Publicly Available Information Heightens Need for Cybersecurity Vigilance

For any business, “ports” that allow for communication generally need to be open (for example, ports 80 and 443 for websites, and port 500 for VPN access). While most of these ports allow you to engage in critical functions, there are often ports that remain open despite being unneeded or unused. These available ports present … Continued

SEC Discloses Cybersecurity Breach That May Have Led to Insider Trading

The determination of hackers to exploit existing cybersecurity vulnerabilities of government agencies and businesses shot to the forefront again last Wednesday, when SEC Chair Jay Clayton revealed that the commission’s EDGAR database had been hacked in 2016 through a software vulnerability in the test filing component of the system. According to Clayton, the breach was … Continued

SEC Cyber Sweep Highlights Areas In Need of Improvement

The results of the SEC’s second cybersecurity sweep examinations are in, and they paint a picture of an industry that has come to grips with the need to address cybersecurity risk, but where the canvas is incomplete in many respects.

Colorado Joins New York in Mandating Cybersecurity Controls for Financial Institutions

On the heels of the recently adopted New York State Department of Financial Services Cybersecurity Regulation (23 NYCRR 500), Colorado has followed suit with its own set of protections. The Colorado Division of Securities has issued cybersecurity regulations applicable to broker dealers and investment advisers registered with the state, which are codified in Sections 51-4.8 … Continued

New York DFS Cybersecurity Rules Take Effect March 1

New York's 23 NYCRR 500 Cybersecurity rule goes into effect on March 1, 2017 requiring banks and other financial services companies to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of the state's financial services industry.

Latest Content

Cyber Crimes – Don’t Forget to File that SAR!

  Stopping, or even slowing, the proliferation of cyber-event related criminal activities remains a chief goal in the broker-dealer and investment advisory communities. As pointed out in a 2016 advisory released by the Financial Crimes Enforcement Network (“FinCen”), “Cyber-events targeting financial institutions often constitute criminal activity and can serve as means to commit a wide range of … Continued

DOL Rule Extension to Overlap with SEC Consideration of Fiduciary Standards

Following the Department of Labor’s November 27, 2017 announcement of an 18-month extension to the existing Fiduciary Rule transition period, the industry will enter a period of further study for proper standards for disclosure or elimination of conflicted compensation arrangements. That’s a mouthful right there. The Obama administration’s March 31, 2017 implementation of various new prohibited … Continued

Schedule 13D/13F Clarity on ETF Issues

Do I need to file a 13D or 13G if my client accounts hold in excess of 5% of an ETF? Generally, no. The SEC has granted no-action relief to ETFs with respect to compliance with Section 13(d) of the Securities Exchange Act. Section 13(d) was designed to require disclosure when holders begin to accumulate … Continued

New Remedy Coming for SEC’s Custody Rule?

The SEC’s Custody Rule continues to be a common source of confusion and a landmine for noncompliance. Custodial paperwork has caused huge headaches for investment advisers, who are not a party to the agreement and may not even have a copy of the custodial new account paperwork. The issue with existing guidance is that it … Continued

SEC Issues MiFID II No-Action Relief

Some industry anxiety was assuaged on October 26 with three no-action letters that offer relief for some US regulated broker-dealers and investment advisers regarding European MiFID II regulations. The letters followed consultation with the European authorities, and are designed to address concerns that investors could lose access to valuable research. MiFID II is a series of regulations … Continued

Mailing List

Subscribe to the Ascendant Compliance email list for the latest compliance resources, conferences, ComplianceCasts™, and more.

Loading form...

Contact Us

Ascendant works together with clients to identify and assess critical needs through customized plans. If you need assistance with compliance functions, regulatory services, cybersecurity or technology tools, we’d love to speak with you.