On February 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed sweeping rules that would require registered advisers and funds to implement written policies and procedures designed to address cybersecurity risks, report significant cybersecurity incidents to the SEC using a proposed form, and keep enumerated cybersecurity-related books and records.
Key takeaways from the SEC’s release, titled “Cybersecurity Risk Management for Investment Advisers, Registered Investment Companies and Business Development Companies” (the Proposed Rules):
Attorney Advertising—Sidley Austin LLP is a global law firm. Our addresses and contact information can be found at www.sidley.com/en/locations/offices.
Sidley provides this information as a service to clients and other friends for educational purposes only. It should not be construed or relied on as legal advice or to create a lawyer-client relationship. Readers should not act upon this information without seeking advice from professional advisers. Sidley and Sidley Austin refer to Sidley Austin LLP and affiliated partnerships as explained at www.sidley.com/disclaimer.
© Sidley Austin LLP