Editor’s Note: The SEC’s increasing focus on cybersecurity was evident in their FY 2013 budget request. See here. CRE has explained that the SEC should coordinate their cyber security regulatory activities with our European trading partners through the TTIP process.
(Reuters) U.S. regulators said Thursday they plan to scrutinize whether asset managers have policies to prevent and detect cyber attacks and are properly safeguarding against security risks that could arise from vendors having access to their systems.
“We will be looking to see what policies are in place to prevent, detect and respond to cyber attacks,” said Jane Jarcho, the national associate director for the Securities and Exchange Commission’s investment adviser exam program.
“We will be looking at policies on IT training, vendor access and vendor due diligence, and what information you have on any vendors,” she added, in a presentation to a group of compliance professionals at SEC headquarters in Washington, D.C.
The SEC’s upcoming 2014 review of cyber security policies at asset managers will be conducted as part of the agency’s routine examinations of investment advisers and investment companies, such as mutual funds.