issued May 23, 2019
The U.S. Securities and Exchange Commission (“SEC” or the “Commission”) has again commenced a series of cybersecurity examinations of registered investment advisers. The SEC distributed numerous request letters in May to gather registrant information pertaining to vendor diligence and oversight of cloud providers. The Commission is scrutinizing adviser policies and procedures which relate to the identification and monitoring of risks attendant to client information stored on third party vendor platforms. In general, advisers have a fiduciary duty and regulatory obligation pursuant to privacy regulations and cybersecurity guidance to ensure that non-public client information residing on third-party platforms remains secure and protected from misappropriation.
Read More
Recent Comments