Cybersecurity Exam Observations and Effective Practices

Cybersecurity Exam Observations and Effective Practices

Cybersecurity remains one of the principal operational risks facing broker-dealers and Registered Investment Advisers. Accordingly, FINRA and the SEC’s examiners expect firms to have reasonably designed cybersecurity programs and controls consistent with the firm business model and scale of operations to ensure that sensitive data, including client information, is not lost or misused, or accessed by unauthorized users.

Examiners continue to inquire into the Firm’s controls regarding firewalls, vulnerability, penetration testing, and training during office examinations.

Read More…

Message Archiving

Message Archiving

An important component of financial compliance for broker-dealers is establishing message archiving for all communications relating to its business. Not only is it required by FINRA, but it can protect your Firm if there is an employee conducting unethical or illegal business activities. In a communication from Smarsh, a participant in FINRA’s Preferred Pricing Program, they state that “Broker-dealers can avoid being penalized by regulators for wrong doing among individual professionals if they can clearly demonstrate that they are proactively and sufficiently capturing and monitoring all electronic communications.”

Read More…

Cybersecurity Training

Cybersecurity Training for Employees

The Covid-19 Pandemic has affected everyone, forcing many to work from home and causing an increase in the use of virtual environments. With it comes a rise in cyber-attacks, as hackers take advantage of the confusion and peoples lack of preparation to break into company networks, and trick people into revealing sensitive information. This blog post will discuss some of the common areas of deficiencies for firm’s cybersecurity training programs, and a few tips for improving those programs to keep your firm and employees protected.

Read More…

FINRA’s Top Priorities for 2021

FINRA’s Top Priorities for 2021

Early in the year, FINRA released their 2021 Report on FINRA’s Examination and Risk Monitoring Program, which is designed to inform member firms’ compliance programs by providing annual insights from FINRA’s ongoing regulatory operations.

In this report detailing FINRA’s top priorities for 2021, FINRA addresses 18 regulatory areas which are grouped into 4 categories: (1) Firm Operations, (2) Communications and Sales, (3) Market Integrity, and (4) Financial Management. From these 18 regulatory areas, FINRA highlights 6 that they feel are the most important and affect a large portion of member firms, which are as follows:

Read More…

SEC Rule to Allow for the Use Electronic Signatures

SEC Rule to Allow for the Use Electronic Signatures

The SEC recently adopted a rule change to allow for the use of electronic signatures for documents filed with the Commission. This rule change will apply to Regulation S-T, EDGAR Filer Manual, and certain other filings under the Securities Acts of 1933 and 1934 and the Investment Company Act of 1940. This long-awaited rule change was finally put into effect after the rise of COVID-19 and after the Commission received a rule making petition regarding the use of electronic signatures as the pandemic made it significantly more difficult to obtain “wet” signatures, as was originally required by Rule 302(b). Besides adding the option to use electronic signatures, the existing requirements of Rule 302(b) will be otherwise unchanged.

Read More…

Cybersecurity

Lessons from FINRA’s Cybersecurity Conference

As the end of the year approaches, it is a good time to revisit cybersecurity focus points and remind firms and their representatives of potential weaknesses. Cybersecurity is no longer a big firm program. Cyber-attacks occur from one-man shops to multibillion-dollar financial institutions.

Read More…