It is no secret that cybersecurity threats are evolving far more rapidly than the ability of governments and regulators to counter them. Legislators and regulators in the states understand the urgency of this problem and have made admirable efforts to develop protections for consumers and investors.
Unfortunately, in our industry, a side effect of these individual state efforts to strengthen cybersecurity protections has been to create significant compliance challenges for advisers. What we need now is greater coordination to help these various authorities come together behind a principles-based approach to combating cyberthreats.
As one illustration, all 50 states have laws requiring companies to notify consumers about data breaches, but the definitions of a “breach” and “personal information” vary by state. For firms and advisers — most of which work with clients across multiple states — this creates unnecessary complications in developing protocols to follow in the event of a breach.
We are working with lawmakers and regulators to emphasize a commonsense approach to cybersecurity that harmonizes various protections and guards against cyberthreats, while also maintaining operating efficiency and flexibility.
In general, we believe that:
• National standards are preferable to a patchwork of state-by-state rules;
• Where possible, uniform approaches to cyberthreats should be pursued, while also incorporating enough flexibility to allow firms to develop effective solutions for different business models;
• Cybersecurity standards should not place undue burdens on small businesses; and
• All entities, whether private or public, should be held to a common, consumer-friendly data security standard.
We are also taking practical steps to put these principles into action.
First, we support the draft privacy legislation introduced by Senate Commerce Committee Chairman Roger Wicker, R-Miss., in December. While still in its early stages, this bill would establish national rules for handling personal information online, creating uniform federal standards.
We intend to work with Mr. Wicker and other members of Congress to secure national data breach notification requirements — instead of a patchwork of unique approaches — that ensure prompt and effective notice to consumers if their personal information is compromised.
Secondly, we are working to address our members’ concerns surrounding the confidential client information they are required to provide to Finra for the regulator’s Consolidated Audit Trail initiative.
As currently envisioned, the CAT database will be an enormous repository of highly sensitive information, including personal and financial information on advisers’ clients. We are working with regulators to ensure that this vast trove of information is either properly secured — or simply not collected at all, as proposed in the recent request for exemptive relief filed by the CAT NMS Plan Participants.
We also continue to educate regulators on the challenges our members face each day in complying with rules that bear directly on cybersecurity, such as books and records requirements.
While cybersecurity is a large, evolving challenge involving complex and disparate laws and regulations across the country, we are working to bring a coordinated approach to the key legislation and rules that impact our members most.
Dale Brown is president and CEO of the Financial Services Institute.
Survey reveals widening gap between investment ambition and workforce readiness across the sector
“It’s time for an economic reset,” wrote the California governor, in a post on X.
Masterworks was launched in 2017 but its RIA, Masterworks Advisers, is just three years old.
One 2017 form, no broker license, and a $42 million gap they say surfaced on a webinar.
Fewer than half of Americans in their peak earning years feel on track for retirement, while many say limited financial knowledge and access to professional guidance are holding them back.
Dan Biagini of American Equity says the steady decline of pensions, longer lifespans and a reset in interest rates are rewriting how advisors build retirement income
Direct indexing is on pace to outgrow ETFs and mutual funds. Northern Trust's Ken Lassner explains why the advisors who get it wish they had started sooner.
