November 27, 2020

Volume X, Number 332


November 25, 2020

Subscribe to Latest Legal News and Analysis

November 24, 2020

Subscribe to Latest Legal News and Analysis

Office of Compliance Inspections and Examinations (OCIE) Cybersecurity Initiative

On April 15, 2014, the SEC’s Office of Compliance Inspections and Examinations (OCIE) published a risk alert detailing its initiative to examine over 50 registered broker-dealers and investment advisers to assess cybersecurity preparedness. To view OCIE’s Risk Alert, click here.

The Risk Alert includes a copy of a sample document request list that OCIE may use in conducting examinations regarding cybersecurity matters. OCIE stated that the sample document request list is "intended to empower compliance professionals in the industry with questions and tools they can use to assess their firms’ level of preparedness, regardless of whether they are included in OCIE’s examinations." OCIE indicated that it may alter this document request list for a registrant as it considers the specific circumstances presented by the registrant’s particular systems or information technology environment.

OCIE is seeking information relating to a variety of cybersecurity topics including:

  • identification of risks and cybersecurity governance;

  • protection of firm networks and information;

  • risks associated with remote customer access and fund transfer requests;

  • risks associated with vendors and other third parties;

  • detection of unauthorized activity; and

  • a registrant’s specific experiences with cybersecurity threats.

OCIE may inquire as to how broker-dealers and investment advisers are responding to cybersecurity threats and whether such threats have been reported to regulatory agencies or law enforcement. OCIE’s Risk Alert was published subsequent to the SEC’s Cybersecurity Roundtable held on March 26, 2014.

Copyright © 2020 Godfrey & Kahn S.C.National Law Review, Volume IV, Number 132



About this Author

Chris Cahlamer Investment Management Attorney

Chris Cahlamer is the team leader of the firm’s Investment Management Practice Group, where he practices in investment management and securities law, focusing on investment companies, investment advisers, regulatory examinations, new product development, SEC compliance and reporting obligations, CCO support, private fund formation and operation, investment company reorganizations, investment advisor mergers and acquisitions, and general corporate and board fiduciary issues.

Chris earned his law degree, summa cum laude, at Marquette University Law School. While there, he...

Kristen Irgens, investment legal advisor, Godfrey Kahn, Law practice, Milwaukee

Kristen is an associate in the Investment Management and Corporate Practice Groups. Kristen represents investment companies and investment advisers with respect to compliance matters, fund registration, corporate governance and general business matters. She also worked onsite at an investment adviser firm working on compliance matters. Kristen also specializes in the representation of public companies in securities transactions, public offerings, private securities offerings, mergers and acquisitions and general securities law compliance matters. Kristen is fluent in...