The CCPA Enforcement Date Is Approaching: What You Should Know WHAT HAPPENED? The July 1, 2020 enforcement date for the California Consumer Privacy Act (CCPA) is fast approaching. The original adoption of the regulations, on Jan. 1 of this year, contained a six-month enforcement delay. Although some organizations requested [...]
What Does OCIE Look for When Examining Cybersecurity Practices? WHAT HAPPENED? In recent years, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission made cybersecurity a top priority when examining all types of firms. As the use of digital technology becomes more essential to [...]
OCIE Releases List of Common Investment Company, Money Market Fund, and Target Date Fund Compliance Issues WHAT HAPPENED? On Nov. 7, 2019, the Office of Compliance Inspections and Examinations of the Securities and Exchange Commission released a Risk Alert outlining common compliance observations among investment companies, money market funds, [...]
OCIE Warns of Cloud-Based Server Security Risks WHAT HAPPENED? Last week, the Office of Compliance Inspections and Examinations (OCIE) discovered several security risks related to the storage of customer information by broker-dealers and advisers, particularly related to the use of cloud-based servers. The primary risk was found to stem [...]
OCIE Warns Advisers and Broker-Dealers of Regulation S-P Compliance Issues WHAT HAPPENED? On April 16, 2019, the Office of Compliance Inspections and Examinations (OCIE) published a list of compliance issues in connection with Regulation S-P. Regulation S-P requires registered investment advisers, investment companies, and broker-dealers (registrants) to provide notice [...]
FINRA Releases Report On Selected Cybersecurity Practices WHAT HAPPENED? On December 20, 2018, the Financial Industry Regulatory Authority (FINRA) released a Report on Selected Cybersecurity Practices (the “2018 Report”). In it, FINRA outlines five topics of focus: Cybersecurity controls in branch offices; Methods of limiting phishing attacks; Identifying and [...]