X

NFA Reminds Members of Upcoming Cybersecurity Deadline (Notice I-15-23)

The NFA reminded members that the Cybersecurity Interpretive Notice will become effective on March 1, 2016. The Cybersecurity Interpretive Notice, which the CFTC approved in October 2015 (see NFA August 28, 2015 submission letter to the CFTC), requires member firms to adopt and enforce written policies and procedures to secure customer data and access to their electronic systems. Although the Cybersecurity Interpretive Notice allows member firms some degree of flexibility in determining what constitutes "diligent supervision," the NFA noted, it also requires each member to adopt and enforce an information systems security program ("ISSP") that is appropriate to its circumstances.

The required elements for an ISSP are described in the Notice to Members announcing CFTC approval of the NFA Interpretive Notice on NFA Compliance Rules 2-9, 2-36 and 2-49: Information Systems Security Programs.

Primary Sources

  1. NFA Notice I-16-08

Premium Content

Available only to Premium subscribers.

 

Join Premium

US Regulatory Intelligence combines regulatory and enforcement news, analysis, and practical work tools on an easy-to-use digital platform.

Request a Free Trial

Tags

Regulated Activities
Supervision / Compliance Data Protection / Cybersecurity
Regulated Entities
Adviser / CTA / CPO
Regulated Products
Futures / Security Futures
Body of Law
CEA Regulation
Jurisdiction
US - Federal
Organization
CFTC, NFA, CFTC Markets
Sub-Author
NFA