SEC Risk Alert Shows Gaps in Firm Cybersecurity Programs

The SEC’s Office of Compliance Examinations and Inspections (OCIE) has released a Risk Alert with a brief summary of observations from its second round of cybersecurity exam sweeps, where it surveyed 75 broker dealers, investment advisors, and investment companies.  The Cybersecurity 2 Initiative was a more thorough follow-up to their 2014 Cybersecurity 1 Initiative.  The… READ MORE

Form ADV Changes Are Around the Corner – Are You Ready?

Last August the U.S. Securities and Exchange Commission (“SEC”) issued a final rule expanding the information required on Form ADV.  All investment advisers making Form ADV filings as of October 1, 2017 will need to include the applicable additional information.   The following is a guideline for the new information required on Form ADV Part 1:… READ MORE

Cybersecurity Deadline Approaches – Preparing your firm for the first phase of New York’s ’ Cybersecurity Rule 23 NYCRR 500

The first phase implementation date of New York’s “Cybersecurity Requirements for Financial Services Companies” rule is August 28th, 2017.   The rule requires firms to develop and maintain a cybersecurity program designed to protect the confidentiality, integrity and availability of their information systems.  The program must be based on a risk assessment, identify and assess internal… READ MORE