Spark Institute Issues Recommendations for Cybersecurity

The standards it’s developing provide ‘more explicit guidance’ to decrease cyber fraud.

The SPARK [Society of Professional Asset Managers and Recordkeepers] Institute, through the work of its Data Security Oversight Board, is developing standards designed to protect retirement accounts from fraud in light of heightened and ongoing cybersecurity threats.

The SPARK Institute’s recommendations build upon the recently issued Department of Labor (DOL) cybersecurity guidance and provide more explicit guidance to defeat retirement account fraud.

“The protection of retirement accounts can only be fully realized with a partnership among plan sponsors, fiduciaries, recordkeepers, participants—and advisers, when applicable,” says Tim Rouse, executive director of the SPARK Institute. “With this is mind, our recommended controls should be implemented among all individuals and organizations involved in a retirement plan.”

To facilitate implementing the standards, the institute has summarized the Data Security Oversight Board’s recommendations, which highlight the minimum set of controls to consider and set expectations for all parties involved.

Rouse concludes, “We know that cyber threats are only going to increase. And we also know that protecting plan assets means that the retirement industry has to make a concerted and coordinated effort to fight fraud over the long term.”