Practical, Legal and Regulatory Considerations for a Hedge Fund Manager’s Web Presence
Historically, hedge fund websites have been little more than a page that displayed a fund manager’s name, basic contact information and a login area for investors. However, as managers, their employees and investors have become more web savvy, and implementation of the Jumpstart Our Businesses Act has galvanized the hedge fund communications landscape, hedge fund websites have become more informative and interactive. Correspondingly, the risks—legal, regulatory and even cyber-related—have grown. Hedge fund managers need to ensure that their firm’s site conforms with all relevant regulations governing what information can, and cannot, be included on a website, and who is permitted to access various kinds of information.
…
Jorge Rey, director of information security and compliance at Kaufman Rossin said, “From a cybersecurity perspective, one of the first things you want to know is whether the website is accurate. The website can easily be defaced, and false information can be put into the website that can affect the reputation of the hedge fund.”
Other issues to consider, said Rey, are “Where is your website hosted? Is it hosted on your own servers or with a third party? Is the third party actually protecting against cyber attacks? [Furthermore], when you put a lot of information and specific content information on a website, you’re making it easier for hackers to use phishing methods to gain access to your networks.
…
Rey agreed the website should be hosted by a third party. “You don’t want the website linked to your internal networks. If your website is hacked, you don’t want them to get access to your network and get information about your fund, your investments, your algorithms or any client information.” He added that firms must conduct proper due diligence on service providers to confirm they have robust protections in place to ensure the data security.
To read the full article, visit the Hedge Fund Legal & Compliance Digest.
Jorge Rey, CISA, CISM, is a Cybersecurity & Compliance Principal at Kaufman Rossin, one of the Top 100 CPA and advisory firms in the U.S.