2020 Compliance Round-Up: The Top 10 Regulatory Headlines for Investment Advisers This Year WHAT HAPPENED? Amid the unique changes and challenges 2020 has brought, there has been plenty of regulatory news from the U.S. Securities and Exchange Commission and the Office of Compliance Inspections and Examinations (OCIE) in the [...]
Avoid the risk of using common passwords– make your accounts more secure today WHAT HAPPENS IF I USE COMMON PASSWORDS? Password spray attacks target user accounts by attempting to access hundreds of thousands of accounts with the same common password at once, instead of testing many password combinations on [...]
OCIE Risk Alert: common compliance program issues WHAT HAPPENED? On Nov. 19, 2020, the Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) released a Risk Alert outlining common compliance concerns among registered investment advisers. The list was compiled based on recent compliance examinations [...]
ALERT: Phishing attack posing as FINRA survey WHAT HAPPENED? The Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) was recently made aware of a phishing attempt which could affect broker-dealers, investment advisers, and investment companies. The attack came from bad actors, purporting to [...]
The SEC’s 9 recommendations for avoiding “credential stuffing” attacks WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) released a Risk Alert outlining newly identified cyber-attack threats called “credential stuffing.” Credential stuffing is a type of cyber-attack [...]
How to Identify and Avoid Vishing and Smishing Attacks WHAT HAPPENED? You likely have heard of phishing attacks, a type of social engineering scheme that tricks victims into clicking email links infected with malware, or into giving sensitive information to cybercriminals posing as a credible contact. Sophisticated attackers use [...]
Are your firm’s electronic records secure by SEC standards? WHAT HAPPENED? In recent years, the United States Securities and Exchange Commission has heightened its emphasis on cybersecurity requirements for firms. Routine examinations now often involve in-depth requests for information on firms’ cyber and data security practices, which are areas [...]
Newly Identified Compliance Risks Due to COVID-19: What You Should Know WHAT HAPPENED? Last week, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines new compliance risks stemming from the global pandemic. The SEC and OCIE have remained [...]
Are You Taking Steps To Avoid Ransomware Attacks? WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines best practices for maintaining a secure network; the United States Cybersecurity and Infrastructure Agency [...]
New Security Feature for Web CRD and IARD Systems WHAT HAPPENED? For Super Account Administrators (SAAs) and Account Administrators (AAs) on FINRA’s Web CRD or IARD platforms, a new security feature is now required as part of the login process. For these administrators, FINRA is phasing in a multi-factor [...]