RIA Compliance and Practice Management Blog

An RIA Firm's Cybersecurity Compliance Program

Beginning in 2015, the U.S. Securities and Exchange Commission ("SEC"), via its Office of Compliance Inspections and Examinations ("OCIE"), has specifically listed cybersecurity as an annual examination priority for registered investment advisers ("RIAs"). In the most recent 2019 exam priority guidance, the OCIE staff noted: "Specific to investment advisers, SEC OCIE will… continue to focus on, among other areas, governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response.” While these six areas of focus for information security were first enumerated in the SEC’s September 2015 risk alert, they have remained consistently in the spotlight since then.

On June 14, 2019, the state of Massachusetts Securities Division passed an amendment that now requires all registered investment adviser ("RIA") firms registered in Massachusetts to provide clients and prospective clients with a one-page, stand-alone Table of Fees for Services. This new "Fee Table" requirement will be enforced beginning on January 1, 2020. This new state-registered investment disclosure regulation requires that the Fee Table be updated and delivered consistent with the existing updating and delivering requirements related for the Form ADV. In addition, if the RIA firm has a website, the Fee Table "must be available and easily accessible on the website."

Each week we’re giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser ("RIA") compliance and regulatory issues. This week's recap focuses on cybersecurity risks, reactions to Regulation Best Interest ("Reg BI"), and technology focusing on compliance. Check back each week for the latest list of top stories.

Our recent analysis of publicly available private fund data, including detailed private equity and hedge fund data, published by the Securities and Exchange Commission ("SEC") revealed that SEC-registered exempt reporting advisers and private funds are perhaps the fastest growing segment of the investment adviser industry. In this follow-up post, we take a closer look at the hedge fund segment within the broader private fund industry. In particular, by using Form PF filing data, we analyze the relative growth in the number of mid-size and large hedge funds and advisers over the past six years from 2013 to 2018.

Each week we’re giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser ("RIA") compliance and regulatory issues. This week's recap focuses on Form CRS, expansion of the definition of an "accredited investor", and new Massachusetts and New Jersey fiduciary rule proposals. Check back each week for the latest list of top stories.

On May 23, 2019 the North American Securities Administrators Association ("NASAA"), the Securities and Exchange Commission ("SEC") and the Financial Industry Regulatory Authority ("FINRA") issued a fact sheet on The Senior Safe Act, signed into law May 24, 2018, to increase awareness on how the immunity provisions work for broker-dealers, investment advisers, and transfer agents. While the Act does not require financial institutions and regulators to take action, it does, for financial institutions and eligible employees, "provide immunity from liability in any civil or administrative proceeding for reporting potential exploitation of a senior citizen."

t

Each week we’re giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser ("RIA") compliance and regulatory issues. This week's recap focuses focuses on reactions to the Securities and Exchange Commission's ("SEC")Regulation Best Interest ("Reg BI") passing, what the meaning of fiduciary will be moving forward, and the latest in Financial Technology ("FinTech"). Check back each week for the latest list of top stories.

On June 5, 2019, the Securities and Exchange Commission ("SEC") finalized a new rule that includes a new requirement for SEC-registered investment adviser ("RIA") firms to provide a brief relationship summary to retail investors known as the Form CRS. As originally proposed, the new Form ADV Part 3 ("Form CRS") would have been a highly prescriptive four page document with eight sections. However, the new finalized Form CRS is a somewhat prescriptive two page document with five mandated sections:

1. Introduction
2. Relationship and Services
3. Fees, Costs, Conflicts, and Standard of Conduct
4. Disciplinary History
5. Additional Information

In general, the final version of the Form CRS highlights the SEC’s preference to apply the concept of “layered disclosure” which leans heavily on the increased use of hyperlinks and other cross-references to more detailed disclosure. 

RIA in a Box has been named a WealthManagement.com Industry Award finalist for the forth time, but for the first time in the Technology Provider / Cybersecurity category. Almost 500 nominations were received from over 260 companies in 2019, and 176 organizations were announced as finalists.

The WealthManagement.com Industry Awards recognizes the companies and organization that support and propel financial advisors' growth and success.

Each week we’re giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser ("RIA") compliance and regulatory issues. This week's recap focuses on the Securities and Exchange Commission ("SEC") passing their Regulation Best Interest ("Reg BI") proposal, Form CRS, and the SEC's and the North American Securities Administrators Association's ("NASAA") cybersecurity focus. Check back each week for the latest list of top stories.