As consultants, we can’t emphasize enough the importance of having a proactive cyber security program that is specifically tailored to protect disruption of critical systems as well as protection of sensitive data for both the firm and its customers.
FINRA recently released a podcast AML Update: The Latest Trends and Effective Practices . This podcast provides a great update on the current AML and fraud trends and best practices from Jason Foye, Senior Director of the National Cause and Finance Crimes Detection Program’s Special Investigative Unit . A few highlights from the AML update podcast: Financial Crimes Enforcement Network (FinCEN) Priorities On June 30, 2021, FinCEN posted a bulletin that set out eight priorities, focused on threats to the U.S. financial system and national security. These priorities include corruption, cybercrime (including relevant cybersecurity and virtual currency considerations), foreign and Read more about FINRA Unscripted Podcast: AML Update[…]
FINRA recently organized roundtable discussions with representatives from 20 firms of various sizes and business models to discuss their approaches to mitigating the risks from account takeovers. Account takeover attempts (ATO) are when bad actors are using stolen or synthetic identification material to open accounts at firms that they then use to generate or launder illicit proceeds. Regulators noted a post pandemic rise in online account opening. These activities make it particularly difficult, because the identities are stolen so even with a SARS filed the true identity of the bad actor is generally never known. Regulatory Notice 21-18 shares a Read more about Account Takeover Attempts[…]
Early in the year, FINRA released their 2022 Report on FINRA’s Examination and Risk Monitoring Program, which is designed to inform member firms’ compliance programs by providing annual insights from FINRA’s ongoing regulatory operations. In this report detailing FINRA’s top priorities for 2022, FINRA addresses 21 regulatory areas which are grouped into 4 categories: (1) Firm Operations, (2) Communications and Sales, (3) Market Integrity, and (4) Financial Management. From these 21 regulatory areas, FINRA highlights 7 that they feel are the most important and affect a large portion of member firms, which are as follows: Reg BI and Form CRS Read more about FINRA’s Top Priorities for 2022[…]
Cybersecurity remains one of the principal operational risks facing broker-dealers and Registered Investment Advisers. Accordingly, FINRA and the SEC’s examiners expect firms to have reasonably designed cybersecurity programs and controls consistent with the firm business model and scale of operations to ensure that sensitive data, including client information, is not lost or misused, or accessed by unauthorized users.
Examiners continue to inquire into the Firm’s controls regarding firewalls, vulnerability, penetration testing, and training during office examinations.
The Covid-19 Pandemic has affected everyone, forcing many to work from home and causing an increase in the use of virtual environments. With it comes a rise in cyber-attacks, as hackers take advantage of the confusion and peoples lack of preparation to break into company networks, and trick people into revealing sensitive information. This blog post will discuss some of the common areas of deficiencies for firm’s cybersecurity training programs, and a few tips for improving those programs to keep your firm and employees protected.