Massachusetts, Illinois Surveying Advisors on Cybersecurity

Advisors have until June 24 to provide answers on their cybersecurity practices

Advisors must complete the 23-question security survey by June 24. Advisors must complete the 23-question security survey by June 24.

More On Legal & Compliance

from The Advisor's Professional Library
  • Risk-Based Oversight of Investment Advisors Even if the SEC had a larger budget and more resources, it is doubtful that the Commission would have the resources to regularly examine all RIAs. Therefore, the SEC is likely to continue relying on risk-based oversight to fulfill its mission of protecting investors.
  • U.S. Securities and Exchange Commission Information This information sheet contains general information about certain provisions of the Investment Advisers Act of 1940 and selected rules under the Adviser’s Act.  It also provides information about the resources available from the SEC to help advisors understand and comply with these laws and rules.

Regulators in Massachusetts and Illinois are polling investment advisors registered in the states on their cybersecurity policies and practices.

Massachusetts securities regulator William Galvin said Tuesday that advisors’ responses could prompt changes in the state’s current regulations.

The survey includes 23 questions and covers firms' policies and procedures on cybersecurity, including types of authentication, encryption software, types of hardware, electronic backup and arrangements with third-party providers, as well as costs and insurance coverage.

Advisors in both states must complete the survey by June 24.

Tanya Solov, director of the Illinois Securities Department, told ThinkAdvisor that Illinois' survey includes "very slight revisions [from Massachusetts'] to account for Illinois law."

“With the almost universal reliance on computer trading and communication, it is essential that investors can be confident that their financial data is secure from unauthorized intrusion from whatever source,” Galvin said in a statement. “This survey will assist the Securities Division in deciding if changes are necessary in its regulations and policies for state-registered investment advisors.”

One of the 23 questions asks advisors to gauge the financial impact any new regulations or procedures implemented by the Massachusetts Securities Division would have on their firm.

The questionnaire comes on the heels of cybersecurity exam sweeps of broker-dealers and advisors that are now being conducted by the Securities and Exchange Commission and the Financial Industry Regulatory Authority. Both regulators have listed cybersecurity as one of their top priorities this year.

---

Check out Cybersecurity Crackdown: Where SEC, FINRA Will Strike on ThinkAdvisor.

Reprints Discuss this story
This is where the comments go.