The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
5/30/2024
/ Broker-Dealer ,
Customer Information ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Incident Response Plans ,
Investment Adviser ,
Notice Requirements ,
Personally Identifiable Information ,
Policies and Procedures ,
Regulation S-P ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Assessment ,
Securities and Exchange Commission (SEC)
Investment advisers and managers of private investment funds organized in the Cayman Islands should take note that on September 30, 2019, the Data Protection Law, 2017 (the "DPL"), is set to come into effect....more
As many of you may already be aware, the European GDPR goes into effect during May 2018. Below are some frequently asked questions and answers about GDPR as a short guide to assist investment advisers and private fund...more
The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more
10/30/2015
/ Breach Notification Rule ,
CFTC ,
Commodities ,
Commodity Pool ,
Corporate Executives ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
Due Diligence ,
Futures ,
Information Systems Security Program (ISSP) ,
Information Technology ,
Major Swap Participants ,
NFA ,
NIST ,
Personal Data ,
Recordkeeping Requirements ,
Security Risk Assessments ,
Sensitive Business Information ,
Swap Dealers ,
Third-Party Service Provider ,
Training Requirements
In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more
9/28/2015
/ Broker-Dealer ,
Cease and Desist Orders ,
Civil Monetary Penalty ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Hackers ,
OCIE ,
Personally Identifiable Information ,
Policies and Procedures ,
Registered Investment Advisors ,
Regulation S-P ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Security Risk Assessments
Second Round of Cybersecurity Examinations to Begin -
On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing a...more
9/21/2015
/ Broker-Dealer ,
Chief Information Security Officer (CISO) ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
Investment Adviser ,
OCIE ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Security Risk Assessments ,
Third-Party ,
Training
On April 28, 2015, the SEC’s Division of Investment Management (the “Division”) issued a Guidance Update regarding the SEC’s initiative to assess cybersecurity preparedness and threats in the securities industry, further...more
On April 15, 2014, the Office of Compliance Inspections and Examinations of the Securities and Exchange Commission (the “SEC”) issued a Risk Alert regarding the SEC’s initiative to assess cybersecurity preparedness and...more