“Ginormous” FINRA fines for 2016 to set record

FINRA, the enforcement and arbitration agency that regulates broker/dealer firms and exchange markets, reported this year will be a record year for fines. It reported over $79 million in fines had been levied for the first half of 2016. Projections for the entire year could total $160 million in fines – representing a nearly 20% increase from record-setting year 2014.

As part of the books and records requirements, broker/dealers are required to store their firm Websites and firm information to WORM or non-erasable storage to multiple, secure, and geographically diverse data centers.

Is your Website being stored to WORM?

Press release from Sutherland: http://www.sutherland.com/NewsCommentary/Press-Releases/193640/FINRAs-Projected-2016-Fines-Ginormous-Fines-May-Propel-2016-toRecord-Setting-Year

 

Posted in Uncategorized | Leave a comment

Should fund firms using cloud storage for archiving be concerned?

Financial firms using cloud storage to archive firm Websites, emails and social media may be opening up their company to unnecessary risks and should absolutely be concerned.

Here’s why.

Last Friday 7amEST, hackers released a DDoS (distributed denial-of-service), taking offline popular Websites such as Amazon, Twitter, Tumblr, Soundcloud.

While cloud storage has been rising in popularity over the years, firms that use Amazon and other cloud providers for archiving their Websites and other important information subject to government regulations may just find their archives unaccessible and open to further attacks and outages.

Do you know if your Websites and other information subject to books and records requirements are being stored in the cloud?

If so, you may want to rethink your archiving storage strategy and use a provider that uses actual secure data centers for archiving storage.

 

Sources:

http://www.techtimes.com/articles/183218/20161021/cyber-attack-takes-down-netflix-twitter-spotify-more-east-coast.htm

http://www.al.com/news/index.ssf/2016/10/massive_ddos_cyber_attack_down.html

 

 

Posted in Uncategorized | Leave a comment

SEC proposed rule would require RIAs to have written BCP and transition plans

Last summer the Securities and Exchange Commission (SEC) proposed a new rule under 206(4)4, that would require RIAs to adopt and implement written business continuity and transition plans.

While many firms may already have BCP plans in place, these plans may not include some of the new provisions such as the firm’s transition plans and other risks related to potential significant disruptions in the firm’s business and operations.

Financial firms would be prudent to revise their BCP to include these provisions and place it on their firm Websites.  Since firms are already required to archive their Websites to an immutable WORM (write-once-read-many), non-erasable format, this would ensure that all the information on their Websites (including BCP and transition plans) meet all regulatory requirements.

 

Posted in Uncategorized | Leave a comment

SEC amends books and recordkeeping rule

The SEC is making amendments to the Advisors Act book and recordkeeping rule in an effort to improve the agencies monitoring and regulation of the financial industry.

The amendments will require financial advisors to keep additional records of communications for all performance related information, regardless of the number of intended targets it plans to reach.

It would be prudent for firms to keep a secure record of all communications to a WORM, non-erasable file format that is readily available.

Source: https://www.sec.gov/rules/final/2016/ia-4509.pdf

 

Posted in Uncategorized | Leave a comment

What keeps financial firm compliance officers up at night?

Cybersecurity/Information security.

In a recent survey, protecting their firm’s information rated highest, with 88% of respondents citing cybersecurity and information security as their highest concern.

Other areas included Advertising/Marketing, Anti-MoneyLaudering.

Interestingly, nearly 40% of respondents stated that their firm prohibits reps from using social media to promote their business.

Using your Website and social media are great ways to promote your uniqueness – how you’re different and why investors should trust you.  It allows you to show how you’ve helped other investors manage through the financial maze and craziness that we’ve seen in the markets.

Over 700 compliance officers participated in the 2016 Investment Management Compliance Testing Survey.

Source:  2016 Investment Management Compliance Testing Survey

Posted in Uncategorized | Leave a comment

Survey reports continued trend toward outsourcing compliance functions

The 2016 Thomson Reuters survey details its findings on the compliance costs and upcoming challenges financial firms face dealing with an ever increasing compliance focused environment. The results come from more than 300 global financial firms. The survey builds on results over the last seven years.

Findings indicate a trend toward outsourcing of compliance functions, with a quarter of firms now outsourcing parts of compliance functions.

The survey cites a lack of in-house skills and resources available as reasons.

We foresee this trend continuing as compliance costs rise and compliance officers continue to be asked to do more without adequate increases in staffing.

Source:

https://risk.thomsonreuters.com/sites/default/files/Cost-of-Compliance_2016_0.pdf

 

 

Posted in Uncategorized | Leave a comment

SEC continues intense focus on Financial Firms’Cybersecurity Policies

Have you checked your firm’s cybersecurity policies and procedures lately?  If not it could cost your firm big time.

