Below is an excerpt from "Observations from OCIE's Cybersecurity 2 Initiative," which was published in Global Banking & Finance Review by Michael Manley and Blair Springer on October 4, 2017.
The United States Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) recently conducted its Cybersecurity 2 Initiative (Initiative). The Initiative consisted of an examination by OCIE of 75 businesses, including investment companies, investment advisers, and broker-dealers (collectively, the Firms). OCIE reported its observations from the Initiative in a recent Risk Alert. The Initiative focused on the Firms’ written policies and procedures regarding cybersecurity and included validation and testing that such policies and procedures were implemented and followed.