Alert! Alert! SEC Issues Privacy and Data Security Risk Alert
The privacy risk alert was published after OCIE observed advisors and broker dealers were not providing privacy notices and, if they did, they were lacking pertinent information. OCIE hopes this alert will remind those in question to provide compliant privacy and opt-out notices and adopt effective policies and procedures for safeguarding customer information, under Regulation S-P. Gaps in data security policies and procedures are common among small and medium-sized financial firms and could cause data breaches, examination by the SEC and OCIE, and harm to your reputation. Advisors and broker-dealers should review and update their written policies and procedures to avoid such vulnerabilities. To find out how you can bridge any compliance gaps, read more...
Read More >
SEC and FINRA Share Regulatory Priorities for 2019
The SEC’s and FINRA’s priorities overlap in 2019 when it comes to cybersecurity. The SEC has stated that it will prioritize cybersecurity in each of its five examination programs, and will continue to focus on risk assessment, access rights and controls, data loss prevention and incident response. FINRA is also prioritizing the importance of cybersecurity through regulatory technology ("RegTech"). FINRA plans to observe how firms are using RegTech tools to: 1) make their compliance efforts more efficient; and 2) address risks, challenges and regulatory concerns including supervision and governance systems, third-party vendor management, safeguarding customer data and cybersecurity. Firms should make sure they are following rules and securities laws in these areas, so they are not targeted.
Read More >