Today, April 19, 2013, the Securities and Exchange Commission (“SEC”) and the Commodity Futures Trading Commission (“CFTC”) published in the Federal Register rules and guidelines requiring their respective regulated financial institutions to establish programs to address the risks of identity theft, that is, “fraud committed or attempted using the identifying information of another person without authority.” The SEC’s rules apply to broker-dealers, mutual funds, investment advisers, and other financial institutions and creditors; the CFTC’s rules apply to futures commission merchants, retail foreign exchange dealers, commodity trading advisers, commodity pool operators, swap dealers, and major swap participants. The final rules will become effective on May 20, 2013, and compliance is required by November 20, 2013.
The new rules draw more firms into the ambit of the requirement to have identity theft procedures. As SEC Commissioner Luis A. Aguilar noted, investment advisers registered under the Investment Adviser Act, particularly the private fund and hedge fund advisers that are recent registrants with the SEC, might not have existing identity theft red-flag programs, and will need to pay particular attention to the rules being adopted.
Please see full publication below for more information.