Contact us: 888-996-4642 |

The SEC Wants Your RIA Firm to Be Cyber Secure

Fines. Loss of reputation. Even loss of business. These are some of the scary things that can happen if your RIA firm isn’t cyber secure. Last week, the SEC issued its first ever fine to an RIA firm that had failed to secure and protect their clients’ financial data. R.T. Jones Capital Equities Management in St. Louis was fined $75,000 and agreed to be censured because it failed to have a cyber security policy in place before a computer breach compromised 100,000 individuals’ personal information, including records of some of the firm’s clients.

The fine shouldn’t have come as a surprise to any RIA firms. Back in April of 2014, the SEC’s OCIE announced that it would be conducting an exam of 50 registered broker dealers and registered investment advisors with a focus on technology, including cyber security preparedness. The SEC’s has revised the guidelines twice since then and warned financial firms that they must be compliant.

But don’t panic! The SEC isn’t on a crusade to punish firms. They just want firms to be taking the right steps to protect their clients’ data. R.T. Jones Capital Equities Management received such a hefty fine because they hadn’t taken ANY action to protect their clients’ data. There was no commercial grade firewall, there were no risk policies in place, and they didn’t encrypt their customers’ data.

The SEC will continue to enforce cyber security compliance but we feel that as long as you are putting forth the effort or are in process to meet the guidelines, you will most likely not be fined so severely at this time. However, as time goes on, the SEC will most likely not be as lenient, having given RIA firms enough time to become compliant.

To help you sleep better at night, here are some resources to educate you on how to be more prepared and protect against cyber attacks.

  • The OCIE issued a new Risk Alert to provide additional information on the areas of focus for the exam division’s second round of cyber exams. You can read that here.
  • To help you navigate the information in the Risk Alert, join Richard Mabbun and Julian Markas of ĪTEGRIA® and GJ King from RIA in a Box for a free cyber security webinar on Thursday, Oct. 1st, to keep your RIA firm and clients protected. Register here.

At ĪTEGRIA, we are on the front lines every day protecting our RIA clients from cyber attacks. That is why we designed our Total AdvisorSecure™ service to cover everything our Total AdvisorCare™ RIA clients need to protect their data and comply with regulations. From helping our clients’ create information security policies, to enabling technical controls, to testing and training, we help our clients navigate through the complex and ever changing world of cyber security. Our goal is to help you make your IT infrastructure’s defenses are as sturdy and sophisticated as possible. Learn more about Total AdvisorSecure™ and our Total AdvisorCare™ solutions here.

We have a new cyber security solution in the works for clients who aren’t currently having us manage their IT network. Sign up for our newsletter to receive more information on that solution when it is announced.

If you still have questions about cyber security and how to comply with SEC mandates, please give us a call at 888-996-4642. We are happy to help. We only serve RIA firms, so we understand the complexities of your industry and can share best practices in cyber security to help you protect your business.

You Might Also Like:

How to Make Managing Your RIA Firm’s Technology a Little Easier

Which Cloud Based IT Infrastructure is Best for RIA Firms?

3 Key Components of a Robust IT Compliance Program for RIA Firms