INTRODUCTION This document presents OCIE’s 2018 examination priorities.1 In general, the priorities reflect certain practices, products, and services that OCIE believes may present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.
Our 2018 priorities are organized around five themes:
1. Matters of importance to retail investors, including seniors and those saving for retirement;
2. Compliance and risks in critical market infrastructure;
3. Financial Industry Regulatory Authority (FINRA) and Municipal Securities Rulemaking Board (MSRB);
4. Cybersecurity; and
5. Anti-Money laundering programs.
CYBERSECURITY: Cybersecurity protection is critical to the operation of our markets. The scope and severity of risks that cyber threats present have increased dramatically. The impact of a successful cyber attack may have consequences that extend beyond the firm compromised to other market participants and retail investors, who may not be well informed of these risks and consequences. We are focused on working with firms to identify and manage cybersecurity risks and to encourage market participants to actively and effectively engage in this effort. We will continue to prioritize cybersecurity in each of our examination programs. Our examinations have and will continue to focus on, among other things, governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response. MORE