Both the Securities and Exchange Commission and Financial Industry Regulatory Authority have set cybersecurity in their sights as a 2018 exam priority. Following an initial round of information-gathering inspections, officials are now taking a more aggressive tack during exams, doling out deficiency letters to firms with inadequate cybersecurity polices. SEC enforcers have also created their own specialized cyber enforcement unit, which is going after cyber-related issues ranging from market manipulation to cryptocurrency, further raising the pressure on compliance officers to ensure they have strong cybersecurity safeguards.
Join Compliance Reporter and NRS for a webinar on April 19th at 2 pm EST that will examine the evolution of the cybersecurity exam in an age of heightened risk and enforcement.
Topics will include:
- Penetration tests: The SEC’s last exam report on cybersecurity said only half of funds and their advisers were conducting penetration tests to check for cyber vulnerabilities. Is this type of testing becoming more commonly adopted by IAs? What is the best way to test for vulnerabilities? How should risks be addressed?
- Tailoring policies: SEC examiners have warned that most firms’ cybersecurity policies are too vague and general. How can CCOs ensure they are appropriately tailoring cyber policies to their firms?
- Oversight of third-party vendors: What elements are key to a good vendor oversight program?
- Limiting access to critical systems: What are the best procedures for limiting and documenting such access?
- Enforcement: Will the recent creation of a specialized cybersecurity unit within the SEC’s Enforcement Division change the tenor of exams, and how should CCOs prepare for them?
- Kurt Wacholz joined NRS in 2017 as an Executive Consultant, working closely with firm officers to identify regulatory obligations, compliance risks and program challenges as well as assist in the development, implementation and testing of various compliance program elements tailored to a firm’s practice. Prior to joining NRS, Kurt was the owner and managing director of WellSpring Compliance servicing clients that included broker-dealers, investment advisers, financial planners, insurance agencies, and private equity firms. Kurt earned his BA from the University of Wisconsin – Eau Claire and his Investment Adviser Certified Compliance Professional designation from the Center for Compliance Professionals.
- Alex Santos is the founder of Fortress, a cybersecurity-risk consultancy based in Orlando, FL. Previously, Mr. Santos was the President and Co-founder of Digital Risk LLC, the largest independent quality assurance and mortgage origination provider for companies like Freddie Mac, Fannie Mae, Treasury, BoA and FHFA. Mr. Santos earned advanced degrees in Law and Accounting from the University of Florida and is a Certified Public Accountant and a member of the Florida Bar.
Already a member? You can continue to enjoy unlimited access to our exclusive events.
If not, join our membership community today and receive a wealth of benefits including:
– Direct access to daily news update, data & analysis.
– Invitations to our collection of events including awards, summits, dinners and webinars.
– Six specialist networks for the latest industry trends.
– Benchmarking data for flows, performance and product development.
Register now for your free trial and experience the full range of benefits available to you.