A global technology outage linked to the cybersecurity firm CrowdStrike crashed Microsoft apps and triggered major disruptions across the asset management sector, along with other global industries. Private fund managers...more
Last week, the Securities and Exchange Commission imposed expanded privacy and cybersecurity obligations on fund managers and sponsors registered with the SEC as investment advisers. While many registered investment advisers...more
5/21/2024
/ Breach Notification Rule ,
Customer Information ,
Cybersecurity ,
Fund Managers ,
Incident Response Plans ,
Investment Adviser ,
Notice Requirements ,
Policies and Procedures ,
Privacy Laws ,
Private Funds ,
Recordkeeping Requirements ,
Regulation S-P ,
Securities and Exchange Commission (SEC) ,
Sponsors
Investment Advisers: Assessing Risks, Scoping Examinations, and Requesting Documents*
I. Introduction -
The SEC-registered investment adviser (“adviser”) population is large and diverse, ranging from global asset managers...more
9/12/2023
/ Audits ,
Brokerage Accounts ,
Business Operations ,
Compliance ,
Cybersecurity ,
Disclosure Requirements ,
Ethics ,
Financial Records ,
Insider Trading ,
Internal Controls ,
Investment Adviser ,
Marketing ,
Policies and Procedures ,
Risk Alert ,
Risk Management ,
Securities ,
Securities and Exchange Commission (SEC) ,
Trading Platforms ,
Valuation
On Tuesday, February 7, the Division of Examinations of the U.S. Securities and Exchange Commission released its 2023 Examination Priorities. Private fund sponsors and managers should pay attention to the Priorities for two...more
On August 30, 2021, the Securities and Exchange Commission announced three enforcement actions against registered investment advisers for alleged cybersecurity failures involving cloud-based email systems. All three actions...more
- The OCIE of the SEC highlights that responses to COVID-19 present important regulatory and compliance issues for SEC registrants, including “heightened risks of misconduct” tied to recent market volatility.
- The Risk...more
8/21/2020
/ Asset Management ,
Broker-Dealer ,
Business Continuity Plans ,
Business Operations ,
Compliance ,
Conflicts of Interest ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Protection ,
Fees ,
Financial Transactions ,
Investment Adviser ,
Investment Fraud ,
Investment Management ,
Investors ,
OCIE ,
Personally Identifiable Information ,
Policies and Procedures ,
Popular ,
Remote Working ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Supervision
- In the age of broad corporate teleworking brought on by COVID-19, OCIE of the SEC has observed during recent examinations that investment advisers, broker-dealers and investment companies are subject to an increased threat...more
7/16/2020
/ Broker-Dealer ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Financial Services Industry ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Incident Response Plans ,
Investment Management ,
Malware ,
OCIE ,
Popular ,
Ransomware ,
Risk Alert ,
Securities and Exchange Commission (SEC)
- Market participants should review and assess their compliance procedures to prevent and detect insider trading risks associated with COVID-19.
- Companies should increase their vigilance regarding cybersecurity threats...more
4/1/2020
/ CFTC ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Financial Crimes ,
Insider Trading ,
Investors ,
Phishing Scams ,
Pump and Dump ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
U.S. Treasury ,
Wire Fraud
On January 1, 2020, the California Consumer Protection Act (CCPA) will become effective for all businesses that, among other things, have at least $25 million in annual revenue and collect or use any personal information of...more
12/31/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Financial Services Industry ,
Fund Managers ,
Investment ,
Investment Firms ,
Investment Management ,
Personal Data ,
Personal Information ,
Privacy Policy
On September 12, 2019, the Commodity Futures Trading Commission (CFTC) announced a settlement with Phillip Capital Inc. (PCI or the “Company”), a registered futures commission merchant (FCM), after hackers successfully...more
10/14/2019
/ CFTC ,
Chief Compliance Officers ,
Cybersecurity ,
Data Breach ,
Data Security ,
Enforcement Actions ,
Information Systems Security Program (ISSP) ,
Investment Adviser ,
National Futures Association ,
Phishing Scams ,
Policies and Procedures
• On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its observations in past examinations of weaknesses and best practices...more
5/29/2019
/ Broker-Dealer ,
Cloud Storage ,
Customer Information ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Data Storage Providers ,
Identity Theft ,
Identity Theft Red Flags Rule ,
Investment Adviser ,
OCIE ,
Policies and Procedures ,
Regulation S-ID ,
Regulation S-P ,
Regulatory Requirements ,
Risk Alert ,
Safeguards Rule ,
Securities and Exchange Commission (SEC) ,
Third-Party Service Provider ,
Vendors
• The NFA has determined that registered CPOs must implement an internal controls system and highlighted best practices for such a framework.
