News

SUBSCRIBE to our weekly e-mail (with live links) for just €5 per month
+++++++++++++++

ELEC Paper: Why EU Capital Markets Union has become a “must have” and how to get there -Feb 2024

My collected papers - 1989/1993: Market Discipline in EMU

Public Information

Expand

Graham Bishop Consultancy

Friends of GrahamBishop.com

Brussels 4 Breakfast

CPD / Education and Learning

Graham Bishop - Biography

Graham's Blogs

Graham's Media Activities

Graham's Speeches

Graham's Writing

Press Resources

Photographs

My `pro bono' work

How you can support this work

Why my `pro bono' work is relevant to markets

Technical Difficulties

Privacy Policy

Terms and Conditions

Tweets by @GrahamBishopcom

Follow @GrahamBishopcom

Article List:

EBA publishes a Disc...
BBC: US regulator mu...
Financial regulation...
Bloomberg: IMF sees ...
European Commission:...
OMFIF: Banking, fint...
ESMA issues sector-s...
>>Hedgeweek: Cybersecu...
Bloomberg: Business...
G20 leaders´ declara...
ECB contribution to ...
European Council: St...
EFRAG requests evide...
FSB reports to G20 L...
EBA publishes report...

Home>Policy impacting Finance

Print Page Save to My Library <Next Article Previous Article>

12 July 2017

Hedgeweek: Cybersecurity challenges for investment managers

The Cybersecurity phenomenon has completely changed the game in both the investment management industry and the broader financial services sector.

Attacks on fund managers, investment advisers and other fiduciaries ("Fund Managers") are increasing in frequency, sophistication and severity. And both the regulators and the investor community have been paying close attention. To responsibly manage Cybersecurity risk, Fund Managers need to, at minimum:

understand certain existing legal obligations and an evolving regulatory focus;

comprehend fundamental IT and technology principles;

monitor evolving threats, technologies and attack protocols;

appreciate its data use and information work flows; and

simultaneously manage its employees' training needs, its vendor controls and its investors' expectations. Align Cybersecurity" solves all of these challenges.

As it stands today, Cybersecurity law consists of a crazy quilt of federal, state and international laws and statutes, which are further complicated by additional industry-specific rules and best practices, together creating a body of jurisprudence that is disjointed and convoluted. Similarly, since early 2014, we've seen regulatory initiatives demonstrating that Cybersecurity is squarely in the crosshairs of investment management regulatory bodies, including the SEC. Examples include the SEC's recent "Cybersecurity Sweeps," its triaging Cybersecurity as a top regulatory priority for the last four years running and its recent enforcement actions activities, which have induced at least one seven-figure settlement.

And yet the elements of constructing a model Cybersecurity Program remains unclear, leaving Fund Managers struggling to understand their legal, compliance and fiduciary obligations.

"Clearly, ‘Cybersecurity Preparedness' is viewed by the regulators as both a core control and a minimum standard, yet one which they refuse to define," says John Araneo, managing director, Align Cybersecurity, and general counsel of Align. "The guidance provided to date has been largely principals-based, failing to provide a clear construct on precisely how to design an unimpeachable Cybersecurity Program. Unfortunately, in the absence of any bright line rules or black letter law espousing the required elements of a sound Cybersecurity Program, Fund Managers have been left scratching their heads on how to comply."

Full news

© Hedgeweek

< Next Previous >

Key
Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information

Comments:

No Comments for this Article

Add new comment

Show name and company details

Follow Us

News

Public Information

Article List:

12 July 2017

Hedgeweek: Cybersecurity challenges for investment managers

© Hedgeweek

Key

Comments: