SEC proposes Reg S-P updates on incident response, breach notifications
By 
Kyle Brasseur2023-03-15T17:45:00
The Securities and Exchange Commission (SEC) on Wednesday proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.
The proposed amendments would update Regulation S-P to “address the expanded use of technology and corresponding risks” that have come with innovation since the rule was first adopted in 2000, the SEC said in a press release. The agency noted its proposed changes were informed by comments in response to an abandoned 2008 proposal to amend Reg S-P in a similar manner.
The new proposal will be subject to a 60-day comment period following publication in the Federal Register.
Related articles
-
News BriefSEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
News BriefFTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
-
PremiumSEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
More from Regulatory Policy
-
ArticleU.K. outlines AI sandbox plan as regulators weigh compliance risks
The U.K. has set out a new blueprint for AI regulation, which aims to slash bureaucracy and ramp up the safe adoption of new and emerging technology to unlock potential and boost investment.
-
ArticleCalifornia may create whistleblower program to root out privacy law violations
A California privacy agency plans to seek a whistleblower law, to encourage corporate employees and others to step forward with complaints about egregious privacy violations at their workplaces.
-
News BriefCFPB proposes changes to equal credit opportunity act rules
The U.S. Consumer Financial Protection Bureau (CFPB) proposed a rule change that would narrow anti-discrimination requirements for the financial industry. This comes as the Trump administration attempts to shutter the agency may finally come to pass.