Regulatory fines aren’t the only thing asset managers need to worry about when it comes to ensuring they have a strong cybersecurity program in place. A new study just released by Moody’s Investors Services about the cybersecurity preparedness of US fund management firms suggests that asset managers could face a credit ratings downgrade if they can’t protect their critical data. That data could include anything […]
Colorado Raises the Bar in Buyside Cybersecurity
Banks might not be the only financial institutions needing dedicated chief information security officers (CISOs) to oversee and enforce a cybersecurity program. As FinOps Report goes to press, the Colorado Division of Securities is set to finalize rules which, as of July 15, will make the state the first in the US to require fund managers and broker-dealers […]
Global Data Protection Reg: Not Just a Tech Exercise
Europe’s new General Data Protection Regulation, effective May 2018, will require financial firms to do a lot more than invest in technology to protect sensitive data from a cybersecurity breach or other loss. Compliance, operations,marketing, sales and even human resource managers at financial firms across the globe will need to establish the right processes and […]
Alternative Funds Industry Tackles Data Culture
Chief data officer (CDO) may not the most sought-after position at hedge fund management shops, but that isn’t stopping the C-level executives from pushing hard to create a better data management culture — including finding someone to take on the role, with or without the title. To support this effort, a new group calling itself the Data […]
Building Smarter 3rd-Party Cyber-Risk Programs
Financial firms needing to manage the cybersecurity risk of companies outside their own walls as well as they do their own can now count on a new risk assessment-as-a-service platform for help. Launched in March, the Denver-headquartered CyberGRX aims to take the gruntwork out of the due diligence process for third-party cybersecurity risk managers. It […]
New York Tightens Screws on 3rd Party Cyber-Risk
Out of sight doesn’t mean out of mind when it comes to following New York State’s new rigorous rules on how banks must manage cybersecurity risk. Cybersecurity information security officers (CISOs), IT directors, compliance managers, legal counsel, and vendor procurement specialists will need to work together to perform due diligence on third-party vendors, negotiate new […]
Cybersecurity and AML: How the Twain Must Meet?
What is the connection between a bank’s cybersecurity breach or event and money laundering? The same criminal. says the US Treasury’s Financial Crimes Enforcement Network. That’s why FinCEN wants financial firms to include information on cybersecurity events or breaches on their suspicious activity reports (SARs). Doing so will ensure that the financial firm is on […]
AML Compliance: Policing the Money Wires
Bank compliance, technology and back-office executives will soon be faced with a lot more headaches in preventing and reporting possible money laundering and other illegal activities conducted through payments transmitted by European wire transfers. Effective June 2017, financial firms — specifically banks — will have to monitor their wire payment messages more closely and file suspicious […]
SS&C Sued by Hedge Fund for Cyber Heist
Was incompetence, gross negligence, collusion or a good faith mistake the reason operations executives from fund administrator SS&C Technologies authorized the transfer of almost US$6 million from a client’s commodities fund to Chinese hackers? That is the question readers of a lawsuit filed by hedge fund Tillage Commodities Fund against SS&C Technologies will likely be […]
New York Proposed Cyber Rules: Too Much, Too Fast
Cutting down one risk — that of a cybersecuity breach — is promising to add a lot more risk of other kinds. Those would be increased costs and liability. The New York State Department of Financial Services has gone further than its federal peers by mandating hard and fast policies instead of risk-based methodology to […]