CISA Issues “Shields Up” Advisory WHAT HAPPENED? The Cybersecurity & Infrastructure Security Agency’s (“CISA”) issued a “Shields Up” message to every U.S. organization in response to Russia’s unprovoked attack on Ukraine, which included cyber attacks on the Ukrainian government and critical infrastructure. According to CISA, there are no specific or [...]
SEC Exam Trends The SEC’s Division of Examinations has conducted a series of exams, coined as the Retail Investment Company Initiatives (RIC), which focused on mutual funds and exchange-traded funds (ETFs). This initiative concentrated on advisers that fell into the following six categories: (1) index funds that track custom-built indexes; (2) [...]
Cybersecurity Risk Management WHAT HAPPENED? On February 9th, 2022, the SEC announced its proposed rule 206(4)-9 under the Advisers Act and new rule 38a-2 under the Investment Company Act (collectively, the “proposed cybersecurity risk management rules”). The proposed cybersecurity risk management rules codify the requirement for advisers to maintain comprehensive cybersecurity [...]
SEC Proposes Reforms for Private Funds WHAT HAPPENED? On February 9, 2022, the United States Securities and Exchange Commission voted to propose new rules and amendments to enhance the regulation of private fund advisers and protect investors in private funds by increasing transparency. The proposed rules would require private fund advisers to [...]
SEC Continues Focus on Private Fund Advisers WHAT HAPPENED? In the past five years, private fund assets have increased by 70%. As private fund advisers continue to play a larger role in the financial markets, the Division of Examinations (“EXAMS”) published a risk alert of their observations. The risk alert is [...]
SEC Commissioner Signals Regulatory Changes are underway for Cybersecurity WHAT HAPPENED? SEC Chair Gensler spoke at Northwestern Pritzker School of Law’s Annual Securities Regulation Institute yesterday, where he focused on the Commission’s cybersecurity initiatives and a potential cybersecurity regulatory overhaul. Cybersecurity has been a long-standing priority for the SEC and the [...]
Phishing Via Gmail Accounts WHAT HAPPENED? A survey conducted by Barracuda surveyed 10,500 organizations and found that 35% of them had at least one bait attack email in September 2021 alone. Bait attacks are becoming more frequent, and it appears that bad actors who distribute this special kind of phishing email prefer [...]
Advisory on Russian Threats to Infrastructure WHAT HAPPENED? CISA, the FBI, and the NSA have released a joint cybersecurity advisory that gives oversight on Russian cyber operations including their observations on tactics, techniques, and procedures. WHAT DOES THIS MEAN FOR ME? These organizations are working together to help the [...]
Compliance Date Approaching for Fund of Funds Arrangements Under The Investment Company Act of 1940, as Amended WHAT HAPPENED? Last year the U.S. Securities and Exchange Commission adopted a new rule and related amendments regarding fund of funds arrangements in rule 12d1-4 (see our prior coverage here). The regulatory framework provides [...]
Importance of Patching Log4j Flaw WHAT HAPPENED? The Federal Trade Commission (FTC) has warned U.S. organizations failing to secure customer data against Log4Shell zero-day vulnerability could face legal repercussions. The week of January 3rd, the consumer protection agency warned that the serious flaw in the Log4j logging library is being exploited [...]