March 08, 2022

David Porteous Addresses SEC, DOL Cybersecurity Regulations With

According to, the Securities and Exchange Commission (SEC) voted to propose two new rules on cybersecurity for registered investment advisers (RIAs), and one of the SEC’s proposals follows the Department of Labor’s (DOL) cybersecurity guidance. Business litigation partner David Porteous discussed the two agencies’ approaches.

The publication noted that the SEC is following a formal rulemaking procedure with a public comment period that will run until at least Apr. 11, 2022. Porteous said that the date for issuing a final rule and its contents is unknown and will be influenced by the number of comments the proposal receives. “You could get four comments…or 4,000,” he stated. “I wouldn’t be surprised, given the importance of this issue, that you get a number of comments that the SEC has to at least contemplate.”

The DOL is putting the onus on plans to ask the right cybersecurity questions in the first place, Porteous explained. In contrast, the SEC is telling RIAs and funds they will be required to have a “risk framework to deal with cybersecurity and make disclosures regarding its adequacy and conduct testing regarding its adequacy,” he said. “One way or the other, I’d say that the temperature is rising on the quality of cybersecurity risk for an RIA, whether you’re in the DOL space or not.”

Full Article

Related Industries

The Faegre Baker Daniels website uses cookies to make your browsing experience as useful as possible. In order to have the full site experience, keep cookies enabled on your web browser. By browsing our site with cookies enabled, you are agreeing to their use. Review Faegre Baker Daniels' cookies information for more details.