The investment advisory industry is bracing for a hectic compliance year, as the Securities and Exchange Commission gears up for what looks to be another year of fast-paced rulemaking.
Read MoreTechnology probably the most expensive route, says NCA director
Creating a strong cybersecurity posture needs to be seen as a “three-legged stool” that includes people, process and technology, according to Lisa Plaggemier, the executive director of the National Cybersecurity Alliance (NCA).
Read MoreLike many other industries, Registered Investment Advisers ("RIAs") have dealt with significant regulatory, technological, and systemic change in recent years. Compared to FINRA-regulated entities, RIAs often face these changes with less frequent or significant touchpoints from their primary regulator, the Securities and Exchange Commission (SEC). The SEC's method of regulating RIAs is typically principle-based rather than prescriptive-based, which the industry generally favors, but this approach certainly has its own pitfalls.
Read MoreOn October 16, 2023, the Securities and Exchange Commission (SEC) Division of Examinations (Division) announced its examination priorities for 2024. As it has done every year since it first began publishing its annual priorities in 2013, the Division enumerated the areas that will be a focus for the next fiscal year including: (i) investment advisers’ fiduciary duties and compliance programs, (ii) investment company compliance and governance practices, and broker-dealer practices, (iii) cybersecurity and resiliency, (iv) crypto assets and FinTech products and services, and (v) anti-money laundering (AML) programs.
Read MoreConcerns about regulatory risk and trade errors are also among top RIA concerns.
Registered investment advisors (RIAs) are more concerned about their liabilities for a cyberbreach or theft of data than any other potential business exposure, according to the 2023 RIA Risk Survey from insurance brokerage Golsan Scruggs.
Read MoreCybersecurity and data privacy risks continue to loom large with potentially significant consequences. Litigation, often filed soon after incidents, adds to the possible repercussions. In our previous article, we discussed a trio of states providing affirmative defenses or “safe harbors” that companies can take advantage of to minimize litigation exposure resulting from a data breach. Three other states have recently followed, with Oklahoma, Iowa, and Tennessee recently passing their own “safe harbor” laws.
Read MoreFinancial institutions must get ready to report on assessing, monitoring, mitigating and remediating cyber risks
Read MoreNew York Attorney General Letitia James and a coalition of five attorneys general reached a $6.5 million agreement Thursday with Morgan Stanley Smith Barney LLC for compromising the personal information of millions of customers nationwide.
According to James’ office, Morgan Stanley “failed to decommission its computers and erase unencrypted data in certain computer devices that were later auctioned while still containing consumers’ personal information, including data belonging to 1.1 million New Yorkers.”
Read MoreIn today’s rapidly evolving digital landscape, cybersecurity has become a critical concern for businesses across all industries. Recognizing the need for increased transparency and accountability, the U.S. Securities and Exchange Commission (the “SEC” or “Commission”) has issued a new pronouncement1 that outlines cybersecurity requirements for all registrants, which includes registered investment companies and registered investment advisers (“RIAs” or “advisers”). Implementation of this new SEC pronouncement is of critical importance as it will help advisers safeguard their (and their investors’) sensitive data and protect against cyber threats. By embracing these requirements, companies can enhance their cybersecurity posture, build trust with investors, and mitigate potential financial, operational, and reputational risks.
Read MoreThis is the second in a three-part series discussing the newly amended rules (collectively the “Rules”) adopted by the Colorado Division of Securities (“Division”) effective as of March 30, 2023 (the “Effective Date”) applicable to certain Colorado investment advisers and their registered representatives (“IARs”). The Rules mostly affect investment advisers registered with Colorado State (such advisers, “Colorado Licensed Advisers”).
Read More