The Office of Compliance Inspections and Examinations (OCIE) National Examination Program staff, recently examined 57 registered broker-dealers and 49 registered investment advisers to better understand how broker-dealers and advisers address the legal, regulatory, and compliance issues associated with cybersecurity (the “Cybersecurity Examination Initiative” or the “Initiative”).
In the examinations, the staff collected and analyzed information from the selected firms relating to their practices for: identifying risks related to cybersecurity; establishing cybersecurity governance, including policies, procedures, and oversight processes; protecting firm networks and information; identifying and addressing risks associated with remote access to client information and funds transfer requests; identifying and addressing risks associated with vendors and other third parties; and detecting unauthorized activity.
We’ve taken those findings and put them into the infographic below.