GDPR: Impacts on American Firms without EU Clients

Confirmation that your firm does not hold any EU resident’s (“data subjects”) data is the first step in complying with the new General Data Protection Regulation (“GDPR”), effective May 25, 2018.  There will still be some decisions and changes awaiting you.  Firms without any EU residents’ data will be impacted in three main ways: deciding if the… READ MORE

Cybersecurity Deadline Approaches – Preparing your firm for the first phase of New York’s ’ Cybersecurity Rule 23 NYCRR 500

The first phase implementation date of New York’s “Cybersecurity Requirements for Financial Services Companies” rule is August 28th, 2017.   The rule requires firms to develop and maintain a cybersecurity program designed to protect the confidentiality, integrity and availability of their information systems.  The program must be based on a risk assessment, identify and assess internal… READ MORE

SEC Form ADV Revisions – Performance Books and Records Retention

Whether it is part of your annual 206(4)-7 testing or a routine on your compliance calendar, making sure your records are in order is a basic requirement.  On August 25, 2016, the SEC adopted multiple amendments to Part 1A of Form ADV (“Form ADV”), which include amendments to the books and records rule under the… READ MORE

Reg SCI Compliance is a Good Idea for Everyone, Not Just Exchanges

What’s Happening: Remember Regulation SCI? Unless you are an exchange or a systemically important market participant, the answer is “probably not.” You’ve undoubtedly heard of the “Flash Crash” of 2010, or maybe the Nasdaq system problem that messed up the Facebook IPO, or the “glitch” on July 8, 2015 that halted trading on the NYSE…. READ MORE