Beginning in 2014, both the Securities Exchange Commission (“SEC”) and FINRA began to examine the heightened risk financial services firms face regarding unauthorized access to the electronic data that these firms routinely maintain as part of their businesses. As part of this initiative, the SEC and FINRA began evaluating the methods used by broker-dealer and investment advisory firms to protect their electronic data (“Cybersecurity”), and in April 2014 the SEC released the SEC Office of Compliance Inspections and Examinations (“OCIE”) Risk Alert titled “OCIE Cybersecurity Initiative”. This Risk Alert highlights suggested methods of data protection, as well as providing regulatory caution to firms that are not taking steps to implement robust cybersecurity measures. This enhanced regulatory scrutiny of cybersecurity continues today and remains a hot topic for regulators.
To read more, click here.