As the end of the year approaches, it is a good time to revisit cybersecurity focus points and remind firms and their representatives of potential weaknesses. Cybersecurity is no longer a big firm program. Cyber-attacks occur from one-man shops to multibillion-dollar financial institutions.
For many firms, a remote workforce is now a new reality. Even with many states’ shelter-in-place restrictions lifting, firms are continuing with their work-from-home strategies for the majority of their staff. This transition and the related challenges have forced firms to re-evaluate their current cybersecurity and remote policies and procedures. The following considerations are important to ensure that your remote staff has the tools in place to adhere to regulatory rules, firm procedures, and best practices.
Earlier this month, FINRA hosted a Small Firm Conference Call to discuss updates and implications of COVID-19 (Coronavirus). If you were not able to listen to the call live, a replay recording is available on demand. This recording provides and discusses many highlights noted in FINRA’s FAQs Related to Coronavirus Pandemic.
Many financial service institutions have been hesitant to create teleworking processes and systems that would give them more flexibility to service clients and build the business. However, within the regulatory framework, landmines appear at every turn.
Enforcement actions can be scary, especially if you or your Firm are named in the enforcement. For the rest of us, enforcement actions provide valuable information on patterns of misconduct, rule violations, and overall cautionary tales.
With the transition into the electronic storage of client data, Investment Advisers and Broker-Dealers are faced with more complex compliance issues regarding safeguarding client information and records. The United States Securities and Exchange Commission (“SEC”) OCIE Risk Alert from May 2019 addresses some of the issues and concerns identified with cloud-based storage and possible issues to consider regarding the protection of electronic client and business data.