Each week we’re giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser ("RIA") compliance and regulatory issues. This week's recap focuses on the potential delay of phase 2 of the Department of Labor ("DOL") fiduciary rule and new Securities and Exchange Commission ("SEC") cybersecurity guidance. Check back each week for the latest list of top stories.
Here's our top investment adviser compliance articles for the week of August 5, 2017:
- DOL Fiduciary Rule Delay Would Be "Double-Edged" Sword, Lawyer Says (Author- Melanie Waddell, ThinkAdvisor)
Melanie Waddell reports that Steve Saxon, a lawyer, states a delay in the implementation of the DOL Fiduciary rule would be a “double edged sword”. He added, “We will be in limbo for another two years, at least.” Opponents of the rule argue that industry professionals need more time to comply, and that the industry as a whole, is not ready for the fiduciary rule at all. In general, the regulatory approval process, says Erin Sweeney, “is taking longer than anyone expected.” In all, the delay seems to be helping a lot of people breathe easier.
DOL rule opponents can chalk up a win, says Corbin. The rule, which is already partially in effect, does have a second phase, but now its implementation may be moved back at least 18 months, rather than the previously scheduled January 1, 2018. While some are applauding this potential change, others, such as Duane Thompson, shares a different point of view. "I think it was widely expected that the DoL would extend the final implementation date past Jan. 1, but 18 months is a very long time to consider changes to a rule that has been in the works for six years," he says.
- IRA Rollover Traps Lurk Under DOL Fiduciary Rule (Author- Robert Bloink & William H. Byrnes, ThinkAdvisor)
Bloink and Byrnes report that IRA rollovers can be impacted by the DOL fiduciary rule in some cases. The authors argue this will further complicate an already confusing piece of legislation. They write, “This means that advisors must proceed with caution when discussing even a client’s existing retirement assets in order to comply with the rule—or, as many would prefer, avoid its application entirely.” As always, advisors are encouraged to keep an eye out for exemptions, especially the best interest contract exemption, or BICE, or the level fee "streamlined" exemption.
- SEC risk alert calls on advisory industry to do more to shore up cybersecurity (Author-Liz Skinner, InvestmentNews)
Earlier this week, the SEC Office of Compliance Inspections and Examinations ("OCIE") provided another round of cybersecurity guidance to RIA firms. The SEC recently concluded a second round of cybersecurity-focused examinations, and it would appear advisory firms need to tighten their security. Ransomware attacks like “WannaCry” and “Heartbleed” are very real, and can compromise client data. Software companies continue to issue patches, some marked critical in order to block against these, and RIAs need to keep them updated, according to Skinner. She states creating a response plan in case the worst does happen is also critical.
- The Man Who Wrote Those Password Rules Has a New Tip: N3v$rM1^d! (Author- Robert McMillan, Wall Street Journal)
In 2003, a report on password guidelines was authored by Bill Burr. This eventually became protocol for all modern password "best practices." Bill Burr, however, is now lamenting the report, which was actually based on a paper from the 80s, and not case experience. “Much of what I did I now regret,” Burr says. New data shows these random strings of characters don’t really do anything to deter hackers. Ashley May contributes “A 2010 study by the University of North Carolina at Chapel Hill showed that updating passwords often can actually help hackers identify a pattern.”
Don't forget to check out last week's top RIA compliance news articles on new Form ADV changes and an uptick in volume of SEC audits. Be sure to check back next Friday for next week’s top articles!
Lexington Compliance and RIA in a Box LLC are not law firms, investment advisory firms, or CPA firms. Lexington Compliance and RIA in a Box LLC do not provide legal advice or opinions to any party or client. You should always consult your relevant regulatory authorities or legal counsel if applicable.