Haynes and Boone, LLP
  February 4, 2015 - United States of America

SEC and FINRA Release Findings from Cybersecurity Examinations at Brokerage and Advisory Firms
  by Ronald W. Breaux, Emily Westridge Black, William Marsh

The SEC’s Office of Compliance Inspections and Examinations (OCIE) yesterday issued a Risk Alert reporting its findings from cybersecurity examinations of registered broker-dealers and investment advisers and stated that it will continue its focus on cybersecurity in 2015 through risk-based examinations. OCIE revealed that most of the examined firms had experienced some type of cyber-attack, primarily through malware and fraudulent emails. Given the findings outlined in the Risk Alert, the cybersecurity guidance issued by FINRA and the investor protection tips issued by the SEC’s Office of Investor Education and Advocacy yesterday are particularly timely.

In reviewing cybersecurity policies at these firms, OCIE made the following findings:


Similarly, FINRA released a report yesterday identifying effective practices for dealing with cybersecurity threats, based on its 2014 targeted examinations of broker-dealer firms. FINRA “expects firms to consider the principles and the effective practices presented in this report as they develop or enhance their cybersecurity programs.” The practices identified by FINRA include:


The SEC’s Office of Investor Education and Advocacy also released an Investor Bulletin yesterday providing tips to investors on how to better protect their online investment accounts. These tips include:


These publications reflect regulators’ increased focus on cybersecurity issues. Registered broker-dealers and advisers should take note of these reports and implement appropriate policies to address the identified issues.

For additional information, please contact one of the attorneys listed below.   

Taylor H. Wilson
214.651.5615
[email protected]

 

Kit Addleman
214.651.5783
[email protected]

 

Ronald W. Breaux
214.651.5688
[email protected]

 

Leslie C. Thorne
512.867.8445
[email protected]

Emily Westridge Black
512.867.8422
[email protected]

Timothy Newman
214.651.5029
[email protected]




Read full article at: http://www.haynesboone.com/sec-and-finra-release-findings-from-cybersecurity-examinations/