06.02.26
RIAs Face Reg S-P Compliance Deadline
by: Patrick Donachie
Registered investment advisors (RIAs) with less than $1.5 billion in assets must now comply with the U.S. Securities and Exchange Commission's new Regulation S-P compliance, which went into effect on June 3 and expands requirements for protecting customer data and responding to cybersecurity incidents. Key provisions include maintaining a formal incident response plan, notifying affected clients within 30 days of a breach and obtaining assurances that service providers will report cyber incidents within 72 hours. Industry experts say many firms remain underprepared, particularly smaller RIAs that have focused more on prevention than detection and response. Challenges include creating practical incident response plans, mapping customer data flows and securing commitments from vendors regarding breach notifications.
Read the full article on Wealth Management