The North American Securities Administrators Association, Inc. (“NASAA”) is requesting public comment regarding a proposed model rule for information security and privacy for registered investment advisers (RIAs) under the Uniform Securities Acts Of 1956 And 2002. NASSA has been actively working on addressing various investment adviser-related cybersecurity concerns and desires for several years and has identified a significant need for more information and tools regarding cybersecurity.
This blog post is the third and final entry in our series on the five major areas of Regulatory Technology (RegTech) tools as determined by FINRA: surveillance and monitoring, customer identification and anti-money laundering (AML) compliance, regulatory intelligence, reporting and risk management, and investor risk assessment. If you missed our previous entries on how the financial services industry is using RegTech tools to keep up with their regulatory compliance requirements, they can be found at “RegTech: Surveillance and Monitoring” and “RegTech: Customer Identification and AML Compliance”. Our final entry will address the areas of regulatory intelligence, reporting and risk management, and investor risk assessment. Read More…
Welcome to the second part of our three-part series on Regulatory Technology (RegTech) tools and the securities industry! As we discussed in our previous post, “RegTech: Surveillance and Monitoring,” more and more members of the financial services industry are using RegTech tools to effectively and more efficiently meet their regulatory compliance requirements. FINRA has identified five major areas in which RegTech tools are being applied: surveillance and monitoring, customer identification and anti-money laundering (AML) compliance, regulatory intelligence, reporting and risk management, and investor risk assessment. Today we will be focusing on customer identification and AML compliance RegTech applications.
In an effort to keep current with regulatory compliance requirements, many financial services firms are turning to regulatory technology (“RegTech”) tools to help them meet their obligations effectively and most efficiently. After discussions with over forty participants in the RegTech space, FINRA has provided a summary of how RegTech tools are being applied in five major areas: surveillance and monitoring, customer identification and anti-money laundering (AML) compliance, regulatory intelligence, reporting and risk management, and investor risk assessment. We will be tackling these areas across three different blogs. Our first area of interest is surveillance and monitoring. Read More…
[Continued from ERA: Exempt Reporting Adviser Qualification – Part I]
SEC ERA Registration vs. State ERA Registration
Firms with more than $100 million in regulatory AUM (Large Advisers) must register with the SEC unless an exemption is available. Advisers with between $100 million and $150 million AUM solely attributable to private funds are exempt under the private fund adviser exemption, as described above. Advisers with over $150 million AUM must register with the SEC.
Per the Investment Advisers Act of 1940 (the “Advisers Act”), firms who meet the definition of providing investment advisory services generally must register either with the SEC or with state securities regulators. When the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the “Dodd-Frank Act”) was signed into law, the Advisers Act was amended to implement a new category for a narrow class of advisory firms: the Exempt Reporting Adviser (ERA).
Cryptocurrency (also spelled crypto currency) is everyone’s new favorite hot topic. Even if you’ve done no research into the topic, you’ve probably heard of the most (in)famous cryptocurrency: Bitcoin. But what are cryptocurrencies? And how are they affecting the securities industry?
Cybersecurity programs remain a significant priority for financial services industry regulators, including the SEC, FINRA, and state securities regulatory agencies. As mentioned in FINRA’s 2018 Annual Regulatory and Examination Priorities Letter, member firms need to have cybersecurity programs in place and such programs must capable of protecting sensitive information, including personally identifiable information of clients, from both internal and external threats. Over the past couple of years, awareness of cybersecurity risk has increased dramatically. However, as awareness increases, so does the sophistication of cybersecurity threats. And even a robust cybersecurity program can be compromised by something as simple as an employee opening an email attachment that contains malware. So, what can a firm do to combat phishing and spearphishing attacks, ransomware attacks, fraudulent third-party wires, etc.?
In our previous blog on Registered Investment Advisers (RIAs), “How to Register as an RIA: What is a Registered Investment Adviser?”, we discussed some important basics of RIAs – how does one define an RIA, what is Fiduciary Duty, why do RIAs need to register, what is the difference between state registration and SEC registration, etc. Today, we will return to the topic of state registration vs. SEC registration in order to provide a more thorough examination of the issue.