As reported in the May 2014 edition of Legal News: Investment Management Update, the SEC has made cybersecurity readiness a high-priority item to review when it conducts examinations of registered broker-dealers and investment advisers. Some of the state securities regulators have also placed this item high on their checklists for surveying state-registered investment advisers.
Regulators from Massachusetts and Illinois are conducting a survey of state-registered investment advisers (900 in Massachusetts and 1,000 in Illinois) to determine the status of each registrant’s technology security procedures and whether the procedures need to be updated or enhanced. The three-page survey sent out by the state regulators to the registrants incudes questions about each investment adviser’s authentication procedures, use of encryption, electronic back-ups and third party vendors, and insurance coverage. Once the survey responses are compiled, the regulators believe they will be in a position to determine if additional regulations need to be put in place to ensure that such registrants take adequate procedures to prevent and detect the security of confidential personal information of their clients.