SEC exam sweep reveals adviser cyber-efforts

Most advisers are assessing electronic security, but approaches and frequency vary widely.
JAN 28, 2015
Most investment advisers and brokers are ‎assessing electronic security at their firms, but their approach and frequency vary widely, according to preliminary observations from a Securities and Exchange Commission exam sweep. The agency has reviewed cybersecurity policies at 50 investment advisers and 50 brokerages, according to Jane Jarcho, national associate director of the SEC's investment adviser and investment company examination program. The "vast majority" of firms conduct "firmwide inventories” of electronic resources (hardware, software, data), maintain written security policies and conduct periodic risk assessments, Ms. Jarcho said. "Although most do it, it really varies in how they do it and how frequently they do it," Ms. Jarcho told state regulators on Monday at the North American Securities Administrators Association annual conference in Indianapolis. A majority of firms prioritize and protect electronic resources based on their sensitivity and business value, Ms. Jarcho said. But she added that small and midsize firms tend not to do this. Where firms may be falling short is ‎in getting to know their clients' online habits. Ms. Jarcho said more than one-third of advisers with retail clients do not assess their login capabilities and practices. Ms. Jarcho cautioned that her observations were preliminary. "We are really just now starting to analyze the results," she said. Findings will be released through speeches by agency officials in coming months, as well as in an investor risk alert. Advisers don't need to be warned by the SEC that storing client information in the cloud is a risky venture, said Shane Hansen, a partner at Warner Norcross + Judd. "There's lightning in them thar clouds, and things may not necessarily go well," Mr. Hansen said at the NASAA conference. "‎Never put anything in an iCloud that you wouldn't want other people seeing." Advisers must stay aware of evolving technology and adjust their cyb‎ersecurity approaches accordingly. "Advisers have a responsibility to be looking and changing policies as this world of cybersecurity changes," Ms. Jarcho said.

Latest News

The power of cultivating personal connections
The power of cultivating personal connections

Relationships are key to our business but advisors are often slow to engage in specific activities designed to foster them.

A variety of succession options
A variety of succession options

Whichever path you go down, act now while you're still in control.

'I’ll never recommend bitcoin,' advisor insists
'I’ll never recommend bitcoin,' advisor insists

Pro-bitcoin professionals, however, say the cryptocurrency has ushered in change.

LPL raises target for advisors’ bonuses for first time in a decade
LPL raises target for advisors’ bonuses for first time in a decade

“LPL has evolved significantly over the last decade and still wants to scale up,” says one industry executive.

What do older Americans have to say about long-term care?
What do older Americans have to say about long-term care?

Survey findings from the Nationwide Retirement Institute offers pearls of planning wisdom from 60- to 65-year-olds, as well as insights into concerns.

SPONSORED The future of prospecting: Say goodbye to cold calls and hello to smart connections

Streamline your outreach with Aidentified's AI-driven solutions

SPONSORED A bumpy start to autumn but more positives ahead

This season’s market volatility: Positioning for rate relief, income growth and the AI rebound