Regulatory and Legislative

SEC Proposes Requirements to Mitigate Cybersecurity Threats

FuturePlan ERISA Team February 09 2022

The Securities and Exchange Commission (SEC) has released a proposed rule “Cybersecurity Risk Management for Investment Advisers, Registered Investment Companies, and Business Development Companies”. According to the press release, the proposed rule would require advisers and investment companies to implement written cybersecurity policies and procedures designed to 1) address cybersecurity risks that could harm advisory clients and fund investors, and 2) publicly disclose significant risks and incidents. The proposed rule would also implement new recordkeeping requirements for advisers and funds to improve the availability of cybersecurity-related information and to help facilitate the SEC’s enforcement capabilities.

The SEC will accept public comments for the longer of 1) 60 days following the release of the proposed rule on the SEC’s website, or 2) 30 days following the publication of the proposed rule in the Federal Register.

Regulatory and Legislative

DOL Final Rule Updating VFCP Has Left OMB

DOL Final Rule Updating VFCP Has Left OMB

Department of Labor guidance titled “Adoption of Amended and Restated Voluntary Fiduciary Correction Program” has left the Office of Management and Budget.


Show more