The SEC brought actions against a St. Louis based investment firm for cybersecurity breaches. The SEC alleges that the firm failed to develop adequate cybersecurity policies and procedures. The investment firm also improperly stored customer data, potentially compromising customer sensitive information and data.  The firm agreed to be censured and pay a $75,000 penalty.

The SEC has outlined 3 broad categories of cybersecurity protections that financial firms must implement:

  1. Conduct frequent cybersecurity risk assessments regarding firm practices related to proper security practices
  2. Create cybersecurity strategies that prevent and detect cybersecurity and policies to respond to potential security threats
  3. Conduct on-going cybersecurity training and reinforce procedures with staff

sources:

https://www.sec.gov/news/pressrelease/2015-202.html

Posted in Uncategorized | Leave a comment

A Financial Firm’s Guide To Website Archiving Terms

Financial advisors, compliance officers, marketing and technology officers – anyone involved in your financial firm’s Website – must understand the importance of adhering to stringent government regulations required for archiving your Websites.  Hefty penalties can be imposed on firms for failure to properly adhere to the specific rules.  The process of properly archiving your Website can be arduous, costly endeavor especially when performed in-house.

Some of key terms used by archivists when referring to Website archiving includes:

Backups: Means to copy information to another medium such as to a disk or tape as a precaution in case information gets corrupted or destroyed. *

Crawl: Refers to the capture of a firm’s Website that is conducted by a crawler.

Data center: Data center is the physical location where the archiving firm stores, preserves and retrieves a firm’s Website archives.

 Immutable: Unchangeable, that which cannot be changed, altered or modified in anyway.

Records: Any recorded information, including but not limited to documents, videos, audio files, created by a firm housed on its Website.

Record retention policy:  The policy defined by a firm’s record retention policy, refers to the length of time a firm is required by its regulatory bodies to preserve its Website archives.

URL (Uniform Resource Locator):  Is the location of a resource on the Web.

 WArc File: is made of disaggregated WArc records.

 Website Archive: Refers to the collection of a firm’s Website published information that has been recorded on the World Wide Web, and is preserved for regulatory purposes and for accessing at a later point in time.

Web Archive:  A collection of published materials on your Website that a firm has either made arrangements for or has accepted long-term responsibility for preservation and access in keeping with an archive’s user compliance policies.

WORM (Write-Only Read-Many): Describes data storage that once written, it is immutable and cannot be changed. This unequivocally proves that the information stored has not been modified or changed in anyway.*

* Backing up your Website, while important, is different than storing your Website archives to WORM. Backups are simply that, mere backups of your information and can be changed and modified. When Website archives are stored to WORM format, this means your files are immutable and cannot be changed. WORM storage is required by many financial firms.

 

Posted in Uncategorized | Leave a comment

FINRA 2016 focus area and penalties

It’s a theme we’ve recently and repeatedly heard. FINRA wants financial firms to have a compliance culture. In fact FINRA plans to assess whether firms are abiding to compliance regulations, on a daily basis – not just when they’re being examined.

Earlier this year FINRA released its 2016 Regulatory and Examination Priorities Letter whereby it features where FINRA has its highest regulatory concerns.

FINRA has vowed to ensure financial firms create a compliance culture and has levied some pretty high fines to show how serious they are about it.

Some FINRA focus areas and penalties include:  conflict of interest and ethics, supervisory failures, and risk management and controls.

Additional focus:

– Improper electronic storage – FINRA has levied numerous fines over the years for lack of technology oversight, including electronic archiving and storage of emails and Websites. Most recently, FINRA has focused on Cybersecurity and how firms are addressing recent threats.

 

Posted in Uncategorized | Leave a comment

71 percent of Americans admit to being afraid of talking to a financial advisor

71 percent of people are petrified to meet with an advisor – someone that could potentially help them with their financial goals, such as have enough money to retire comfortably.

According to a survey by Harris Poll, Americans are fearful of meeting with a financial advisor.

Nearly 50 percent admitted to being scared that talking to an advisor would end up costing them too much money.

Other findings:

–       Almost 40 percent revealed that they’re afraid that the advisor will share bad news with them about their finance situation.

–       Half reported being reluctant to trusting an advisor with their personal financial information.

–       Over 40 percent believed that an advisor wouldn’t be able to help them with their specific financial needs.

That must be why The Society of Actuaries cites that only about 50 percent of people actually meet with an advisor.

There are legitimate fears and obstacles that investors have about working with a financial advisor.

However, this presents a great opportunity for astute financial advisors who truly understand these investor fears to address these concerns and to help the other 50 percent of people who aren’t already work with an advisor.

Source:

http://www.mcadamfa.com/financial-advisor-phobia-71-percent-of-americans-say-they-are-scared-of-talking-to-a-financial-advisor/

Posted in Uncategorized | Leave a comment