Vendor Risk and Incident Response Under Reg S-P: What Wealth Management Compliance Teams Need to Know Now
The Reg S-P amendments are in effect for broker-dealers, investment companies, registered investment advisers, and transfer agents — and SEC exam letters are already going out. Most compliance teams are managing existing obligations while trying to layer in new vendor oversight and incident response requirements on a compressed timeline.
These SEC rule changes significantly expand expectations around how firms identify, oversee, and respond to risks introduced by third-party vendors, particularly those with access to customer data. For many firms, vendor oversight and incident response represent gaps that need to close quickly — and examiners are actively looking for both.
This webinar cuts through the noise, combining practical compliance guidance with peer implementation insights we’ve observed from firms navigating the same pressures. We'll cover:
- How firms are structuring third-party risk management oversight in practice
- What SEC examiners are looking for
- What a defensible, exam-ready incident response framework looks like at this stage of implementation
We'll also address the resource question directly — how stretched compliance teams are making prioritization decisions and what "prepared enough" realistically means right now.
You'll leave with a clearer picture of where your program stands and what to tackle first.
Register Now
Who Should Attend
Chief compliance officers, compliance managers, and risk professionals at registered investment advisers, broker-dealers, and wealth management firms navigating Reg S-P vendor risk and incident response requirements.
About the Speaker
Shannon Hull, IACCP®, CAMS®, CTFA®, brings more than 35 years of experience in investment adviser and broker-dealer compliance to Ncontracts. She helps RIAs and wealth management firms interpret evolving rules, prepare for examinations, and build compliance programs that hold up in practice — covering everything from AI governance and third-party risk to SEC exam priorities and Regulation S-P.