CFTC Approves NFA Cybersecurity Interpretive Notice

Simon Riveles CFTC, Compliance, CPO, CTA, Cyber-security, Futures

By William Kelly Acknowledging the rapid evolution of information technology and correspondent threats, on August 20, 2015 the National Futures Association (“NFA”) issued an Interpretive Notice addressing cybersecurity concerns. The Interpretive Notice established general requirements relating to the information systems security programs (“ISSPs”) of futures commission merchants, commodity trading advisors, commodity pool operators, introducing brokers, retail foreign exchange dealers, swap dealers, and major swap participants …

SEC and CFTC Establish Identity Theft Detection and Prevention Guidelines

Simon Riveles CFTC, Cyber-security, Identity Theft, SEC

By Ryan Finn and Simon Riveles In an effort to reduce the ever-increasing threat of identity theft, the Securities and Exchange Commission (“SEC”) and the Commodity Futures Trading Commission (“CFTC”) (together, the “Commissions”) recently adopted the Identity Theft Red Flag Rule ( or Regulation “S-ID”). Broadly speaking, S-ID requires entities regulated by the Commissions that maintain “transaction accounts” to develop and implement a written identity …

FINRA Outlines 2013 Regulatory Priorities

Simon Riveles Cyber-security, FINRA, FINRA Rule 5123, Hedge Funds, Private Placement, Uncategorized

In keeping with its prior year practice, on January 11, 2013, FINRA (the “Agnecy”) issued a Examination Priorities Letter to member firms highlighting the areas of the industry it intends to focus particular attention and resources. These areas include market regulation, business conduct, insider trading, financial and operational concerns. Market Regulation As computer based trading continues to capture an increasingly large segment of the market, …

SEC Provides Guidance for Cyber-Security Disclosure

Simon Riveles Cyber-security, SEC

As digital technology and operating online has become ever more important for American companies, the risk associated with deliberate cyber-attacks and unintentional cyber-incidents has caught the attention of regulators. On October, 13, 2011, the Securities and Exchange Commission provided guidance to public companies concerning their duty to disclose these risks under the securities laws.[1]