On June 29, the Commodity Futures Trading Commission’s (CFTC) Technology Advisory Committee (TAC) announced that it will hold a public meeting on July 16. At this meeting, the TAC will hear presentations from the TAC subcommittees on Automated and Modern Trading Markets, Distributed Ledger Technology and Market Infrastructure, Virtual Currencies and Cybersecurity.

The meeting will

On May 13, National Futures Association (NFA) issued a Notice to Members addressing the recent increase in fraudulent phishing emails, including emails purporting to be from financial institutions or their employees. These urgent emails often include an infected attachment or link, a request for confidential information, or a link to a fraudulent website. With any email, NFA cautions members to verify the sender before responding and to ensure the validity of links or attachments before clicking on them.
Continue Reading NFA Issues Warning Regarding Phishing Emails

On February 4, the UK’s Joint Money Laundering Steering Group (JMLSG) announced proposed amendments to its anti-money laundering (AML) and counter-terrorist financing (CTF) guidance (the Guidance). The JMLSG is a UK-focused group of trade bodies which produces AML and CTF guidance to assist the financial services industry.
Continue Reading AML: JMLSG Proposes Amended Guidance

On January 27, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission issued a statement summarizing its observations of cybersecurity and operational resiliency practices of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants (the Observations). In its introduction to the Observations, the OCIE staff notes that cybersecurity is a key priority for OCIE. Therefore, although the OCIE staff acknowledges that there is not a “one-size fits all” approach to addressing cybersecurity, it recommends that SEC registrants assess their cybersecurity practices in light of the Observations.
Continue Reading OCIE Provides Observations on Cybersecurity and Operational Resiliency Best Practices

On January 28, the Commodity Futures Trading Commission (CFTC) announced that it will adopt the National Institute of Standards and Technology (NIST) Privacy Framework for data privacy protection. The NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders (e.g., service providers, customers, partners) intended to help organizations identify and manage privacy risk

On October 16, the Financial Industry Regulatory Authority (FINRA) published its 2019 Report on Examination Findings and Observations (Report). Unlike previous years, the Report delineates between examination “findings” and examination “observations.” “Findings” describe violations of a rule or regulation, whereas “observations” refer to suggestions regarding how firms can improve controls and mitigate risk. The annual Report summarizes various findings and observations from recent examinations of its member firms on a range of topics, including the following:
Continue Reading FINRA Issues 2019 Report on Examination Findings and Observations

The Financial Industry Regulatory Authority (FINRA) has issued a notice warning member firms that there appears to be an increase in imposter websites designed to mimic firms’ actual websites.

FINRA suggests that member firms take proactive steps to monitor for imposter websites, including registering URL name variations and using monitoring services to watch for imposter