Finra to examine broker-dealers for cybersecurity threats

Regulator follows the lead of the SEC, seeks to understand dangers that lurk online

Feb 7, 2014 @ 1:18 pm

By Mark Schoeff Jr.

finra, cybersecurity, sec, broker-dealers
+ Zoom

Finra will examine some member firms to assess how they are protecting themselves from potential online threats, the broker-dealer regulator said in a notice posted on its website Thursday.

The Financial Industry Regulatory Authority Inc. said that it is trying to understand the dangers that lurk online for financial companies and their major information technology vulnerabilities. The regulator will review firms' cybersecurity preparation and supervision.

Finra is surveying about 20 firms across a variety of business models.

The regulator is launching the initiative because cybersecurity is consistently cited by member firms as one of their top five risks, according to Finra spokeswoman Michelle Ong.

(See: Which firms are most at risk for cyber-attacks?)

“Finra is conducting this assessment in light of the critical role information technology plays in the securities industry, the increasing threat to firms' IT systems from a variety of sources and the potential harm to investors, firms and the financial system as a whole that these threats pose,” the organization said in its notice.

The move follows an announcement by the Securities and Exchange Commission last week that it will conduct cybersecurity examinations before the end of September.

Jane Jarcho, national associate director of the SEC's Office of Compliance Inspections and Examinations, told the audience at a compliance conference Jan. 30 that the commission will review the resources that firms devote to information security, their policies for assessing, preventing and responding to attacks and their systems guarding against identity theft and ensuring business continuity, among other areas.

Cybersecurity has long been a worry for the U.S. government and business. Its profile increased even more in recent weeks following massive customer data breaches at retailers Neiman Marcus, Target and possibly Michaels.

“The hackers are very slick,” said Jennifer Openshaw, president of Finect, a compliant social-media platform for financial advisers. “It's in everyone's best interest to be looking for new ways that investors can be harmed.”

Last year, the SEC approved a rule requiring investment advisers to implement identity theft programs.

“Think carefully about what policies you have in place to detect identity theft around customer accounts,” Norm Champ, director of the SEC Division of Investment Management, said at the Jan. 30 compliance event at the commission's headquarters in Washington.

“Cybersecurity is one of the top issues we're hearing about, David Grim, deputy director of the division, said later in the program.

Some advisory firms won't be prepared for the cybersecurity exams, Ms. Openshaw said.

Smaller firms may lack resources and bigger ones may be relying on outdated technology.

“The most important thing for advisers is to at least have a process — a method and frequency for checking on cyberthreats, protecting data and having a feedback loop to the company, should any problems happen,” she said.


What do you think?

View comments

Recommended for you

Featured video


Why the bionic adviser is the way of the future

The bionic adviser is the way of the future. We spoke with Simon Roy of Jemstep to get his insights on how technology will continue to impact the industry.

Video Spotlight

Will It Last As Long As Your Clients Do?

Sponsored by Prudential

Video Spotlight

The Catalyst

Sponsored by Pershing

Latest news & opinion

Brian Block's $4 million bonus was tied to a key metric at ARCP

Prosecution rests case in fraud trial against CFO of American Realty Capital Properties.

Edward Jones is winning the Google search war

Brokerage firm's digital marketing investment helps land it at the top of local and overall search engine results, report finds.

Voya's win in 401(k) fee suit involving Financial Engines bodes well for other record keepers

Fidelity, Aon Hewitt and Xerox HR Solutions are currently defending against similar fiduciary-breach claims.

Collective investment trusts getting more attention from 401(k) advisers

The funds are catching on due largely to lower costs and more product availability, but come with some inherent drawbacks.

Vanguard rides robo-advice wave to $65B in assets

Personal Advisor Services, four times the size of its closest competitor, combines digital and human touch.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print