U.S. SEC Division of Investment Management Issues Cybersecurity Guidance

May 15, 2015

The Division of Investment Management (Division) of the U.S. Securities and Exchange Commission (SEC) issued a Guidance Update on April 28, 2015 (Guidance) relating to the cybersecurity of registered investment companies and registered investment advisers (together, “firms”). Citing information gained through discussions with firms’ boards and senior personnel, and via the Office of Compliance Inspections and Examination’s (OCIE) 2014 cybersecurity examination sweep, the Division’s staff (Staff) stressed that firms need to review their cybersecurity measures and tailor their approaches to cybersecurity based on their particular circumstances. For further information regarding the results of the 2014 sweep, as well OCIE’s second wave of cybersecurity exams, please refer to Dechert OnPointThe Evolving U.S. Cybersecurity Landscape: What Firms Want to Know.

This OnPoint (i) details the Staff’s suggestions as to how firms should address their cybersecurity risks and compliance obligations; and (ii) lays out issues for firms to consider as they create tailored cybersecurity programs in line with the Division’s expectations.

Read "U.S. SEC Division of Investment Management Issues Cybersecurity Guidance."