Cybersecurity at smaller investment advisory firms remains a top concern for U.S. securities regulators, according to a new report from the the North American Securities Administrators Association (NASAA).
NASAA, which is the umbrella group of U.S. state and Canadian provincial regulators, has issued its annual report on the state-registered investment adviser industry. The report found that while compliance deficiencies have declined in most of the areas reviewed, cybersecurity remains an issue.
“Our coordinated examinations show that overall deficiencies in just about every category except cybersecurity have decreased since 2015,” reported Alex Glass, Indiana Securities commissioner and chair of NASAA’s investment adviser section.
U.S. state securities regulators have oversight responsibility for more than 17,500 investment advisers with assets under management of US$100 million or less.
“NASAA’s new model rule requires investment advisers to adopt policies and procedures regarding information security and to deliver its privacy policy annually to clients. This represents a significant step toward enhancing the cybersecurity and privacy practices of state-registered investment advisers,” Glass said.