CONTACT

RIA Compliance and Practice Management Blog

Nebraska Releases Registered Investment Adviser Cybersecurity Report

Posted by RIA in a Box

Feb 20, 2019 9:22:53 AM

Cybersecurity Report for RIA FirmsRecently, the Nebraska Department of Banking and Finance ("NDBF") released the results of its 2018 Cybersecurity Survey of Registered Investment Adviser ("RIA") firms registered with the state of Nebraska. The NDBF notes, "that Nebraska advisers were taking steps to address cybersecurity threats, but that firms also could improve their practices. The survey focused on several cybersecurity issues, including devices, Wi-Fi access, passwords and encryption, and anti-virus/anti-malware protections." While this report is focused on information security issues for state-registered firms in Nebraska, we believe the insights are highly relevant to all state and federally-registered investment advisory firms across the country. As RIA compliance consultants, we recommend that the Chief Compliance Officer ("CCO") of all investment advisory firms review Nebraska's cybersecurity report to determine if any information security-related compliance changes need to be implemented at their firm.
Read More

Topics: RIA Compliance, RIA Technology, RIA Operations

The 3 RIA Cybersecurity Elements: People, Technology, and Vendors

Posted by RIA in a Box

Feb 11, 2019 3:18:57 PM

RIA Cybersecurity TechnologySince 2015, the U.S. Securities and Exchange Commission ("SEC") Office of Compliance Inspections and Examinations ("OCIE") has specifically listed cybersecurity as a registered investment adviser ("RIA") annual examination priority. Most recently, the SEC once again highlighted cybersecurity as a regulatory examination priority for 2019. In particular, the SEC OCIE staff noted, "Specific to investment advisers, SEC OCIE will… continue to focus on, among other areas, governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response.” These six areas of focus for information security were first enumerated in a September 15, 2015 SEC RIA risk alert and have remain unchanged since.

Read More

Topics: RIA Compliance, RIA Technology, RIA Operations

Top Registered Investment Adviser Industry Conferences for Advisors to Attend in 2019

Posted by RIA in a Box

Jan 31, 2019 2:47:48 PM

Top 2019 Conference for RIA Chief Compliance Officers to AttendTo stay on top of the latest industry trends and education topics, advisors at registered investment adviser ("RIA") firms have many options to turn to online. You can read blogs, view webinars, and listen to podcasts just to name a few. So why should should an advisor spend the time and money to attend an industry conference? While it likely does not make sense to attend every industry event out there, finding the right conference for you to attend can have a meaningful impact on your firm and individual professional development! 

Read More

Topics: RIA Operations, RIA Technology

Make Cybersecurity Part of your RIA Firm's Annual Compliance Meeting

Posted by RIA in a Box

Jan 22, 2019 4:55:55 PM

RIA Firm Cyber Security Staff TrainingIn general, a registered investment adviser ("RIA") firm's policies and procedures manual should outline the process for the firm's Chief Compliance Officer ("CCO") to conduct a series of review activities including an annual compliance program review as mandated by Rule 206(4)-7 of the Investment Advisers Act of 1940. In addition, the CCO is generally tasked with training company staff on a variety of relevant regulatory topics that impact the firm and each individual at the firm. The annual compliance meeting can serve as the platform to address many compliance training responsibilities including cybersecurity which remains a top federal and state RIA regulatory compliance examination focus area.

Read More

Topics: RIA Compliance, RIA Operations, RIA Technology

How MyRIACompliance Software Integrates with Salesforce

Posted by RIA in a Box

Jan 17, 2019 8:25:31 AM

Salesforce RIA CRM complianceRegistered investment adviser ("RIA") firms utilizing our MyRIACompliance RIA compliance software platform benefit from our integration with Salesforce which is the leading customer relationship manager ("CRM) software provider to investment advisers. The integration allows a joint Salesforce and RIA in Box MyRIACompliance subscriber to view and complete tailored regulatory compliance tasks all within the Salesforce task and calendar system. MyRIACompliance helps to programmatically deliver firm-specific compliance tasks utilizing the firm’s Form ADV and other proprietary data directly into the Salesforce system. 

