SEC to Examine Registered Broker-Dealers’ and Investment Advisers’ Procedures for Countering Cybersecurity Threats

Posted on April 28th, by , , and in Cybersecurity, Office of Compliance Inspections and Examinations, SEC Guidance. Comments Off on SEC to Examine Registered Broker-Dealers’ and Investment Advisers’ Procedures for Countering Cybersecurity Threats

Background and Purposes

On April 15, 2014, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a “Risk Alert” explaining a new initiative to assess cybersecurity preparedness in the securities industry.  Although not an official rule, regulation or statement of the SEC, the Risk Alert advised that OCIE will be conducting examinations of more than 50 registered broker-dealers and registered investment advisers, regarding their cybersecurity and data security procedures and policies.

OCIE’s cybersecurity initiative is designed to obtain information about the industry’s recent experiences with certain types of cyber threats.  The examinations will focus on the following topics: the firm’s cybersecurity governance, identification and assessment of cybersecurity risks, protection of networks and information, risks associated with remote customer access and funds transfer requests, risks associated with vendors and other third parties, detection of unauthorized activity, and experiences with … Read More »




From the Blog:

Trump Budget Proposes Folding the PCAOB into the SEC by 2022

According to a White House budget issued on February 10, 2020, the White House is considering transferring the authority of the Public Company Accounting...

SEC Gives Management’s Discussion and Analysis (MD&A) a Makeover

With the aim of eliminating certain duplicative disclosures, and modernizing and enhancing Management’s Discussion and Analysis (MD&A) disclosures for the benefit of investors while...

The SEC’s Most Detailed Cybersecurity Guidance to Date

The SEC, through its Office of Compliance Inspections and Examinations (“OCIE”), recently issued its most detailed cyber guidance to date. OCIE had previously issued...