Regulatory Bodies
This U.S. agency oversees investment advisors managing over $100 million in assets.
What is the SEC?
What is the first thing an employee should do if they suspect a cybersecurity incident, such as a phishing email or ransomware pop-up?
What is immediately stop what you’re doing and report it to the Incident Response Lead (Mary)?
This rule requires RIAs to safeguard client non-public personal information and send annual privacy notices.
What is Regulation S-P?
A client accidentally emails you their Social Security number. What should you do?
What is notify compliance and ensure the information is stored securely or deleted appropriately?
In this 1983 comedy with Eddie Murphy and dan Ackroyd, a bet between two wealth brothers leads to chaos in the commodities market.
What is Trading Places?
This self-regulatory organization oversees broker-dealers.
What is FINRA?
The purpose of the Incident Response Plan is to do what three things when an incident occurs?
What are detect, contain, and recover?
When sending sensitive information via email, you should always do this.
What is encrypt the email or use a secure portal?
You are writing a client email and consider pasting their statement—including account numbers—into ChatGPT for wording help.
What is “Do not upload PII; summarize generically or ask Compliance”?
The 2011 drama starring Kevin Spacey and Zachary Quinto takes places over 24 hours at a collapsing investment bank.
What is Margin Call?
Registered investment advisors file this form annually with the SEC.
What is Form ADV?
Gifts to or from clients should be documented and approved to avoid this appearance.
What is impropriety or a conflict of interest?
When a third-party vendor may handle client data, this type of oversight is required before approval.
What is vendor due diligence?
A long-time client insists on bypassing standard wire request procedures. What’s your next step?
What is explain firm policy and escalate the request to compliance if needed?
This 2000 film starring Giovanni Ribisi and Vin Diesel depicts a shady brokerage pushing worthless stocks through boiler-room tactics.
What is Boiler Room?
This is the government agency responsible for enforcing anti-money laundering laws.
What is the Department of the Treasury?
Employees are required to promptly report these to compliance if they may impact their objectivity or duties to clients.
What are potential conflicts of interest?
This plan outlines how the firm will operate during and after a cybersecurity incident.
What is a business continuity and disaster recovery plan?
A vendor requests access to client files but is not on the approved vendor list.
What is “Decline and escalate to Compliance for review”?
This 2015 movie chronicles investors who profited from the 2008 housing collapse.
What is The Big Short?
This law requires advisers to establish and maintain a written business continuity and succession plan.
What is the Investment Advisers Act of 1940 (under Rule 206(4)-7)?
This term refers to using non-public information for personal gain.
What is insider trading?
You must notify compliance if you believe this has occurred.
What is a data breach?
A coworker receives a suspicious MFA prompt and files syncing strangely. What should they do first?
What is “Report immediately and isolate the device”?
This 1987 Oliver Stone movie coined the phrase "Greed is good."
What is Wall Street?