Cyber security at both the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) is an increasing concern for hedge fund managers following the adoption of new rules forcing them to disclose more about their investment strategies.
The new regulations, which were officially adopted last week, extend the scope of the information private fund advisors must confidentially report to regulators including detail software their crypto investments and credit strategies.
Regulators believe the extended reporting requirements will assist in their ability to monitor market risk and oversee the $26tn private funds industry.
Industry groups though, including the Alternative Investment Management Association (AIMA), the Managed Funds Association (MFA), and the Securities Industry and Financial Markets Association, have voiced concerns over the security of so-called Form PF data, and say any leak of the more detailed information now required could provide a “roadmap” to confidential proprietary investment strategies.
“People will file the data but then keep fingers crossed that the SEC ups their game on the cyber side,” said Jennifer Wood, the Global Head of Asset Management Regulation at the Alternative Investment Management Association.
The SEC and CFTC have responded by saying they have “robust data protection measures in place to protect all information filed on Form PF”, however, according to Bloomberg, the SEC in particular has a “fraught” cyber security record – with the latest breach seeing hackers gain access to the Commission’s official X account last month.
