Cybersecurity weaknesses worry state RIA regulators

More than 698 deficiencies found in 1,200 exams, says NASAA

Sep 25, 2017 @ 1:01 pm

By InvestmentNews

More than 1,200 coordinated examinations of state-registered investment advisers by state securities examiners in 37 jurisdictions uncovered 698 deficiencies involving cybersecurity, the North American Securities Administrators Association (NASAA) said.

In examinations conducted between January and June 2017, NASAA said the top five cybersecurity deficiencies found by state examiners were: nonexistent or inadequate cybersecurity insurance, no testing of cybersecurity vulnerability, lack of procedures regarding securing or limiting access to devices, no technology specialist or consultant, and a lack of procedures regarding hardware and software updates or upgrades.

At the group's annual meeting this week in Seattle, Mike Rothman, NASAA president and Minnesota's commissioner of commerce, said the group has created a tool for state-registered investment advisers to help them assess their cybersecurity preparedness. Called the NASAA Cybersecurity Checklist for Investment Advisers, it includes 89 assessment areas to help identify, protect and detect cybersecurity vulnerabilities, and to respond to and recover from cyber events.

Overall, the group said that 1,203 reported examinations of state-registered investment advisers uncovered 7,907 deficiencies in 25 compliance areas, compared to 4,983 deficiencies in 22 compliance areas uncovered by 1,170 examinations in 2015. This sample data from state securities examiners is collected every two years and reported voluntarily to NASAA's investment adviser operations project group.

Ranked by number of deficiencies found, books and records (2,625 deficiencies) continued to be the most problematic compliance area, followed by registration (1,165 deficiencies), contracts (921), cybersecurity (698) and custody matters (364).

State securities regulators have regulatory oversight responsibility for investment advisers with assets under management of $100 million or less.

0
Comments

What do you think?

View comments

Recommended for you

Sponsored financial news

Featured video

INTV

Why some retirement plan advisers think Fidelity is invading their turf

InvestmentNews editor Frederick P. Gabriel Jr. and reporter Greg Iacurci talk about this week's cover story that looks at whether Fidelity Investments is stepping on the toes of retirement plan advisers.

Latest news & opinion

Is Fidelity competing with retirement plan advisers?

As the Boston-based mutual fund giant expands the products and services it brings to the retirement market, some financial advisers say the firm is encroaching on their turf.

Gun violence hits investment strategies, sparks political debates with advisers

Screening out weapons companies has limited downside.

Whistleblower said to collect $30 million in JPMorgan case

The bank did not properly disclose that it was steering asset-management customers into investments that would be profitable for JPMorgan Chase.

Social Security underpaid 82% of dually entitled widows and widowers

Agency failed to tell survivors that they could switch to a higher retirement benefit later.

Galvin charges Scottrade with DOL fiduciary rule violations

Action of Massachusetts' top regulator shows states can put teeth into a rule under review by the Trump administration.

X

Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting investmentnews.com? It'll help us continue to serve you.

Yes, show me how to whitelist investmentnews.com

Ad blocker detected. Please whitelist us or give premium a try.

X

Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print