After a series of high-profile data breaches at both financial and non-financial companies, regulators are increasingly highlighting the need for funds’ ongoing efforts to prevent and respond to hacking events.
Amid this added scrutiny, fund managers will be expected to stay informed of their responsibilities and ensure they are in compliance.
The issue of cybersecurity has been in the headlines in 2015 following data breaches involving several nationwide retailers and retail banks. The investment sector has also been affected, including the revelation in August of a large-scale international hacking scheme that used nonpublic information to reap $100 million of illegal profits.
President Barack Obama also recently called for renewed cybersecurity efforts in both the public and private sectors to address the “significant” vulnerabilities the country faces from state, non-state and criminal actors here and abroad.
The Securities and Exchange Commission (“SEC”), meanwhile, announced a settlement with a St. Louis-based investment adviser related to charges that it failed to establish the required cybersecurity policies and procedures ahead of a breach that compromised the personal information of approximately 100,000 individuals, including thousands of the firm’s clients.
As part of this emphasis on cybersecurity, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) released an alert on Sept. 15 outlining its 2015 Cybersecurity Examination Initiative.
Compliments of Kramer Levin Naftalis & Frankel LLP – A member of the EACCNY