On September 26, in the Securities and Exchange Commission’s (“SEC”) first enforcement action for violations of Regulation S-ID (the “Identity Theft Red Flags Rule”), Voya Financial Advisors Inc. (“VFA”), an SEC-registered investment adviser and broker-dealer, has agreed to settle charges relating to failures in its cybersecurity policies and procedures concerning a cyber-intrusion that compromised thousands of customers’ personal information. VFA agreed to pay a $1 million penalty as well as retain an independent consultant to evaluate its policies and procedures for compliance with the Safeguards Rule and Identity Theft Red Flags Rule.… More