05.16.24
SEC Says RIAs and Brokers Who Suffer Data Breaches Will Have To Tell Their Clients
by: Kenneth Corbin
Investment advisors, broker-dealers and fund companies will have to issue notices to clients following data breaches that could have compromised their personal information, under new rules from the U.S. Securities and Exchange Commission (SEC). The SEC is giving larger entities 18 months to begin complying with the updated rule following its publication in the Federal Register. Smaller entities will have a two-year compliance period. The SEC announced the amendments to Regulation S-P, the privacy rule the commission adopted in 2000 that governs how certain financial institutions must handle consumer data. The amendments will also require firms to develop incident-response plans detailing how they aim to detect, prevent and respond to cyberattacks or data breaches. The original rule has a broader provision requiring written policies detailing firms’ protocols for safeguarding client information.
Read the full article on Barron's