The U.S. Securities and Exchange Commission is looking at extending cyber risk management rules to third-party providers and requiring more public company disclosure when there is a security breach. These rules could extend to registered firms’ third-party providers such as index providers, custodians, fund administrators and others.
SEC proposed rules: Outsourcing by Investment Advisers
The SEC has proposed new rules for registered Investment Advisers that would require