State-registered investment advisers need better cybersecurity: NASAA

State-registered investment advisers need better cybersecurity: NASAA
Coordinated exams also show deficiencies in books and records, contracts and fee-related matters
APR 28, 2020

State-registered investment advisers need to shore up their cybersecurity practices, according to the umbrella organization for state regulators.

In a new report, the North American Securities Administrators Association said examinations of investment advisers conducted in the first six months of last year show that 26% of advisers had deficiencies related to cybersecurity, up from 23% when NASAA conducted similar exams in 2017.  

Adviser shortfalls include failing to test for vulnerability, not implementing procedures to secure or limit access to devices, allowing weak passwords and not having sufficient cybersecurity insurance.

The increase in cybersecurity holes indicates problems in preparation and practices, NASAA said. In 2017, the association released a cybersecurity checklist for investment advisers.

“Our coordinated examinations show that overall deficiencies in just about every category except cybersecurity have decreased since 2015,” Alex Glass, Indiana Securities Commissioner and chair of the NASAA Investment Adviser Section, said in a statement. “NASAA’s new model rule requires investment advisers to adopt policies and procedures regarding information security and to deliver its privacy policy annually to clients. This represents a significant step toward enhancing the cybersecurity and privacy practices of state-registered investment advisers.”

NASAA conducted 1,078 coordinated state examinations of state-registered advisers in 41 U.S. jurisdictions between January and June 2019.

Problems with maintaining books and records was the biggest deficiency (59%) for state-registered advisers, followed by registration (49%), contracts (44%), cybersecurity (26%), and fee-related matters (21%). The NASAA report includes a list of best compliance practices and procedures.

State regulators provide oversight for investment advisers who have less than $100 million in in assets under management. The NASAA report shows there are 17,533 state-registered advisers. The states with the most advisers are California, Texas, Florida, New York and Illinois.

Among the advisers who manage assets included in the 2019 coordinated exams, 67% had AUM between $30 million and $100 million and 33% had AUM of less than $30 million.

Under the Dodd-Frank financial reform law, about 2,100 advisers with AUM between $30 million and $100 million switched from Securities and Exchange Commission oversight to state regulation in 2013. There are about 13,000 SEC-registered investment advisory firms, according to the Investment Adviser Association.

A typical state-level advisory firm employs one or two people and serves retail investors with portfolio management and financial planning, according to the NASAA report.

The fact that most state advisers are small businesses adds to the premium they should place on cybersecurity.

“Smaller companies are the low hanging fruit for cybercriminals, and when you consider that more than three-fourths of the nearly 18,000 state-registered investment advisers are one- to two-person shops, it is clear how important cybersecurity should be for these small businesses as well,” the NASAA report states.

Latest News

‘No detractor’ to using direct indexing as an investment strategy
‘No detractor’ to using direct indexing as an investment strategy

Thirty four percent of advisors surveyed by InvestmentNews say they use direct indexing strategies but 39 percent don’t.

After watching advisors bolt, B. Riley now losing investment bankers
After watching advisors bolt, B. Riley now losing investment bankers

“This is on the B. Riley Securities side of the business, the dealmaking side,” one senior industry executive said.

Does sell and stay really work?
Does sell and stay really work?

There are three essential elements you must bring to the table to increase the chances of a successful post-sale career.

Retirement savings rise with two account types posting record highs
Retirement savings rise with two account types posting record highs

Across generations, how are savers doing with their 401(k) contributions?

What's making America's billionaires richer, faster?
What's making America's billionaires richer, faster?

New report shines some light on today's billionaires' investments.

SPONSORED How MRP’s Synthetic Equity is balancing growth and protection for advisors

"Synth Equity has been such a tailwind for these advisors who really understand the story," Measured Risk Portfolios’ head of distribution said.

SPONSORED The future of prospecting: Say goodbye to cold calls and hello to smart connections

Streamline your outreach with Aidentified's AI-driven solutions