SEC Risk Alert Shows Gaps in Firm Cybersecurity Programs

The SEC’s Office of Compliance Examinations and Inspections (OCIE) has released a Risk Alert with a brief summary of observations from its second round of cybersecurity exam sweeps, where it surveyed 75 broker dealers, investment advisors, and investment companies.  The Cybersecurity 2 Initiative was a more thorough follow-up to their 2014 Cybersecurity 1 Initiative.  The… READ MORE

Cybersecurity Deadline Approaches – Preparing your firm for the first phase of New York’s ’ Cybersecurity Rule 23 NYCRR 500

The first phase implementation date of New York’s “Cybersecurity Requirements for Financial Services Companies” rule is August 28th, 2017.   The rule requires firms to develop and maintain a cybersecurity program designed to protect the confidentiality, integrity and availability of their information systems.  The program must be based on a risk assessment, identify and assess internal… READ MORE

Oyster Publishes SEC Exam Priorities White Paper

Oyster Consulting’s recent white paper SEC 2017 Exam Priorities White Paper (February, 2017) offers compliance professionals items to take into consideration for each topic addressed in the letter. If you have any questions or concerns about any of these topics, please contact us.  Our consultants are experts in these areas and have the experience and perspective… READ MORE

Reg SCI Compliance is a Good Idea for Everyone, Not Just Exchanges

What’s Happening: Remember Regulation SCI? Unless you are an exchange or a systemically important market participant, the answer is “probably not.” You’ve undoubtedly heard of the “Flash Crash” of 2010, or maybe the Nasdaq system problem that messed up the Facebook IPO, or the “glitch” on July 8, 2015 that halted trading on the NYSE…. READ MORE