Investment advisory firms say cybersecurity is the hottest compliance topic, and yet, the number of firms falling victim to attacks is on the rise.
Approximately 15 percent of RIAs surveyed in the 2015 Investment Management Compliance Testing Survey reported they have been the victims of a cybersecurity breach in the past 18 months, compared to only 11 percent last year. And yet nearly 88 percent of respondents cited keywords including “cybersecurity,” “privacy” and “identity theft” as the most prevalent compliance concerns of 2015.
Conducted annually by the Investment Adviser Association (IAA), the ACA Compliance Group and OMAM, the Compliance Testing Survey records the responses of nearly 475 firms with regard to “hot topic” compliance concerns. The key findings of this year’s study reveal an upward trend in the threat of cybersecurity as understood by advisors. Compared to the 2014 survey, an additional 13 percent of respondents perceive cybersecurity/privacy/identity theft with growing trepidation.
The results of the survey caused some firms to create new security programs and restrictions for employees to protect against these pressing issues. More than two in five (43 percent) of companies confirmed that they have put into effect formal cybersecurity programs.
Additionally, approximately nine out of ten firms now have formal written policies that oversee the use of social media for workers. More than 40 percent of companies forbid employees from using personal social networking websites for business purposes, and concomitantly 65 percent monitor employee emails and electronic communications to scan for violations of firm policies and procedures.
According to IAA Assistant General Counsel Sanjay Lamba, the survey itself serves to inculcate in advisors a sense of which issues they may want to tackle first and which issues can directly affect their actions. “The findings should give firms a strong sense of the compliance topics and concerns they may want to focus on, as well as a sense of how current regulatory issues can impact their operations,” he says.