Read More

Topics: RIA Compliance, RIA Operations, RIA Technology

RIA Cybersecurity Focus: 3rd Party Vendor Management

Posted by RIA in a Box

Jan 8, 2019 8:33:14 AM

SEC RIA cybersecurity: third party vendor due diligence

Beginning in 2014, the Securities and Exchange Commission ("SEC") has issued a series of registered investment adviser ("RIA") risk alerts highlighting cybersecurity as a key compliance concern. In particular, on September 15, 2015, the SEC Office of Compliance Inspections and Examinations ("OCIE") issued a risk alert flagging vendor management as one of six critical cybersecurity focus areas. Subsequent SEC OCIE risk alerts and guidance have also continued to identify third party vendor management as a critical cybersecurity risk area. As more RIA firms migrate to cloud-based technology and vendors, proper vendor management and due diligence is becoming an even more important element of every investment advisory firm's cybersecurity compliance program. In today's world, investment advisers need to actively mitigate the risk of indirect information security breaches via a third party vendor that leads to the exposure of the RIA firm's nonpublic personal information ("NPI") or other sensitive information.

Read More

Topics: RIA Technology, RIA Operations

RIA in a Box's 10 Top RIA Practice Management Blog Posts of 2018

Posted by RIA in a Box

Jan 3, 2019 5:17:31 PM

Top 2018 RIA Practice Management Blog Posts

In 2018, we published over 110 blog posts on a variety of registered investment adviser ("RIA") practice management and regulatory compliance topics. We received over 165,000 visits to our blog in 2018 and a number of the most popular posts relate to practice management and regulatory topics ranging from technology adoption to cybersecurity. Over 1,700 RIA firms rely on us not only for regulatory compliance consulting support and software, but also for guidance on how to best grow and scale an advisory firm. 

Read More

Topics: RIA Operations, RIA Technology

How RIA Firms Can Train Staff to Detect a Phishing Email

Posted by RIA in a Box

Dec 12, 2018 11:36:18 AM

RIA firms email phishing attacksWith increased sophistication around phishing emails, it is more important than ever to make sure your staff is properly trained on how to identify a potential fraudulent phishing email. Even for advanced users, targeted phishing emails are becoming harder to detect. To start, it is important for registered investment adviser ("RIA") firms have a cybersecurity policy in place. However, not only should a proper policy be in place, but It is imperative firms are training all staff on how to identify a phishing email to protect sensitive internal information and client data.

Read More

Topics: RIA Technology, RIA Operations

How MyRIACompliance Software Integrates with Orion

Posted by RIA in a Box

Dec 6, 2018 2:13:45 PM

Orion RIA compliance softwareRegistered investment adviser ("RIA") firms utilizing our MyRIACompliance RIA compliance software platform benefit from our integration with Orion which is one of the leading portfolio management and reporting software providers according to our most recent industry study. The integration allows a joint Orion and RIA in Box MyRIACompliance client to automate compliance and registration requirements to help ensure consistent and accurate registration and Form ADV information is filed.

Read More

Topics: RIA Compliance, RIA Operations, RIA Technology

How MyRIACompliance Software Integrates with Morningstar Office Cloud

Posted by RIA in a Box

Nov 20, 2018 8:09:09 AM

RIA in a Box and Morningstar Office Software IntegrationRegistered investment adviser ("RIA") firms utilizing our MyRIACompliance RIA compliance software platform benefit from our integration with Morningstar Office which is the leading portfolio management and reporting software provider according to our most recent industry study. The integration allows a joint Morningstar and RIA in Box MyRIACompliance client to automate compliance and registration requirements to help ensure consistent and accurate registration and Form ADV information is filed.

Read More

Topics: RIA Compliance, RIA Operations, RIA Technology

RIA Compliance & Practice Management

Stay up to date on the latest RIA compliance, operations, and technology topics.

Hear from industry experts as they keep you up to date on the latest regulatory developments and practice management topics.

Subscribe to Email Updates

Recent Posts

POSTS BY TOPIC

cta-ria-compliance

cta-ria-operations

cta-ria-technology