Securities Law Section Luncheon
On October 5, the Securities Law Section held a CLE entitled “Lunch with galleon group
Hedge Fund informant Roomy Khan,” where Ms. Khan discussed her involvement with
Continued from page 50
Firms’ oversight of third party
vendors has been and is still a
significant concern. While examined
firms were conducting risk
assessments of vendors, their
assessments were limited to the
outset of the relationship, rather
than an initial and ongoing review.
While nearly every firm that was
examined maintained cybersecurity
policies and procedures, OCIE
expressed concern that some
cybersecurity programs were
inadequately tailored to address
firm-specific needs, were general
in nature, and did not provide
adequate tools for implementation
by associated persons.
OCIE also found that firms
failed to follow or enforce policies
and remediate or address identified
system weaknesses. Although
policies included good cybersecurity
program elements, in many cases
firms did not follow them (e.g.,
completion or frequency of
required employee training).
Whether a firm has already
established cybersecurity policies
and procedures or is in the creation
and adoption
phase, following
best practices
published by
regulators will
help the firm
assure that it is in
compliance with
the ever-changing
landscape related
to managing
cyber risks.
“Operation Perfect Hedge,” which led to the indictment and conviction of over 90 individuals
connected to galleon group, a billion-dollar hedge fund. Ms. Khan also discussed her years
of undercover cooperation that ultimately led to these convictions, as well as the lessons
she has learned since her own conviction for passing inside information.
The section would like
to thank its luncheon sponsor:
Authors:
Dionne Fajardo
and Trisha
Cram - Wiand
Guerra King
NOV - DEC
2017
|
HCBA LAWYER
51