SEC “Cybersecurity is one of the greatest risks facing the Financial Services Industry”

SEC

Mary Jo White, Chair of the U.S. Securities and Exchange Commission (SEC), delivered a Keynote Address Investment Company Institute 2016 General Meeting in Washington, DC on the 20th May

The Commission is the primary regulator of the mutual fund industry which is comprised of 8,131 mutual funds with approximately $15 trillion in assets held by 54 million U.S. households as of March 2016.

White advised that the current and future health of the markets and the financial security of investors depend on the success of both its regulatory efforts and how well the industry participants do their jobs as fiduciaries and responsible leaders of the marketplace.

She highlighted 3 significant areas of regulation for the asset management industry:

  • controls on conflicts of interest;
  • a robust registration, reporting and disclosure regime; and
  • controls on specific fund portfolio composition risks and operational risks

Looking to the future, White highlighted disclosure effectiveness and ETFs as key areas of focus for the SEC. She also highlighted a number of areas where the sector must take the lead.

White believes a key challenge for the industry is the risk in using technology and service providers. She stressed the importance of firms ensuring that a fund is adequately prepared to promptly and effectively respond to risks that may be triggered by service providers and its own use of technology, including implementing alternative and reliable means to satisfy the fund’s regulatory requirements.

Cybersecurity is a particularly critical element of this challenge – as I have said before, cybersecurity is one of the greatest risks facing the financial services industry.  Cyber risks can produce far-reaching impacts, and robust and responsible safeguards for funds and for their investors must be maintained”.

The Commission has been very active in drawing attention to the issue and examining and enforcing the rules it oversees in respect of cybersecurity. Its regulatory efforts are focused primarily on ensuring that our registered entities have policies and procedures to address the risks posed to systems and data by cyber-attacks.

While no one can prevent all disruptions from cybersecurity events, you should consider the full range of cybersecurity risks to your funds and consider appropriate tools and procedures to prevent breaches, detect attacks and limit harm”.

BRG recently undertook a Cybersecurity Preparedness Benchmark Study. The study examined six main areas:

  • Leadership
  • Information Governance
  • Risk Management
  • Essential Protection
  • Incident Response and
  • Security Culture

For financial services, BRG partnered with the Institute of Operational Risk.

The results of the Benchmark will be released shortly.

For further information, please contact:

USA:                      Faisal Amin         famin@thinkbrg.com

UK/EMEA            Tony Moroney  tmoroney@thinkbrg.com

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.

What do you think? Comment here...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s