The Securities and Exchange Commission Division of Examinations has issued a risk alert to highlight the importance of establishing written policies and procedures for safeguarding customer records and information at adviser branch offices.
According to the SEC, many broker-dealers and investment advisers consist of a main office and multiple smaller offices. Individuals in branch offices often have access to information technology systems that contain customer records and information.
The SEC says while many of these firms have implemented safeguarding policies and procedures at their main office, some firms did not adopt or implement written policies and procedures that address safeguards for their branch offices despite the existence of the same or similar risks.
This could be due to vendor management, email configuration, data classification, access management, or technology risk.
The SEC says in response to these observations, many of the firms modified their written policies and procedures to mitigate the issues identified by division staff.
Click here to visit The DI Wire directory page.