Knowledge Center

  • Home
  • Resource Center
  • Case studies
  • Case study
  • Cybersecurity: Protecting client data through industry best practices

    Mutual Fund Solutions

    Business challenge

    Cybersecurity is a prominent topic for all fund types, investment managers, boards and investors. U.S. Bancorp Fund Services recognized the need to create comprehensive policies and procedures as well as a communication program to help clients, auditors, regulators and chief compliance officers gain a better understanding of our entire program and the resources we devote to minimize cybersecurity risks.

    Our solution

    Our goal is to provide our clients complete transparency into our cybersecurity program and offer continual communication to keep them informed on how we protect confidential information and shareholder records.

    U.S. Bancorp Fund Service Control Environment
    As a wholly-owned subsidiary of U.S. Bank N.A., U.S. Bancorp Fund Services benefits from the IT infrastructure and information security policies and procedures that have been adopted, approved and implemented across U.S. Bank and the Information Security Services (ISS) team.These policies and procedures include, among other safeguards, controls around computer access, secure file and data transfers, intrusion detection, penetration testing, anti-virus and patching protocols, key card access, surveillance cameras and security guards. The ISS team reviews policies to verify they are in line with the national standards, as well as policies required by the executive order and other groups such as the National Information & Securities Technology.

    Cybersecurity Risk Management
    Strong and extensive controls are the cornerstone of keeping your shareholder data secure, and avoiding potential cyber threats is a responsibility we take very seriously. As investor data moves throughout our recordkeeping systems, reliable network security and stringent user access protocols protect the confidentiality and integrity of information being processed, transmitted and retained.

    Data is transferred through multiple dedicated and encrypted networks that are actively monitored for bandwidth usage. Additionally, anti-malware software installed on U.S. Bank servers and workstations is centrally managed and updated daily. While network and firewall vigilance is essential to preventing threats and intrusions, controlling and monitoring user access is also vital to maintaining a secure environment for our clients’ information. We place the highest importance on protecting investor information, processing transactions securely and being certain that our critical systems and processes are protected and uninterrupted.


    We deliver formal cybersecurity program communications, presentations and thought leadership through our annual client conference, CCO regional forums, CCO portal, due diligence meetings, client newsletter and board meeting presentations. We successfully demonstrate effective cybersecurity processes, procedures and controls and continually monitor cybersecurity risk across our business. U.S. Bancorp Fund Services provides comprehensive transparency, reporting and communication of our industry best practices in managing cybersecurity risks to both educate and comfort our investment management clients, regulators, auditors, fund CCOs and investors.

    ©2016 U.S. Bancorp Fund Services, LLC. All rights reserved. U.S. Bank is not responsible for nor guarantees the products, services, performance or representations of its affiliates or third party providers.

    Click here to download the PDF.