
Legislative and Judicial Actions
SEC Risk Alert Identifies ‘Credential Stuffing’ Hacking Technique
‘Credential stuffing’ is a method of cyberattack to client accounts that uses compromised client login credentials, resulting in the possible loss of customer assets and unauthorized disclosure of sensitive personal information.

Cyberattacks More Prevalent Among Smaller Businesses
The unexpected economic downturn caused by COVID-19, along with the rapid shift to remote work, made those businesses with few resources even more vulnerable.

The Alternative Workplace

Cybersecurity Strategies for the Adviser Industry
What Advisers Should Know About GDPR
While the GDPR does not directly address U.S. benefit plans, it should be of particular interest to defined contribution plan sponsors and their service providers because they hold personal information for each plan participant.
Cybersecurity Is About Protecting Clients—and Your Practice
One element of the cybersecurity discussion that is often overlooked is that the biggest threat to many advisory firms is not actually to client accounts but instead to the advisory brand.
Investment Managers Share Steps They Take for Compliance
A survey finds cybersecurity is registered investment advisers' (RIAs) highest concern.

Human Error Leaves Retirement Plan Data Exposed
SEC Examiners Warn About Cloud Storage Risks for Advisers
SEC inspection staffers have identified growing security risks associated with advisers’ storage of electronic customer recorders in cloud-based platforms—and they will be watching for non-compliance in this area.

Advisers’ Leading Role in Cybersecurity
AICPA Offers Best Practices for Benefits Record Retention
The American Institute of Certified Public Accountants issued a plan advisory that reminds plan sponsors of ERISA record retention rules and also offers best practices for protecting personal information.

Legislative and Judicial Actions
Milliman Launches Account Lock Feature
The solution allows participants to “lock down” their accounts to prevent any distributions or loans from being initiated.
Cybersecurity Is RIAs’ Biggest Compliance Concern
This is the fifth year in a row they have identified cybersecurity as their No. 1 concern.
