SEC Issues Risk Alert concerning its cybersecurity preparedness initiative

In January 2014, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) announced that a focus on technology and cybersecurity preparedness would be included in its 2014 examination priorities.

A Risk Alert was issued by OCIE on April 15, 2014 to provide additional information on this initiative. OCIE announced that it will conduct examinations of more than 50 registered broker-dealers and registered investment advisers, focusing on the following:

  • cybersecurity governance
  • identification and assessment of cybersecurity risks
  • protection of networks and information
  • risks associated with remote customer access and funds transfer requests
  • risks associated with vendors and other third parties
  • detection of unauthorized activity
  • experiences with certain cybersecurity threats

It is believed these examinations will help identify areas where the Commission and the industry can work together to protect investors and capital markets from cybersecurity threats.

As part of the Risk Alert, OCIE included a sample request list outlining the information and documents that will be reviewed during these examinations.  The sample document request is intended to assist compliance professionals in assessing their firm’s level of preparedness.

Registered entities are encouraged to review the sample document request, as well as the “Framework for Improving Critical Infrastructure Cybersecurity” released in February 2014 by the National Institute of Standards and Technology, to assess their current cybersecurity preparedness.

SEC Issues Risk Alert concerning its cybersecurity preparedness initiative 2014-04-23T00:00:00.0000000 /insights/publications/compliance-and-regulatory-consulting/sec-issues-risk-alert-concerning-its-cybersecurity-preparedness-initiative publication {DA6CC51B-740E-439A-B283-2BBFB5326BAA} {AB22E3A7-0FD2-43A7-91E0-C3590E9141B9} {EBC1AB28-1393-493C-AF32-19B3B0B6E171} {DE05ECA4-1852-4BEF-A4E1-491CB497F9CB} {65648E61-ED08-40DF-AEE6-DB90ABD49289} {871EB752-F3E8-4991-AA79-545153989F0D} {95D7F66C-11BB-4E7D-B07C-48874A321F98}

Related Services

Duff & Phelps Compliance and Regulatory Consulting

Compliance and Regulatory Consulting

Cybersecurity Services

Cybersecurity support for asset managers.

Cybersecurity Services
Duff & Phelps Compliance and Regulatory Consulting

Compliance and Regulatory Consulting

U.S. Regulation

Comprehensive support for asset managers registering in the U.S.

U.S. Regulation
Duff & Phelps Compliance and Regulatory Consulting

Compliance and Regulatory Consulting

By Jurisdiction

Regionally targeted assistance for asset managers in compliance program development, implementation and maintenance

By Jurisdiction
Duff & Phelps Valuation Advisory Services

Valuation Advisory

Portfolio Valuation

Alternative investment valuation for private equity and hedge funds.

Portfolio Valuation
Duff & Phelps Disputes

Disputes and Investigations and Legal Management Consulting

Global Fraud and Forensic Investigations

Expert analysis to help clients understand, prevent and manage fraud.

Global Fraud and Forensic Investigations

Insights