Atoms/Icons/search

US Cyber Solutions

Our aim is to assist asset managers and the public and private sector to assess information security threats, identify weaknesses and implement a sustainable program of information security improvements.

Learn more
Compliance Advisory

Steering firms through the complexities of financial services regulation.

Compliance Advisory

Our expert APAC compliance advisors deliver effective solutions to manage regulatory risks across a wide range of areas.

SEC proposes cyber security risk management rules and amendments for registered investment advisers and funds - Waystone
Cyber & Data Protection Updates

SEC proposes cyber security risk management rules and amendments for registered investment advisers and funds

February 10, 2022
On February 9th, the SEC voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies in a clear signal that firms who are not prepared to address cybersecurity risks will need to take action.

Among the proposed rules:

  1. investment advisers would be required to implement written cyber security policies and procedures designed to address cyber security risks that could harm advisory clients and fund investors
  2. investment advisers must maintain, make and retain documentation, pursuant to cyber security-related books and records
  3. investment advisers must publicly disclose cyber security risks and significant cyber security incidents that occurred in the last two fiscal years in their Form ADV and registration statements for Funds
  4. the rules would also require advisers to report significant cyber security incidents to the Commission on a new confidential form.

The proposal includes new rule 206(4)-9 under the Advisers Act and new rule 38a-2 under the Investment Company Act (collectively, the “proposed cybersecurity risk management rules”).

How can Waystone help?

Cyber security is becoming an increasing focal point for all global regulators and in response, we have established a dedicated cyber security solution.

Cyber Security Officer

Waystone will provide a Cyber Officer to investment advisors and fund boards, who will offer a plain language interpretation and opinion on the current practices of investment advisors and service providers, including:

  • governance
  • identification and protection
  • response and recovery
  • provide an ongoing assessment
  • provide guidance on upcoming cyber-related regulatory requirements
  • provide cyber training.

Cyber security compliance

Waystone will provide:

  • cyber security policy development and review
  • assistance with Form ADV and brochure disclosures.

Security testing and remediation

We are acknowledged by our clients for our technical expertise as well as our guidance and assurance from an information security perspective.

This includes:

  • penetration testing
  • continuous vulnerability assessments
  • source code reviews
  • static application security testing (SAST)
  • open web application security project (OWASP) compliance assessment
  • firewalls and network perimeter reviews
  • policy standards and procedures development
  • incident response support.

 

Contact Us

Read the SEC Press release in full

Read more about our Cyber Security Solutions

Previous post 
Share

More like this

Cyber & Data Protection Updates

Securing sensitive employee data – recommended HR policies and procedures

The onboarding and offboarding of employees is not a subject that we often think about in terms of information security.…
September 22, 2022
Read more
Atoms/Icons/search
image/svg+xml Atoms / Icons / plusCollapse