Financial regulators continue to expand their reach in the cybersecurity space, and funds, fund sponsors, and advisers should take note. Most recently, on February 12, the CFTC filed a simultaneous Order and Settlement against AMP Global Clearing LLC (AMP), a registered futures commission merchant, related to a breach of its networks in April 2017 by a third party who obtained approximately 97,000 AMP files, including customers’ personal information. Notably, the CFTC did not charge AMP under its regulation requiring that registrants have in place policies and procedures to safeguard customer records and information; rather, the CFTC proceeded under a separate regulation requiring that registrants diligently supervise any delegated entity tasked with performing any aspect of the registrant’s business activities.
Both the CFTC and SEC have in place regulations imposing supervisory obligations on registered fund sponsors and commodity trading advisers, and registered investment companies, advisers, and broker-dealers, respectively. As discussed further in the attached article, the Order and Settlement highlight the importance for funds, fund sponsors, and advisers of adequately supervising their service providers’ cybersecurity measures.
Read about this investment management and cybersecurity development
Authors
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find out more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.