize cybersecurity risks, report significant cybersecurity events within 48 hours, and ensure client information is protected by third-party vendors.
Read MoreCybersecurity is a big, expensive deal for every company. Whether you’re leading a global corporation or a small or midsize business, or SMB, cyber threats are always close at hand.
Read MoreLate last month the Securities and Exchange Commission (“SEC”) charged JP Morgan, UBS and Trade Station with violations of Regulation S-ID based on a range of inadequacies in their identity theft red flag policies and procedures. https://www.sec.gov/news/press-release/2022-131 The violations at issue might seem less than critical, such as not updating policies, merely copying over examples of red flags from Reg S-ID’s Appendix A, not incorporating specific policies into the red flag program, covering all accounts instead of conducting specific account assessments, and not providing sufficient detail in board reports. Although the SEC did not note any failure by these broker-dealers and investment advisors to actually detect and respond to identity theft red flags, the resulting orders and fines (up to $1.2 million), underline the SEC’s seriousness about protecting investors from cybercrime by requiring broker dealers and investment advisors to up their game and focus on the details.
Read MoreFidelity conducted an RIA Benchmarking Study to identify and analyze key performance metrics for RIAs. The intended goal was to evaluate individual performance rates and provide recommendations for improving revenue streams and growing clientele.
Read MoreThe Securities and Exchange Commission announced Wednesday that it imposed a total of $2.5 million in fines on J.P. Morgan Securities, UBS Financial Services Inc. and TradeStation Securities Inc. for deficiencies related to their efforts to protect customers from identity theft.
Read MoreOn May 3, 2022 the Securities and Exchange Commission (the “SEC”) announced the addition of 20 new positions to the Division of Enforcement’s newly renamed Crypto Assets and Cyber Unit (formerly known as the Cyber Unit), expanding the Crypto Assets and Cyber Unit to 50 positions (the “Announcement”).[i] With its expanded numbers, the Crypto Assets and Cyber Unit will continue to identify cybersecurity disclosure and control issues and will focus on investigating:
Read More