The North American Securities Administrators Association (NASAA) maintains state securities regulators are concerned cybersecurity
deficiencies are rising among investment advisers.
“Cybersecurity is a priority for state securities examiners,” Michael S. Pieciak, NASAA president and Vermont Commissioner of Financial Regulation, said. “Smaller companies are the low hanging fruit for cybercriminals, and when you consider more than three-fourths of the nearly 18,000 state-registered investment advisers are one to two-person shops, it is clear how important cybersecurity should be for these small businesses as well.”
The NASAA’s effort to garner feedback from state-registered investment advisers in 41 jurisdictions between January and June 2019, determined state examiners found deficiencies relating to cybersecurity in more than one-quarter, or 26 percent, of their examinations, which they said represented an increase of 23 percent during the last series of coordinated examinations in 2017.
“We encourage state-registered investment advisers to review their cybersecurity practices to ensure compliance and to take advantage of the free cybersecurity checklist offered by NASAA to help gauge their cybersecurity preparedness,” said Andrea Seidt, chair of NASAA’s Investment Adviser Section and Ohio Securities commissioner, said.
State securities regulators have regulatory oversight responsibility for investment advisers with assets under management of $100 million or less, officials said, adding included in this year’s coordinated examinations, 67 percent had assets under management between $30 million and $100 million and 33 percent had assets under management of less than $30 million.