On 1 February 2021, FINRA issued its 2021 Report on FINRA's Examination and Risk Monitoring Program ("FINRA Report") and a bit more than a month later, the SEC’s recently renamed Division of Examinations issued its own 2021 Examination Priorities ("Exam Priorities"). Each of these documents is quite long, with the FINRA report at 44 pages and the Exam Priorities document at 36 pages, and although there are some differences in focus and scope, we did find some common themes, which we have chosen to highlight in what we hope will be a helpful summary.

Closing The Gap Between Paper and Electronic Devices!

Advisor Armor is proud to release Applet Version 1.8 which provides customizable cybersecurity policy enforcement across unlimited endpoints including desktops, laptops, tablets, and mobile devices under a single user license. This novel software scans, notifies and reports policy conformance in real-time.

This month marks one year since unprecedented lockdown restrictions were first introduced throughout the world, as governments scrambled to try and slow the spread of COVID-19. As part of these measures, non-essential businesses were forced to close their physical premises and move to digital/remote working models in order to continue functioning. This precipitated a virtually overnight shift to remote working for a huge number of people and organizations.

The Securities and Exchange Commission’s Division of Examinations today announced its 2021 examination priorities. The Division publishes its examination priorities annually to provide insights into its risk-based approach, including the areas it believes present potential risks to investors and the integrity of the U.S. capital markets.

Once again cybersecurity is part of the top 6 initiatives though the definition is expanded by definition as Information Security and Operational Resiliency.

Advisor Armor software and service continue to provide interpretive guidance and evidence conformance to these expanded expectations. SEC comment highlights include:

For the next several weeks and months, the intense focus will be trained on determining the priorities of the Biden administration. We believe that at the Securities and Exchange Commission (“SEC”), the new administration will ramp up examinations and investigations of investment advisers, and specifically advisers to private funds.

SCOTTSDALE, ARIZONA FEBRUARY 16, 2021 – Advisor Armor is proud to release Applet Version 1.6.1 which provides customizable cybersecurity policy enforcement across unlimited endpoints including desktops, laptops, tablets, and mobile devices under a single user license. This novel software scans, notifies, and reports policy conformance in real-time.

The SEC’s Regulation S-P Rule 30 requires firms to have written policies and procedures that are reasonably designed to safeguard customer records and information. FINRA Rule 4370 (Business Continuity Plans and Emergency Contact Information) also applies to denials of service and other interruptions to members’ operations. In addition to firms’ compliance with SEC regulations, FINRA reminds firms that cybersecurity remains one of the principal operational risks facing broker-dealers, and expects firms to develop reasonably designed cybersecurity programs and controls that are consistent with their risk profile, business model and scale of operations.

The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial services sector doing business in New York, recently provided guidance to its regulated entities that the annually required Certificate of Compliance with the DFS Cybersecurity Regulations must be submitted no later than April 15, 2021.

As 2020 finally comes to a close, compliance officers face the unenviable job of performing their compliance program’s annual review under Advisers Act Rule 206(4)-7). An essential element of that review is updating the firm’s compliance policies and procedures to reflect relevant changes to regulations and regulatory guidance. Here’s a cheat sheet for Chief Compliance Officers summarizing the SEC’s big-ticket items from 2020.

The 2020 pandemic struck hard and fast, bringing with it much uncertainty and chaos. That chaos opened up new avenues for cybercriminals to strike, some taking advantage of vulnerabilities created by millions of remote employees who work on unsecured home devices.