Header graphic for print
Securities Compliance Sentinel Analysis of cutting-edge securities industry issues

Category Archives: Cyber-Security

Subscribe to Cyber-Security RSS Feed

Cyber-Security – What Do Enforcement Actions Tell You

Posted in Broker-Dealer Regulation, Compliance and Supervision, Cyber-Security, Financial Industry Trends, FINRA Compliance

In a recent NSCP Currents article, Giselle Casella addressed what every compliance office must know about cyber-security.  One of the more compelling lessons was what can be learned from enforcement actions dealing with cyber-security.  Cyber-security enforcement actions fell into the following groupings:  Inadequate security policies and procedures; Failure to enforce policies and procedures; Failure to… Continue Reading

Cybersecurity Threats Abound and FINRA Asks Questions

Posted in Cyber-Security, FINRA Compliance, FINRA Enforcement

FINRA has sent targeted sweep letters to almost 20 broker-dealers conerning their approaches to managing cybersecurity risks.  http://www.finra.org/Industry/Regulation/Guidance/TargetedExaminationLetters/P443219; and http://www.sec.gov/News/Testimony/Detail/Testimony/1370540757488#.UvVcWJUo61s. Among other questions, the survey asks the firms about their approaches to information technology; risk assessment; business continuity plans in case of cyber-attack; organization structures and reporting lines; and processes for sharing and obtaining information… Continue Reading

Do You Need Another Reason To Take Cyber-Security Seriously

Posted in Cyber-Security, Dodd-Frank, Federal and State Criminal Activities, Financial Industry Trends

As we all know, the SEC and FINRA have made cyber-security an exam priority in 2014, but what does it mean when the audit of your regulator shows that it is susceptible to a data breach.  A recent audit of the SEC found that its cyber-security was far from perfect.  I am sure that there… Continue Reading

What Are You Doing About Cyber-Security

Posted in Books and Records, Broker-Dealer Regulation, Compliance and Supervision, Cyber-Security, FINRA Compliance, FINRA Enforcement, SEC Compliance, SEC Enforcement

It was apparently not enough that the SEC and FINRA made cyber-security an exam priority for 2014, but the Department of the Treasury has now focused on this pervasive issue.  In recent comments, Treasury Secretary Lew has urged financial firms to step it up when protecting against cyber-attacks.  Stories of cyber-attacks are becoming so common… Continue Reading

You Knew It Was Coming… SEC Cybersecurity Exams

Posted in Broker-Dealer Regulation, Compliance and Supervision, Cyber-Security, SEC Compliance

We have repeatedly warned broker-dealers and registered investment advisers that they needed to be prepared as it related to cybersecurity.  Now, the SEC’s Office of Compliance Inspections and Examinations has announced that it will conduct cybersecurity examinations of these entities.  See http://www.sec.gov/ocie/announcement/Cybersecurity+Risk+Alert++%2526+Appendix+-+4.15.14.pdf.  These examinations will be conducted as part of a ”sweep exam,” and will assess… Continue Reading

FINRA “Sweeping” Firms for Cyber-Security

Posted in Cyber-Security, Financial Industry Trends, FINRA Compliance

We keep saying it, and we will keep saying it, cyber-security issues will not go away. Now, FINRA has notified its member firms that it will begin assessment examinations regarding controls, procedures, approaches and management of cyber-security threats.  See http://www.finra.org/Industry/Regulation/Guidance/TargetedExaminationLetters/P443219.  In particular, FINRA examiners will review business continuity plans, service provider arrangements, other third party vendor agreements, reporting lines,… Continue Reading

SEC AGAIN LOOKING AT CYBERSECURITY ISSUES

Posted in Cyber-Security, Social Media

This is another area where we consistently blog because it is a constant issue.  The SEC is now reviewing public companies’ disclosure relating to cyber security risks to determine if additional guidance is needed in this area. In 2011, the SEC Division of Corporation Finance advised firms to disclose compromises regarding their data security. Since… Continue Reading

What You Need To Know About Identity Theft

Posted in Compliance and Supervision, Cyber-Security, Investment Adviser Regulation, SEC Compliance

Hardly a day goes by without hearing horrible stories of a person having their identity stolen and their finances ruined as a result.  The SEC is now stepping into this hornet’s nest by adopting new rules for financial advisors who have the authority to move client funds to third parties.  The new rules require firms… Continue Reading

Lawyers and Issuers Really Need to Listen to SEC Comments Regarding Cyber Security

Posted in Capital Formation, Cyber-Security, Law Firms and Lawyers

The SEC’s Division of Corporation Finance has indicated that lawyers for issuers and issuers themselves should focus on and respond to the SEC’ Staff’s comments during the corporate filing review process.   The SEC’s Staff has seen that issuers and their counsel are not necessarily responding completely to comments.  The SEC Staff believes that this has caused the process… Continue Reading