Subscribe to our mailing list

* indicates required







We seek to provide information, insights and direction that may enable the Financial Community to effectively and efficiently operate in a regulatory risk-free environment by curating content from all over the web.


Stay Informed with the latest fanancialish news.





Broker-Dealer Cybersecurity - FINRA Podcast

July 10, 2017

In the Part I of a 3-part series, Chip Jones, FINRA SVP of Member Relations and Education, leads a discussion with Susan Axelrod, FINRA EVP for Office of Regulatory Operations, and Dave Kelley, Surveillance Director from FINRA's KC District Office, about common deficiencies FINRA staff see during examinations of firms' cybersecurity programs. The podcast duration is 6-1/2 minutes.


PODCAST HIGHLIGHTS.    While FINRA has no Cybersecurity Rule, and has no intention of implementing one, it takes every available opportunity to converse with member firms about the issue, including:


  • to understand what steps firms take to safeguard customer data.
  • to share best practices with member firms.
  • to evaluate each firm's risk assessment framework.
  • to evaluate each firm's consistency with peers.


FINRA seeks to allay firms' concerns about these dialogs. Rarely, rarely will FINRA write up a firm for deficiencies. However, write-ups will occur when FINRA comes across situations it feels strongly about - e.g., where access controls are so weak that someone who has left the firm can still access the system to enter trades. 


NEXT UP - PART II.    Formalizing the oversight of a firm's cyber program in strengthening controls around access to data and systems.