On Monday May 2, HFMWeek reported that Rob Taylor, the UK FCA’s Head of Investment Management, accused the hedge fund sector of being “short-sighted” with regards to cybersecurity risks. The industry has been waiting expectantly to see whether the FCA will release guidance similar to that issued by other financial regulators. Taylor's comments suggest that official guidance may be imminent.
“It is not surprising to hear Rob Taylor’s comments,” said James Tedman of ACA Aponix (Europe). "We see a concerning lack of regard for cyber risk that, when coupled with the ever-increasing number and sophistication of attacks, leaves the average fund very vulnerable. There are some significant risks present in almost every firm that are often embedded within workflows, such as: poorly implemented IT protections by outsourced vendors, a lack of vendor management, or deficient policy and governance. Few firms undertake detailed risk assessments, meaning that significant risks often go unidentified and unchecked, leaving them vulnerable to exploitation. We expect to hear more from the FCA later in the year; it will be interesting to see whether they go as far as the US regulators have with their cybersecurity guidance and examinations.”
The full article can be viewed on HFMWeek’s website (subscription-only content): https://hfm.global/hfmweek/news/fca-hedge-funds-short-sighted-hedge-funds-on-cyber-security/
How ACA Aponix Can Help
ACA Aponix provides risk assessments, written information security policies, staff training, and vendor diligence as part of our core service offering. Please contact firstname.lastname@example.org with any questions or for further information on how we can assist you with addressing cybersecurity risk.