Each week, we are giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser (“RIA”) compliance and regulatory issues. This week’s recap focuses on the possibility of Russian cyberattacks, the Securities and Exchange Commission’s (“SEC”) continued focus on cybersecurity, and the SEC’s recent proposal regarding private equity firms.
Here are our top investment adviser compliance articles for the week of February 25th, 2022:
1. US Warns of Potential Russian Cyberattacks on Wealth Managers (Author –Sean Allocca, Investment News)
As the situation in Ukraine escalates, the Department of Homeland Security (“DHS”), the Securities and Exchange Commission (“SEC”), and other organizations across our industry have issued concerns regarding potential cyberattacks and actions steps to take to mitigate risk. At this time, there are no specific threats that have been made but the DHS recommends that “all organizations – regardless of size – adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.” Be sure to check the DHS’s Cybersecurity & Infrastructure Security Agency webpage titled “Shields Up” for resources and update to date information.
2. Cybersecurity ‘Keeps Me Up at Night’: SEC’s Crenshaw (Author –Melanie Waddell, Think Advisor)
Earlier this week at the Investment Adviser Association’s (“IAA”) Compliance Conference, Karen Barr, IAA president and CEO, spoke with Securities and Exchange Commission (“SEC”) Commissioner Caroline Crenshaw about rule proposals and her concerns for the future. Crenshaw almost solely focused on cybersecurity, stating that the risk of cyber incidents are “different, greater, more serious in my view, now than they’ve ever been.” Barr questioned Crenshaw on recent proposals, including the new Form ADV-C, which would require advisors to report on significant cybersecurity incidents to the SEC. Crenshaw explains that this proposal is meant to really drive home the importance of cybersecurity issues and to ensure that investors “receive timely and meaningful disclosures about cyber incidents.” The full articles continues the conversation on cyber and the SEC’s private fund and Form PF proposals.
3. SEC’s Crenshaw Assures Advisers Agency Doesn’t Seek to Punish Cyberattack Victims (Author – Mark Schoeff Jr., Investment News)
Last month, the SEC proposed the first cybersecurity rule for RIAs. Advisors would have to develop written policies and procedures that address cyber risks, report attacks to the agency and disclose major cyberbreaches on their Form ADVs, as well as keep related books and records. The SEC wants to strengthen cybersecurity protections rather than follow up with enforcement after a cyberattack. In a Q&A with SEC Commissioner Caroline Crenshaw, Investment Adviser Association (“IAA”) Chief Executive Karen Barr said advisors see themselves as victims of hacks. Crenshaw responded with “Our goal certainly is not to be adversarial with any registrant, plain and simple” and “Our goal is not to not to punish the victim.” Advisory firms that follow best practices, provide timely disclosure, and cooperate with law enforcement are unlikely to draw an enforcement action just because they were a victim of a cyberattack.
4. FSI Wants Independent Advisors Exempted From PRO Act (Author – Tracey Longo, Financial Advisor)
The Financial Services Institute (“FSI”) is calling on lawmakers to exempt independent advisors from a pro-union bill, the Protecting the Right to Organize Act. The bill is currently sitting in the Senate after being approved by the House last February. While aimed at making it easier to create unions, the bill would also make it difficult for advisors to operate as independent contractors. The bill currently would make independent advisors employees of their broker-dealers. Dale Brown, FSI President, said in a statement that advisors who choose to run independent businesses should receive a carve out from the PRO Act or the bill would have the unintended effect of harming independent advisors and the customers they serve. They “hire their own staff, pay their own taxes, develop their own books of business and rely on their business’ success.” The National Association of Insurance and Financial Advisors (“NAIFA”) and the Securities Industry and Financial Markets Association (“SIFMA”) are also lobbying for a carve out for financial advisors in the PRO act.
5. More Intense SEC Scrutiny of Private Equity Not Likely to Dull Appetite for RIA Acquisition (Author – Mark Schoeff Jr., Investment News)
In this article, Mark Schoeff Jr. discusses the SEC released proposal that would give the SEC and investors more information about private funds while placing more regulatory requirements on some of their practices. The increased oversight would mostly likely give private equity a regulatory jolt but isn’t likely to slow acquisitions among RIAs. The proposal would change liability standards for private equity funds, which could result in a change in the way funds make deals but not necessarily result in a slowing of the deals, said Leonora Shalet, a partner at Morrison & Foerster. The SEC issued private equity risk alerts in June 2020 and in January 2022. The momentum appears to be with significantly tougher oversight of private equity. The proposal will be open for public comment for 30 days after publication in the Federal Register or until April 11, whichever is later. The SEC will review the comments to assess whether the proposal manages investor-protection risks posed by private equity while remaining cost-effective. The article contains additional insight from experts regarding regulatory costs and private equity growth.
Don’t forget to check out last week’s top RIA compliance news articles that focus on the Securities and Exchange Commission Marketing Rule, the possible expansion of the Department of Labor Fiduciary Rule, and the importance of operational due diligence.