Just as registered investment advisors name adopting cybersecurity policies as their top compliance chore, RIAs rate anti-money laundering policies as their second biggest concern.
The Investment Adviser Association and ACA Compliance Group’s just-released annual compliance survey found that 88% of the 730 advisors polled identify “cybersecurity/privacy/identity theft” as their hottest compliance concern this year.
For the third year in a row, 24% of compliance officers at RIAs cited anti-money laundering/anti-bribery and corruption as their second biggest priority – triple last year’s 8%.
Firms of all sizes responded to the annual compliance survey, with 34% managing less than $1 billion, 43% managing $1 billion to $10 billion, and 23% managing more than $10 billion. Two-thirds (66%) of responding firms reported having 50 or fewer employees. The online poll was conducted from April 27 through May 25.
Nearly nine in 10 respondents cited concerns about data and information security, with nearly three-quarters – 72% – reporting having a formal, written, standalone cybersecurity program, a jump of 43% from 2015. Another 21% reported having cybersecurity policies and procedures that are incorporated into broader programs, the report notes.
While 18% reported being a victim of a cybersecurity breach in the past 18 months, another 7% said they did not know whether their systems had been breached.
One-third (33%) have purchased specific cyber insurance, while another 15% are considering purchasing insurance.
Seventy-four percent of RIAs also reported devoting resources to cybersecurity/privacy/identity theft compliance testing.
Social media compliance is also a top priority for RIAs, with 90% having adopted formal written policies and procedures to govern the use of social media by employees. Nearly four in 10 – 37% – also noted that they prohibit the use of social networking sites for business purposes, down from 47% in 2015.
Sanjay Lamba, IAA assistant general counsel, noted that IAA’s “hope is that our findings will assist firms in benchmarking their compliance practices against other firms.”