Continuing their heightened focus on the information security practices of regulated firms, both the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) released reports on February 3, 2015, summarizing the results of cybersecurity examination sweeps they had conducted since last year.1 Speaking at the SIFMA/FINRA Cybersecurity Conference the following day in New York, Vincente Martinez, the Chief of the Office of Market Intelligence in the SEC's Enforcement Division confirmed that, relying in part on the information in the reports, the SEC is actively examining both how its existing authorities can be used to bring more enforcement actions when firms fail to provide sufficient protection for the confidentiality and integrity of customer information and how those authorities might be broadened and strengthened. FINRA, too, can be expected to increase its scrutiny of firms' data security practices. The sweeps reports offer firms glimpses of the SEC's and FINRA's likely enforcement priorities and confirm that cybersecurity should be a high priority for investment advisers in 2015.
Please click here to read the text/footnotes of this article in its entirety
Originally published in the April 2015 edition of The Investment Lawyer, Vol. 22, Number 4, pages 26–28.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
