On September 25, 2017, the SEC announced the creation of the Enforcement Division’s Cyber Unit and Retail Strategy Task Force. These new initiatives will support the SEC in identifying cyber-related misconduct and risks directly impacting retail investors, respectively.
The Cyber Unit will support the SEC in implementing an internal cybersecurity risk profile, coordinating information sharing, monitoring cybersecurity risks, and bolstering incident response efforts. This initiative will target a variety of cyber-related threats and misconduct, including:
- Market manipulation schemes involving the circulation of false information through electronic and social media;
- Hacking to obtain material nonpublic information;
- Intrusions into retail brokerage accounts;
- Fraudulent conduct performed through the dark web;
- Violations involving distributed ledger technology and initial coin offerings; and
- Cyber-related threats to critical market infrastructure.
The Retail Strategy Task Force is intended to develop proactive initiatives for the SEC that will identify fraudulent activity affecting retail investors. The initiatives will be based on the task force’s broad history of cases against fraud targeting retail investors and data analytics that can detect large-scale misconduct.
WHAT DOES THIS MEAN FOR ME?
The SEC’s creation of the Cyber Unit and Retail Strategy Task Force emphasizes the importance for advisers to implement a robust compliance program and sufficient policies and procedures addressing cybersecurity. These policies and procedures should incorporate the risks identified by the Cyber Unit and outline the response efforts that the adviser would perform if any of the risks were to occur. Advisers are also encouraged to obtain assistance from a third party cyber consultant. Please contact Fairview if you have any questions or concerns about the SEC’s new initiatives and how they might apply to your firm.