Corporate & Financial Weekly Digest

Corporate & Financial Weekly Digest

Tag Archives: cybersecurity

FINRA Issues Warning on Imposter Website Threat

Posted in Broker-Dealer
The Financial Industry Regulatory Authority (FINRA) has issued a notice warning member firms that there appears to be an increase in imposter websites designed to mimic firms’ actual websites. FINRA suggests that member firms take proactive steps to monitor for imposter websites, including registering URL name variations and using monitoring services to watch for imposter… Continue Reading

NFA Reminds Members of Effective Date for Amendments to Information Systems Security Program Requirements

Posted in CFTC
On March 1, the National Futures Association (NFA) published Notice I-19-07 (Notice), alerting Members that April 1 will be the effective date for amendments to NFA’s Interpretive Notice entitled NFA Compliance Rules 2-9, 2-36 and 2-49: Information Systems Security Programs (Interpretive Notice). (For a discussion of such amendments, please refer to the January 11, 2019… Continue Reading

FINRA Issues Information Notice Regarding Suspicious Email Sent to Member Firms

Posted in Broker-Dealer
On February 13, the Financial Industry Regulatory Authority (FINRA) published an information notice alerting member firms about a suspicious email received by compliance personnel at a number of member firms. The email, sent by a purported BSA-AML compliance officer at a credit union, describes an attempted transfer of money from a firm client that the… Continue Reading

FINRA Releases 2019 Annual Risk Monitoring and Examination Priorities Letter

Posted in Broker-Dealer, Digital Assets and Virtual Currencies
On January 22, the Financial Industry Regulatory Authority (FINRA) issued its annual Risk Monitoring and Examination Priorities Letter. This year’s letter includes a number of new areas for firms to consider in seeking to improve their compliance, supervisory and risk management programs.… Continue Reading

FSB Publishes Final Version of Cyber Lexicon

Posted in Digital Assets and Virtual Currencies
On November 12, the Financial Stability Board (FSB) published the final version of its cyber lexicon and an accompanying press release. The FSB’s cyber lexicon is a set of approximately 50 core terms related to cybersecurity and cyber resilience in the financial sector, but is not intended to be a comprehensive lexicon of all cybersecurity… Continue Reading

CFTC Announces Technology Advisory Committee Meeting

Posted in CFTC, Digital Assets and Virtual Currencies
The Commodity Futures Trading Commission (CFTC) has announced that its Technology Advisory Committee (TAC) will hold a meeting on Friday, October 5. The meeting will be held in the Conference Center at the CFTC’s Washington, DC headquarters from 10:00 am – 3:30 pm ET. Representatives of several TAC subcommittees, including the Automated and Modern Trading… Continue Reading

CFTC Issues Customer Advisory on Digital Coins and Tokens

Posted in CFTC, Digital Assets and Virtual Currencies
The Commodity Futures Trading Commission has issued an advisory warning customers of the dangers of purchasing digital coins or tokens. Among other things, the advisory warns customers that buying digital coins or tokens for speculative purposes carries significant risk and identifies various factors that could affect the current or longer-term value of a digital coin… Continue Reading

SEC Announces Examination Priorities for 2018

Posted in Broker-Dealer, SEC/Corporate
The Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission has announced its examination priorities for 2018. This year, the OCIE’s examination priorities fall within the following categories: examining compliance and risks in critical market infrastructures; protecting retail investors, including seniors and those saving for retirement; continuing oversight over the Financial… Continue Reading

FCA and ICO Publish Joint Update on GDPR

Posted in Financial Markets, UK Developments
On February 8, the UK Financial Conduct Authority (FCA) and the UK Information Commissioner’s Office (ICO) published a joint statement on the EU General Data Protection Regulation (GDPR). GDPR will go into effect in the UK on May 25. The GDPR is designed to strengthen the rules governing data protection across the European Union and… Continue Reading

FINRA Releases 2018 Regulatory and Examination Priority Letter

Posted in Broker-Dealer
On January 8, the Financial Industry Regulatory Authority (FINRA) released its annual Regulatory and Examination Priority Letter detailing various issues that will be the subject of particular regulatory focus and scrutiny this year. Many of the areas noted are carry-overs from previous years, including the protection of senior investors and other retail customers, new product… Continue Reading

