Cybersecurity Archives - MasterCompliance

FINRA Encryption Best Practices

Posted on August 16, 2023 by SCM Communications

Twenty years ago, when all of us worked in the office, the IT department was able to manage a broker dealer’s cyber security fairly well. All of the computers worked off of a main network where various firewalls and malware protection could be maintained on a regular basis. Then comes COVID and all personnel began to work remotely. Post COVID, much of the broker dealer workforce still works remotely. It has become the new normal. How can your broker dealer’s IT department and/or vendor make sure that everyone’s computer equipment is up to date with the strongest and most current Read more about FINRA Encryption Best Practices[…]

Cyber security is complex and cyberthreats are constantly evolving. Therefore, a substantial challenge that many firms face is that they just do not have the in-house resources available to dedicate a team of individuals to a cyber security program.

Cyber Security – Is the “Blind leading the Blind?”

Posted on April 10, 2023April 21, 2023 by SCM Communications

As consultants, we can’t emphasize enough the importance of having a proactive cyber security program that is specifically tailored to protect disruption of critical systems as well as protection of sensitive data for both the firm and its customers.

FINRA Unscripted Podcast: AML Update

Posted on July 8, 2022July 8, 2022 by admin

FINRA recently released a podcast AML Update: The Latest Trends and Effective Practices . This podcast provides a great update on the current AML and fraud trends and best practices from Jason Foye, Senior Director of the National Cause and Finance Crimes Detection Program’s Special Investigative Unit . A few highlights from the AML update podcast: Financial Crimes Enforcement Network (FinCEN) Priorities On June 30, 2021, FinCEN posted a bulletin that set out eight priorities, focused on threats to the U.S. financial system and national security. These priorities include corruption, cybercrime (including relevant cybersecurity and virtual currency considerations), foreign and Read more about FINRA Unscripted Podcast: AML Update[…]

Account Takeover Attempts

Posted on July 1, 2022 by admin

FINRA recently organized roundtable discussions with representatives from 20 firms of various sizes and business models to discuss their approaches to mitigating the risks from account takeovers. Account takeover attempts (ATO) are when bad actors are using stolen or synthetic identification material to open accounts at firms that they then use to generate or launder illicit proceeds. Regulators noted a post pandemic rise in online account opening. These activities make it particularly difficult, because the identities are stolen so even with a SARS filed the true identity of the bad actor is generally never known. Regulatory Notice 21-18 shares a Read more about Account Takeover Attempts[…]

FINRA’s Top Priorities for 2022

Posted on March 11, 2022 by admin

Early in the year, FINRA released their 2022 Report on FINRA’s Examination and Risk Monitoring Program, which is designed to inform member firms’ compliance programs by providing annual insights from FINRA’s ongoing regulatory operations. In this report detailing FINRA’s top priorities for 2022, FINRA addresses 21 regulatory areas which are grouped into 4 categories: (1) Firm Operations, (2) Communications and Sales, (3) Market Integrity, and (4) Financial Management. From these 21 regulatory areas, FINRA highlights 7 that they feel are the most important and affect a large portion of member firms, which are as follows: Reg BI and Form CRS Read more about FINRA’s Top Priorities for 2022[…]

Cybersecurity Exam Observations and Effective Practices

Posted on July 14, 2021 by admin

Cybersecurity remains one of the principal operational risks facing broker-dealers and Registered Investment Advisers. Accordingly, FINRA and the SEC’s examiners expect firms to have reasonably designed cybersecurity programs and controls consistent with the firm business model and scale of operations to ensure that sensitive data, including client information, is not lost or misused, or accessed by unauthorized users.

Examiners continue to inquire into the Firm’s controls regarding firewalls, vulnerability, penetration testing, and training during office examinations.