• In response to certain frequently asked questions, the NFA has also updated its...more
1/15/2019
/ Best Practices ,
Books & Records ,
CFTC ,
Commodity Pool ,
Consumer Fraud ,
CPOs ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Monitoring ,
Employee Training ,
Financial Services Industry ,
Guidance Update ,
Information Security ,
Information Systems Security Program (ISSP) ,
Internal Controls ,
Investment Management ,
NFA ,
Notification Requirements ,
Policies and Procedures ,
Popular ,
Recordkeeping Requirements ,
Risk Assessment
• On December 14, the SEC’s OCIE issued a Risk Alert summarizing the findings of its limited-scope examination initiative relating to electronic messaging.
• Noting a “pervasive use” of electronic messaging by adviser...more
12/18/2018
/ Best Practices ,
Books & Records ,
Bring Your Own Device (BYOD) ,
Cybersecurity ,
Electronic Communications ,
Email Policies ,
Employee Training ,
Investment Adviser ,
Investment Advisers Act of 1940 ,
New Guidance ,
OCIE ,
Policies and Procedures ,
Recordkeeping Requirements ,
Risk Alert ,
Risk Mitigation ,
Securities and Exchange Commission (SEC) ,
Text Messages
• Disclosures must inform investors about material cybersecurity risks and incidents, including addressing material cybersecurity risks for cyber-attacks that have not yet occurred.
• Comprehensive policies and procedures...more
3/1/2018
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Financial Statements ,
Insider Trading ,
Investors ,
Materiality ,
MD&A Statements ,
New Guidance ,
Non-Public Information ,
Policies and Procedures ,
Regulation FD ,
Risk Assessment ,
Securities and Exchange Commission (SEC)
Introduction -
Despite an anticipated de-regulatory push, there are significant new regulatory concerns for investment advisers to address in connection with their annual review of their compliance manuals....more
10/12/2017
/ Bad Actors ,
Bureau of Economic Analysis ,
CFTC ,
Cryptocurrency ,
Custody Rule ,
Cybersecurity ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Electronic Communications ,
Employee Retirement Income Security Act (ERISA) ,
EU ,
Financial Industry Regulatory Authority (FINRA) ,
Foreign Direct Investment ,
Form ADV ,
Fund Expenses ,
GAAP ,
General Data Protection Regulation (GDPR) ,
Hedge Funds ,
Insider Trading ,
Investment Adviser ,
Investment Management ,
IRS ,
MiFID II ,
NFA ,
Pay-To-Play ,
Private Equity Funds ,
Private Funds ,
Securities Act of 1933 ,
Securities and Exchange Commission (SEC) ,
Tax Audits
The results of the U.S. presidential election are historic and unanticipated, and they will have significant economic, political, legal and social implications. As we prepare for the Trump presidency, many uncertainties...more
11/17/2016
/ Antitrust Provisions ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Energy Sector ,
Environmental Policies ,
Foreign Policy ,
Health Insurance ,
Immigration Enforcement ,
Tax Reform ,
Trade Policy ,
Trump Administration
Just one week after the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations issued a new risk alert on cybersecurity, the SEC brought an enforcement action against an investment adviser...more