FINRA Releases Report on FINRA Examination Findings

Posted in Broker-Dealer
On December 6, the Financial Industry Regulatory Authority (FINRA) released a summary of findings from its examinations of broker-dealers (Summary Report). As part of FINRA’s mission of investor protection and market integrity, FINRA conducts regular examinations of its broker-dealer members, with each broker-dealer being examined at least once every four years. FINRA prepares a report—which… Continue Reading

HM Treasury Publishes Renewed Investment Management Strategy

Posted in Financial Markets, UK Developments
On December 6, Her Majesty’s Treasury published a report setting out the UK government’s renewed long-term investment management strategy. This follows the announcement by the UK Chancellor of the Exchequer, Philip Hammond, in his Autumn 2017 Budget on November 22, that the government would be publishing its new strategy to “ensure that the UK asset… Continue Reading

CFTC Issues Primer on Cryptocurrencies

Posted in CFTC
The Commodity Futures Trading Commission’s LabCFTC has issued a primer on cryptocurrencies and distributed ledger technology. The primer is the first in a series that is intended to provide the public with educational information on financial technology innovation. In the primer, LabCFTC highlights various risks inherent in cryptocurrencies, including operational risks, cybersecurity risks, speculative risks… Continue Reading

SEC Issues Risk Alert on Observations From Cybersecurity Examinations

Posted in Investment Companies and Investment Advisers
On August 7, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert summarizing observations of its second round of cybersecurity focused examinations (Cybersecurity 2 Initiative) to assess financial services firms’ practices and legal and compliance issues related to cybersecurity preparedness. The Cybersecurity 2 Initiative is built upon OCIE’s… Continue Reading

FCA Publishes Statement on National Cyber Attack and Webpage on Cyber Resilience

Posted in Financial Markets, UK Developments
On May 13, the day after the start of the widespread “WannaCry” ransomware cyber-attack, the UK Financial Conduct Authority (FCA) published a statement on the cyber-attack. The statement advised firms to review guidance issued by the National Cyber Security Centre. If firms were affected by the attack, it advised them to contact Action Fraud and… Continue Reading

SEC Issues Risk Alert in Response to WannaCry Ransomware Attack

Posted in Broker-Dealer, Investment Advisers, Investment Companies and Investment Advisers
On May 17, the Securities and Exchange Commission Office of Compliance Inspections and Examinations (OCIE), issued a Risk Alert in response to the widespread ransomware attack known as WannaCry, WCry, or Wanna Decryptor that started on May 12. The attack infected computers and servers of various organizations in more than 100 countries. The Risk Alert… Continue Reading

CFTC Finalizes System Safeguards Testing Requirements

Posted in CFTC, Derivatives, Dodd-Frank Developments
On September 8, the Commodity Futures Trading Commission approved amendments to its rules relating to system safeguards for derivatives clearing organizations, designated contract markets, swap execution facilities and swap data repositories (collectively, registered entities). The rules clarify existing obligations and enhance cybersecurity testing requirements.… Continue Reading

EU Cybersecurity Directive published in the Official Journal of the EU

Posted in EU Developments, Financial Markets
On July 19, the final text of an EU directive concerning measures for a high common level of security of network and information systems within the European Union (EU) (referred to as the Cybersecurity Directive) was published in the Official Journal of the EU. As noted in our previous Corporate & Financial Weekly Digest edition… Continue Reading

Cybersecurity Directive Adopted by the EU Council

Posted in EU Developments
On May 17, the Council of the EU (Council) announced it had formally adopted the new EU Directive concerning measures for a high common level of security for network and information systems (Cybersecurity Directive). The Cybersecurity Directive establishes EU-wide security and incident notification requirements for operators of essential services (such as banking and financial market… Continue Reading

NFA Issues Notice Regarding Cybersecurity Self-Examination Questionnaire

Posted in CFTC, Derivatives, Dodd-Frank Developments
On February 29, National Futures Association (NFA) issued Interpretive Notice I-16-10, which notifies member firms about the addition of a cybersecurity section to NFA’s Self-Examination Questionnaire. This section is designed to help assist member firms in complying with NFA’s Interpretive Notice to NFA Compliance Rules 2-9, 2-36 and 2-49 entitled Information Systems Security Programs (Notice).… Continue Reading

FDIC Releases Paper on Cybersecurity

Posted in Banking
On February 1, the Federal Deposit Insurance Corporation (FDIC) published “A Framework for Cybersecurity,” an article that appears in the Winter 2015 issue of Supervisory Insights. The article discusses the cyber threat landscape and how financial institutions’ information security programs can be enhanced to address evolving cybersecurity risks. The article also provides an overview of actions… Continue Reading