Are your documents and website up to ADA standards? WHAT HAPPENED? Clients and shareholders with auditory, cognitive, neurological, physical, speech, and visual impairments use assistive devices, like screen readers, screen magnifiers, and Braille displays, to consume content produced by your firm. Certain technical criteria are required to be met [...]
Does your firm include text messages in its recordkeeping? WHAT HAPPENED? Recently, the U.S. Securities and Exchange Commission released information about proceedings against a California broker-dealer, which failed to retain employee text message records. The SEC became aware of the activity when investigating an enforcement matter concerning a third [...]
The SEC’s 9 recommendations for avoiding “credential stuffing” attacks WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) released a Risk Alert outlining newly identified cyber-attack threats called “credential stuffing.” Credential stuffing is a type of cyber-attack [...]
How to Identify and Avoid Vishing and Smishing Attacks WHAT HAPPENED? You likely have heard of phishing attacks, a type of social engineering scheme that tricks victims into clicking email links infected with malware, or into giving sensitive information to cybercriminals posing as a credible contact. Sophisticated attackers use [...]
5 Ways to Strengthen Your Firm’s Vendor Management Program WHAT HAPPENED? Vendor management is a critical piece of creating a comprehensive information security strategy for firms. Vendors processing or maintaining sensitive information on behalf of your firm and its clients are especially important to review and conduct due diligence [...]
Newly Identified Compliance Risks Due to COVID-19: What You Should Know WHAT HAPPENED? Last week, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines new compliance risks stemming from the global pandemic. The SEC and OCIE have remained [...]
New Security Feature for Web CRD and IARD Systems WHAT HAPPENED? For Super Account Administrators (SAAs) and Account Administrators (AAs) on FINRA’s Web CRD or IARD platforms, a new security feature is now required as part of the login process. For these administrators, FINRA is phasing in a multi-factor [...]
Six Ways to Help Protect Your Firm from a Cybersecurity Breach WHAT HAPPENED? As the COVID-19 pandemic has changed how most industries are conducting business, one of the biggest challenges is the transition to working from home. Many people are using their personal devices for work, often on an [...]
OCIE Releases 2020 Examination Priorities WHAT HAPPENED? On Jan. 7, 2020, the Office of Compliance Inspections and Examinations of the Securities and Exchange Commission (OCIE) released its 2020 Examination Priorities. The list is published annually to provide clear guidance to professionals and to highlight pertinent risks to investors. Several [...]
Alleged Cryptocurrency Scam Serves as Reminder of Digital Assets Risks WHAT HAPPENED? On Aug. 13, 2019, the Securities and Exchange Commission issued a press release regarding charges against Reginald “Reggie” Middleton and his two companies, Veritaseum, Inc. and Veritaseum, LLC. The complaint, filed in Brooklyn, New York, alleges that [...]