October 15, 2021

Volume XI, Number 288

Advertisement
Advertisement

October 15, 2021

Subscribe to Latest Legal News and Analysis

October 14, 2021

Subscribe to Latest Legal News and Analysis

October 13, 2021

Subscribe to Latest Legal News and Analysis

SEC (Securities and Exchange Commission) to Conduct Cybersecurity Examinations of Registered Investment Advisers and Broker-Dealers

On April 15, 2014, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) announced in a risk alert that it will conduct cybersecurity examinations of over 50 registered investment advisers and broker-dealers.[1]  The examinations are part of OCIE's initiative to assess cybersecurity preparedness in the securities industry and obtain information on the industry's recent experiences with certain types of cyber threats. This latest announcement affirms the SEC's increased interest in the cybersecurity preparedness of regulated firms, a concern which has been identified as an examination priority for 2014 and was the subject of an SEC roundtable held on March 26, 2014.[2]

Cybersecurity Examinations

To assist firms in their compliance efforts regarding cybersecurity preparedness, OCIE has included a sample document request in its risk alert. Based on these materials, it appears that cybersecurity examinations will target the following areas:

  • Cybersecurity governance and identification and assessment of cybersecurity risks;

  • Protection of networks and information;

  • Risks associated with remote customer access and funds transfer requests;

  • Risks associated with vendors and other third parties;

  • Detection of unauthorized activity; and

  • Experiences with certain cybersecurity threats.

Registered investment advisers and broker-dealers should note that the risk alert and sample document request do not purport to be all-inclusive and expect that OCIE will tailor its examination based on the specific circumstances of the firm. In addition, the risk alert does not specify when examinations are expected to begin and how much advance notice a firm selected for examination will receive.

Action Items

Registered investment advisers and broker-dealers, regardless of whether they are selected for examination, should assess their cybersecurity infrastructure and policies in light of the items covered in the risk alert and the sample document request. In addition, firms should develop a plan for regularly testing the adequacy of their cybersecurity infrastructure and policies. Firms should implement periodic training for firm personnel and, if applicable, third party vendors and business partners authorized to access firm networks. Firms should also document any compliance measures taken as well as cybersecurity threats encountered by them (including any remedial steps undertaken in response to such threats).


[1] A copy of the April 15, 2014 risk alert can be obtained here.

[2] A list of OCIE's Examination Priorities for 2014 is available here. For more information on the recent cybersecurity roundtable, please visit the SEC's website.

© 2021 Proskauer Rose LLP. National Law Review, Volume IV, Number 120
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Robert G Leonard, Proskauer Rose Law Firm, Private Investment Attorney
Partner

Robert G. Leonard is a Partner in the Hedge Funds Group. For more than 25 years Rob has been structuring, organizing and representing hedge funds, funds of funds and other private investment funds (both domestic and offshore) and investment advisers.

212-969-3355
Michael F Mavrides, Proskauer Rose Law Firm, Private Investment Attorney
Partner

Michael F. Mavrides is a Partner in the Hedge Funds Group. Mike focuses his practice on representing domestic and offshore hedge funds, funds of funds and other private investment funds, including private equity and real estate investment funds. He regularly advises funds and their managers on a wide variety of issues, including formation and structuring, seed capital, anchor capital and other strategic arrangements, placement agency, solicitation and other marketing arrangements, succession planning, separately managed accounts, and all types of portfolio management, trading and...

212-969-3670
Christopher M Wells, Proskauer Rose Law Firm, Private Investment Attorney
Partner

Christopher M. Wells is a Partner and head of the Hedge Funds Group. Chris advises hedge funds, funds of funds and other pooled investment vehicles and their managers on all aspects of fund formation, operations and compliance.

212-969-3600
Howard Beber, Tax Attorney, Proskauer Rose Law Firm
Partner

Howard J. Beber is a partner in the Corporate Department and co-head of the Private Funds Group, which is recognized by Chambers GlobalChambers USA and US Legal 500. His practice focuses on representing private equity funds and institutional investors on a broad range of issues including fund formations, secondary transactions and portfolio investments. 

Howard is actively involved in all stages of fund formation and fund sponsor representation, counseling on terms and marketing strategy, preparing offering documents...

617-526-9754
Sarah K Cherry, Tax Attorney, Proskauer Rose Law Firm
Partner

Sarah K. Cherry is a Partner in the Corporate Department and a member of the Private Investment Funds Group. Her practice is focused on the representation of U.S. and non-U.S. private equity funds and managers in capital formation, regulatory compliance and operational issues. Sarah also regularly represents institutional investors and funds-of-funds in their investments in U.S. and non-U.S. private equity funds both in primary and secondary transactions. In addition, Sarah advises clients in relation to internal general partner dynamics and management company issues.

617-526-9769
Advertisement
Advertisement
Advertisement