The SEC recently released their 2020 examination priorities. These are the areas the examination branch of the SEC (OCIE) will be focused on during exams this year. The SEC specifically calls out RIAs in this year’s priorities:
“Specific to RIAs, OCIE will continue to focus its examinations on assessing RIAs’ protection of clients’ personal financial information. Particular focus areas will include: (1) governance and risk management; (2) access controls; (3) data loss prevention; (4) vendor management; (5) training; and (6) incident response and resiliency.”
And new for this year:
“OCIE will examine for the safeguards around the proper disposal of retired hardware that may contain client information and potential network information that could create an intrusion vulnerability.”
“In particular, examinations of registered investment advisors (RIAs) will focus on RIAs that have been examined, including new RIAs and RIAs registered for several years that have yet to be examined.”
If you want help preparing for an SEC cybersecurity exam, contact us. We’ve helped dozens of RIA’s prepare for and pass SEC cybersecurity exams.