Featured Product

    SEC Publishes Observations on Cybersecurity and Resiliency Practices

    January 27, 2020

    The SEC Office of Compliance Inspections and Examinations (OCIE) issued examination observations related to cyber-security and operational resiliency practices of market participants. The observations highlight approaches of market participants in the areas of governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resilience, vendor management, and training and awareness. The observations cover specific examples of cyber-security and operational resiliency practices and controls that organizations have taken to potentially safeguard against threats and respond in the event of an incident.

    While the effectiveness of any given cyber-security program is fact-specific, it has been observed that a key element of effective program is the incorporation of a governance and risk management program that generally includes, among other things:

    • Developing and conducting a risk assessment process to identify, manage, and mitigate cyber risks relevant to the organization’s business. This includes considering the organization’s business model, as part of defining a risk assessment methodology, and working to identify and prioritize potential vulnerabilities.
    • Adopting and implementing comprehensive written policies and procedures addressing the identified risks.
    • Establishing comprehensive testing and monitoring to validate the effectiveness of cyber-security policies and procedures on a regular and frequent basis. Testing and monitoring can be informed based on cyber threat intelligence.
    • Responding promptly to testing and monitoring results by updating policies and procedures to address any gaps or weaknesses and involving board and senior leadership appropriately.

    OCIE conducts examinations of SEC-registered investment advisers, investment companies, broker-dealers, self-regulatory organizations, clearing agencies, transfer agents, and others. It uses a risk-based approach to examinations to fulfill its mission to promote compliance with U.S. securities laws, prevent fraud, monitor risk, and inform SEC policy.

     

    Related Links

    Keywords: Americas, US, Securities, Operational Resilience, Governance, Data, Cyber Risk, SEC

    Featured Experts
    Related Articles
    News

    ISSB Sustainability Standards Expected to Become Global Baseline

    The finalization of the two sustainability disclosure standards—IFRS S1 and IFRS S2—is expected to be a significant step forward in the harmonization of sustainability disclosures worldwide.

    September 18, 2023 WebPage Regulatory News
    News

    IOSCO, BIS, and FSB to Intensify Focus on Decentralized Finance

    Decentralized finance (DeFi) is expected to increase in prominence, finding traction in use cases such as lending, trading, and investing, without the intermediation of traditional financial institutions.

    September 18, 2023 WebPage Regulatory News
    News

    BCBS Assesses NSFR and Large Exposures Rules in US

    The Basel Committee on Banking Supervision (BCBS) published reports that assessed the overall implementation of the net stable funding ratio (NSFR) and the large exposures rules in the U.S.

    September 14, 2023 WebPage Regulatory News
    News

    Global Agencies Focus on ESG Data, Climate Litigation and Nature Risks

    At the global level, supervisory efforts are increasingly focused on addressing climate risks via better quality data and innovative use of technologies such as generative artificial intelligence (AI) and blockchain.

    September 14, 2023 WebPage Regulatory News
    News

    ISSB Standards Shine Spotlight on Comparability of ESG Disclosures

    The finalization of the IFRS sustainability disclosure standards in late June 2023 has brought to the forefront the themes of the harmonization of sustainability disclosures

    August 22, 2023 WebPage Regulatory News
    News

    EBA Issues Several Regulatory and Reporting Updates for Banks

    The European Banking Authority (EBA) recently issued several regulatory publications impacting the banking sector.

    August 10, 2023 WebPage Regulatory News
    News

    BCBS Proposes to Revise Core Principles for Banking Supervision

    The Basel Committee on Banking Supervision (BCBS) launched a consultation on revisions to the core principles for effective banking supervision, with the comment period ending on October 06, 2023.

    August 04, 2023 WebPage Regulatory News
    News

    US Proposes Final Basel Rules, Transition Period to Start in July 2025

    The U.S. banking agencies (FDIC, FED, and OCC) recently proposed rules implementing the final Basel III reforms, also known as the Basel III Endgame.

    August 04, 2023 WebPage Regulatory News
    News

    FSB Report Outlines Next Steps for Climate Risk Roadmap

    The Financial Stability Board (FSB) recently published the second annual progress report on the July 2021 roadmap to address climate-related financial risks.

    August 04, 2023 WebPage Regulatory News
    News

    EBA Plans on Ad-hoc ESG Data Collection and Climate Scenario Exercise

    The recognition of climate change as a systemic risk to the global economy has further intensified regulatory and supervisory focus on monitoring of the environmental, social, and governance (ESG) risks.

    July 31, 2023 WebPage Regulatory News
    RESULTS 1 - 10 OF 8931