Key takeaways

• On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert announcing observations from its second round of cybersecurity examinations of registered broker-dealers, investment advisers, and investment companies.
• The observations were based on OCIE’s examinations of 75 firms since September 2015, pursuant to its “Cybersecurity 2 Initiative.”
• In general, the staff observed increased cybersecurity preparedness since its first cybersecurity initiative in 2014, but also observed areas where compliance and oversight could be improved.