Third-Party Risk Is Becoming a Primary Challenge to Further Reduce the Extended Enterprise Risk

Today organizations in all market segments increasingly rely on an assortment of third-party vendors, suppliers, and partners. We are all aware of the continued growth of the extended enterprise – companies relying on a network of third-party vendors to provide them with organizational services, products, and competitive advantage. Over the past few years, the use … Read more

Cybersecurity and Resiliency Observations – SEC Office of Compliance Inspections and Examinations

Today, Cybersecurity risks originate from many sources, both domestic and from international regions. Most importantly, these cybersecurity risks occur across the array of securities and financial markets. The seriousness of the threats and the heightened concerns to investors, issuers, and other securities market participants, and the financial markets and economy more generally, are considerable and … Read more

Cybersecurity, Preventing Plan Leakage Top of Mind for Retirement Plan Sponsors

Retirement Plan Sponsors shared in a survey the steps they have taken, or will take, to reduce plan leakage and retain retiree assets in the plan. Preventing asset leakage and Cybersecurity concerns have been priorities for plan sponsors, according to new research from Callan, and many plan sponsors expect to act further this year. The … Read more

SEC’s Proposed Cybersecurity Rules for RIAs, RICs, and BDCs

On February 9, 2022, the SEC voted 3-1 to propose rules that would significantly expand the risk management and reporting requirements concerning cybersecurity and related matters for registered investment companies (RICs), business development companies (BDCs), and investment advisers registered or required to be registered with the SEC (RIAs) The proposed rules would require advisers and … Read more

Retirement Plan Participant Lawsuit Against Transamerica for Data Breach

In a lawsuit, he alleges the retirement plan service provider did not take steps to protect the personal information of participants in plans it serves. As the level of awareness of Cybersecurity protection of confidential data has increased, however, so has the size and complexity of the cybersecurity problem from the perspective of plan fiduciary. … Read more

DOL Seeks Information From Alight Solutions About Cybersecurity Incidents

Alight has been sued by retirement plan participants whose accounts were hacked, and the Department of Labor is investigating the provider’s practices. Judge John F. Kness of the U.S. District Court for the Northern District of Illinois has ruled that Alight Solutions must comply immediately with a Department of Labor (DOL) administrative subpoena seeking documents … Read more

Modevity Announces New Outsourced Cybersecurity Assessment Services for Retirement Plan Sponsors to Maintain Compliance with the DOL Cybersecurity Guidelines

Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced today that the company has launched their new Cybersecurity Assessment Services for Retirement Plan Sponsors. The US Department of Labor Guidance regarding Plan Sponsors’ fiduciary responsibilities, states that Plan Sponsors should assess … Read more

DOL Guidance on Cybersecurity: Outline Overview for Plan Sponsors

As noted in the DOL Guidance on Cybersecurity, Plan Sponsors should continuously ask, are my ERISA plan’s assets and participant data protected from cyberattacks?” The Department of Labor’s (DOL) release of cybersecurity best practices for plans covered by the Employee Retirement Income Security Act (ERISA) makes it clear that plan sponsors, service providers, and participants … Read more

NSA Issues Warning on Cyber Weaknesses that allow Hackers Access

On May 17, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI, along with allied nations, published a Cybersecurity Advisory to raise awareness about the poor security configurations, weak controls and other poor network hygiene practices malicious cyber actors use to gain initial access to a victim’s system. “Weak … Read more

The Benefits of Implementing Investigative Due Diligence Research to an Organization’s Supply Chain Vendor Management Program Initiatives

Most organizations that will be making strategic and critical business decisions, it is imperative to undertake an extensive due diligence investigation. Due Diligence is defined as, “the care a reasonable person exercises to avoid harm to other persons or their property.” Investigative Due Diligence refers to the research and analysis of an individual or organization done … Read more

Trusted partner since 2004.

Other Pages

Quick Links

Get the latest news & updates

Copyright © 2022 All rights reserved.