The SEC may be refining its approach to spurring good cybersecurity practices in advisers, but its expectations aren't slackening.
There's been "a conscious decision" at the agency to lead through the exam process, rather than enforcement, said David Glockner, regional director of the SEC's Chicago office.
"There've been a handful of enforcement cases in this area," Glockner said, "but if you step back and think about it, there are way more incidents, way more issues that pop up in exams than there are enforcement referrals or enforcement actions."
But even if the commission will discipline advisers sparingly and bring actions in the
Charity Karanja is an attorney at Butler Snow LLP in the Public Finance, Tax Incentives and Credit Markets Group. She holds the Development Finance Certified Professional (DFCP) designation through the Council of Development Finance Agencies (CDFA). She is recognized as one of The Bond Buyer's 2025 Rising Stars and has the distinction of being one of six women in the nation named to the 2024 Class of the Caren S. Franzini Fellowship, a merit- based program by the CDFA Foundation, recognizing outstanding women in development finance for their leadership and dedication to the advancement of the industry.
Tray Hairston is an attorney at Butler Snow LLP in the Public Finance, Tax Incentives and Credit Markets Group. He holds the Certified Economic Developer (CEcD) designation through the International Economic Development Council (IEDC) where he serves on the Board of Directors. He is recognized as one of The Bond Buyer's 2018 Rising Stars and has structured more than $3 billion in transactions.
Millennials and Generation Z, as they begin accepting generational wealth, show a growing preference for tax-advantaged donor-advised funds.
As a starting point, officials recommend advisers take an inventory of their digital assets to determine the various entry points that hackers could take to infiltrate their systems, including a thorough vetting of all the outside vendors a firm contracts with.
Regulators have revealed what kind of issues advisors must address if faced with a review.
To ensure that personnel throughout the firm are cognizant of the myriad cyber threats, the SEC urges firm leaders to elevate the issue as a business priority, appealing for a tone at the top that prevents cybersecurity issues from being marginalized as simply a matter for the IT department.
But in some firms, there remains a tension between business and cybersecurity concerns, according to Steven Levine, an associate regional director at the SEC's Chicago office.
Levine has
Often, branch managers look to bring in high-producing industry veterans who might resist the firm's cybersecurity policies and procedures, which puts additional onus on the chief compliance officer to lay down the law, Levine says.
