On cybersecurity, industry and regulators are in it together

On cybersecurity, industry and regulators are in it together
No financial adviser can afford the reputational damage or loss of client confidence that can result from a serious cybersecurity failure. And no investor deserves to have his or her private data compromised.
MAY 11, 2015
By  Dale Brown
As more and more of investors' financial lives migrates online, data security has become top-of-mind for independent financial services firms, independent advisers, regulators and legislators alike. Significant data breaches — relatively rare until recent years — now seem to crop up every few months, with potentially disastrous results for both businesses and their customers. Working in an industry based on trust, no financial adviser can afford the reputational damage or loss of client confidence that can result from a serious cybersecurity failure. And no investor deserves to have his or her private data compromised. With more than 100 firm members and more than 37,000 adviser members, FSI is in a unique position to help our industry — and the regulators who oversee it — address this crucial business challenge. In June, we will be kicking off our first FSI Cybersecurity Awareness Month, which will feature a series of webinars hosted by technology thought leaders in the independent financial services industry, as well as the release of cybersecurity white papers from some of our sponsors. CYBERSECURITY TASK FORCE In addition, FSI's Cybersecurity Task Force recently convened its first meeting to study the information security challenges confronting independent firms and advisers, and to facilitate discussion among our members on how to tackle this issue. The task force comprises information technology, operations and compliance professionals from across our membership, as well as third-party experts from our clearing firm, law firm and product provider partners, and will be particularly focused on the needs of small and midsize firms. The task force's expertise and insight will be a tremendous benefit to these firms, which face the same strategic and regulatory imperatives to provide robust data protection for their clients, but frequently operate with more constrained resources. In order to assist the task force in identifying the areas of greatest need and interest for our member firms and to identify effective data protection practices and solutions, we recently conducted a thorough cybersecurity survey, incorporating detailed questions across six core segments of technology and data security. This survey and other sources of member feedback will help to ensure that the task force is focused on the questions and concerns that can make the greatest positive impact for independent firms and advisers across the country. With all of FSI's efforts on the topic of cybersecurity, we are pleased to not only help our members respond to a vital business issue, but to assist federal and state regulators in their efforts to improve data security standards for investors, as well. FINRA FRAMEWORK In its guidance to independent broker-dealers and other firms in February of this year, the Financial Industry Regulatory Authority Inc. presented a thorough framework of effective cybersecurity principles and practices that firms should look to implement in crucial areas, including governance and risk management, risk assessment, technical controls, incident response planning, vendor management, information sharing and others. Finra sensibly left the specific steps for implementing its recommendations up to the discretion of each firm, since companies' overall risk profile, areas of strength and weakness and available resources vary considerably. Just as we have played a key role for years in facilitating discussions among our members on questions ranging from how to establish effective compliance and supervisory functions to what to look for in choosing key technology systems, we look forward to acting as a key resource for them in the years ahead, as they explore options for translating guidance from Finra, the Securities and Exchange Commission and state regulators on improving cybersecurity protections into concrete action. We hope to begin a direct dialogue between the task force and federal and state regulators on these issues as well. Importantly, FSI's Cybersecurity Task Force will also consult closely with our Financial Advisor Council to understand and address the unique cybersecurity needs of individual independent advisers. These hardworking entrepreneurs manage their own stand-alone businesses, each of which comes with its own considerations for remote access, device management, employee credentialing and many more. SUPPLEMENTING TECHNOLOGY Although independent firms work very hard to supply the right solutions to their advisers, some advisers will always need to supplement these technology platforms with additional solutions to fit their particular business models. By establishing strong connections between our Financial Advisor Council and the Cybersecurity Task Force, FSI will be working to ensure that guidance from the SEC, Finra and state regulators on this critical issue filters all the way to the individual adviser level, helping to protect Main Street investors throughout the country, whether their adviser affiliates with the largest national independent firm or a more personalized, smaller firm. As several high-profile data breaches have shown us in recent years, no company in the digital era can afford to be complacent when it comes to cybersecurity. With our multifaceted approach to facilitating conversations and information sharing among the independent financial services community, while at the same time maintaining a constructive dialogue with federal and state regulators and legislators, FSI looks forward to playing a key role in helping our industry meet this challenge effectively in the years ahead. Dale Brown is president and chief executive of the Financial Services Institute Inc.

Latest News

LPL building out alts, banking services to chase wirehouse advisors, new CEO says
LPL building out alts, banking services to chase wirehouse advisors, new CEO says

New chief executive Rich Steinmeier replaced Dan Arnold on October 1.

Franklin Templeton CEO vows to "do what's right" amid record outflows
Franklin Templeton CEO vows to "do what's right" amid record outflows

The global firm is navigating a crisis of confidence as an SEC and DOJ probe into its Western Asset Management business sparked a historic $37B exodus.

For asset managers, easy experience is key to winning advisors' businesses
For asset managers, easy experience is key to winning advisors' businesses

Beyond returns, asset managers have to elevate their relationship with digital applications and a multichannel strategy, says JD Power.

Why retaining HNW clients ultimately comes down to one basic thing
Why retaining HNW clients ultimately comes down to one basic thing

New survey finds varied levels of loyalty to advisors by generation.

Stocks drop as investors digest Microsoft, Meta earnings
Stocks drop as investors digest Microsoft, Meta earnings

Busy day for results, key data give markets concerns.

SPONSORED Out with the old and in with the new: a 50% private markets portfolio

A great man died recently, but this did not make headlines. In fact, it barely even made the news. Maybe it’s because many have already mourned the departure of his greatest legacy: the 60/40 portfolio.

SPONSORED Destiny Wealth Partners: RIA Team of the Year shares keys to success

Discover the award-winning strategies behind Destiny Wealth Partners' client-centric approach.