Jason Daniel on Cybersecurity

Fund Managers Must Assess Whether Microsoft/CrowdStrike Outage Has Triggered Additional Regulatory Filings

A global technology outage linked to the cybersecurity firm CrowdStrike crashed Microsoft apps and triggered major disruptions across the asset management sector, along with other global industries. Private fund managers...more

7/22/2024 / Asset Management , Cybersecurity , Fund Managers , Incident Response Plans , Microsoft , Risk Management , Securities Regulation

New Privacy and Cybersecurity Obligations for Private Fund Sponsors and Managers

Last week, the Securities and Exchange Commission imposed expanded privacy and cybersecurity obligations on fund managers and sponsors registered with the SEC as investment advisers. While many registered investment advisers...more

5/21/2024 / Breach Notification Rule , Customer Information , Cybersecurity , Fund Managers , Incident Response Plans , Investment Adviser , Notice Requirements , Policies and Procedures , Privacy Laws , Private Funds , Recordkeeping Requirements , Regulation S-P , Securities and Exchange Commission (SEC) , Sponsors

SEC Releases Risk Alert on EXAMS Process

Investment Advisers: Assessing Risks, Scoping Examinations, and Requesting Documents* I. Introduction - The SEC-registered investment adviser (“adviser”) population is large and diverse, ranging from global asset managers...more

9/12/2023 / Audits , Brokerage Accounts , Business Operations , Compliance , Cybersecurity , Disclosure Requirements , Ethics , Financial Records , Insider Trading , Internal Controls , Investment Adviser , Marketing , Policies and Procedures , Risk Alert , Risk Management , Securities , Securities and Exchange Commission (SEC) , Trading Platforms , Valuation

The SEC’s 2023 Exam Priorities in Context: Private Fund Arrangements

On Tuesday, February 7, the Division of Examinations of the U.S. Securities and Exchange Commission released its 2023 Examination Priorities. Private fund sponsors and managers should pay attention to the Priorities for two...more

2/16/2023 / Broker-Dealer , Cryptocurrency , Cybersecurity , Environmental Social & Governance (ESG) , Investment Adviser , Private Funds , SEC Examination Priorities , Securities and Exchange Commission (SEC)

SEC Cyber Enforcement Actions – Lessons for Private Fund Managers

On August 30, 2021, the Securities and Exchange Commission announced three enforcement actions against registered investment advisers for alleged cybersecurity failures involving cloud-based email systems. All three actions...more

9/9/2021 / Cybersecurity , Data Privacy , Data Security , Enforcement Actions , Fund Managers , Personally Identifiable Information , Policies and Procedures , Registered Investment Advisors , Regulation S-P , Securities and Exchange Commission (SEC)

SEC Risk Alert Highlights on COVID-19-Related Compliance Risks and Considerations for Investment Advisers and Broker-Dealers

- The OCIE of the SEC highlights that responses to COVID-19 present important regulatory and compliance issues for SEC registrants, including “heightened risks of misconduct” tied to recent market volatility. - The Risk...more

SEC’s Examination Function Warns Its Registrants of Risks Associated with Dangerous Malware

- In the age of broad corporate teleworking brought on by COVID-19, OCIE of the SEC has observed during recent examinations that investment advisers, broker-dealers and investment companies are subject to an increased threat...more

7/16/2020 / Broker-Dealer , Cyber Attacks , Cybersecurity , Data Breach , Financial Services Industry , Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) , Incident Response Plans , Investment Management , Malware , OCIE , Popular , Ransomware , Risk Alert , Securities and Exchange Commission (SEC)

Government Enforcers Focused on Coronavirus-related Actions

- Market participants should review and assess their compliance procedures to prevent and detect insider trading risks associated with COVID-19. - Companies should increase their vigilance regarding cybersecurity threats...more

4/1/2020 / CFTC , Coronavirus/COVID-19 , Cybersecurity , Department of Justice (DOJ) , Enforcement Actions , Financial Crimes , Insider Trading , Investors , Phishing Scams , Pump and Dump , Securities and Exchange Commission (SEC) , Securities Fraud , U.S. Treasury , Wire Fraud

California Consumer Privacy Act Becomes Effective January 1

On January 1, 2020, the California Consumer Protection Act (CCPA) will become effective for all businesses that, among other things, have at least $25 million in annual revenue and collect or use any personal information of...more

12/31/2019 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Financial Services Industry , Fund Managers , Investment , Investment Firms , Investment Management , Personal Data , Personal Information , Privacy Policy

CFTC Settlement Asserts Data Breach Disclosure Requirement for Future Commission Merchants

On September 12, 2019, the Commodity Futures Trading Commission (CFTC) announced a settlement with Phillip Capital Inc. (PCI or the “Company”), a registered futures commission merchant (FCM), after hackers successfully...more

10/14/2019 / CFTC , Chief Compliance Officers , Cybersecurity , Data Breach , Data Security , Enforcement Actions , Information Systems Security Program (ISSP) , Investment Adviser , National Futures Association , Phishing Scams , Policies and Procedures

SEC OCIE Issues Guidance on Advisors’ and Broker-Dealers’ Cloud-Based and Other Network Storage of Customer Data

• On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its observations in past examinations of weaknesses and best practices...more

NFA Issues Interpretive Notices for CPOs Regarding Internal Controls Systems and Cybersecurity

• The NFA has determined that registered CPOs must implement an internal controls system and highlighted best practices for such a framework. • In response to certain frequently asked questions, the NFA has also updated its...more

SEC OCIE Issues Guidance on Advisers’ Recordkeeping Requirements for Electronic Messaging Following its Sweep Examination

• On December 14, the SEC’s OCIE issued a Risk Alert summarizing the findings of its limited-scope examination initiative relating to electronic messaging. • Noting a “pervasive use” of electronic messaging by adviser...more

12/18/2018 / Best Practices , Books & Records , Bring Your Own Device (BYOD) , Cybersecurity , Electronic Communications , Email Policies , Employee Training , Investment Adviser , Investment Advisers Act of 1940 , New Guidance , OCIE , Policies and Procedures , Recordkeeping Requirements , Risk Alert , Risk Mitigation , Securities and Exchange Commission (SEC) , Text Messages

Revised SEC Guidance Concerning Disclosure of Cybersecurity Risks and Cyber Incidents

• Disclosures must inform investors about material cybersecurity risks and incidents, including addressing material cybersecurity risks for cyber-attacks that have not yet occurred. • Comprehensive policies and procedures...more

3/1/2018 / Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Data Breach , Disclosure Requirements , Financial Statements , Insider Trading , Investors , Materiality , MD&A Statements , New Guidance , Non-Public Information , Policies and Procedures , Regulation FD , Risk Assessment , Securities and Exchange Commission (SEC)

Jason Daniel

Akin Gump Strauss Hauer & Feld LLP

Popular Topics by This Author

Latest Posts › Cybersecurity