Prepping the advice business for cybersecurity laws, and vice versa

As lawmakers indicate they will advance legislation setting policies for online data security, an interest group representing financial advisers is preparing for a new lobbying challenge.
Robert Lewis Jr., vice president for legislative affairs at the Financial Services Institute, said he has heard from the leaders of Senate and House committees with jurisdiction that cybersecurity is a priority.
“They’re all talking about moving some sort of cybersecurity legislation,” Mr. Lewis said on Tuesday at the FSI OneVoice conference in San Antonio. “That’s something we’re going to keep an eye on. Whatever the fix is, we want to make sure it works for you all.”
The measures are likely to address data breaches, privacy and the threshold at which customers must be notified of breaches, Mr. Lewis said. Congress would take up the issue at a time when cyberattacks on retailers, such as Target, and a breach at Morgan Stanley have made the issue more urgent.
The FSI said it will try to influence legislation so that it doesn’t shoehorn the group’s independent broker-dealers and financial advisers into requirements that don’t make sense for the industry’s business models.
“We’ve never tackled anything with cybersecurity; this is brand new,” Mr. Lewis said in an interview. “We need to make sure that whatever legislation is introduced is not one-size-fits-all.”
In the next week or two, the FSI will survey its 103 member firms and 35,000 adviser members about their cybersecurity protocols. The organization will share the information with its members as well as legislators and regulators.
“This is a good example of best practices,” Robin Traxler, FSI vice president for regulatory affairs, said in an interview. “We’re excited about it. Our industry is ahead of other industries as far as protecting data. I hope our survey shows that.”
As FSI sends its survey into the field, the Financial Industry Regulatory Authority Inc., the industry-funded broker-dealer regulator, is about to release the results of its cybersecurity exam sweep.
Over the course of the exams, Finra has explored how firms and their vendors are safeguarding data. The report will highlight its observations and provide cybersecurity suggestions for financial advisers.
“We will talk about things we want firms to be focused on in that regard,” Susan Axelrod, Finra executive vice president for regulatory operations, said by phone during a panel at the FSI event.

Related Topics: Financial Industry Regulatory Authority, Financial Services Institute Inc. (FSI)