RIAs have always had a fiduciary responsibility to their clients, businesses, and stakeholders. But with the SEC’s amendments to Regulation S-P, potential repercussions of a recent Supreme Court ruling, and the rising toll of cybercrime on firms, their hands as cyber fiduciaries are being forced.
The revised Regulation S-P published in May requires RIAs and other covered institutions to add incident response programs to their cybersecurity playbooks that are “reasonably designed to detect, respond to, and recover from unauthorized…