SEC proposes Reg S-P updates on incident response, breach notifications
By 
Kyle Brasseur2023-03-15T17:45:00
The Securities and Exchange Commission (SEC) on Wednesday proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.
The proposed amendments would update Regulation S-P to “address the expanded use of technology and corresponding risks” that have come with innovation since the rule was first adopted in 2000, the SEC said in a press release. The agency noted its proposed changes were informed by comments in response to an abandoned 2008 proposal to amend Reg S-P in a similar manner.
The new proposal will be subject to a 60-day comment period following publication in the Federal Register.
Related articles
-
News BriefSEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
News BriefFTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
-
PremiumSEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
More from Regulatory Policy
-
ArticleCalifornia privacy regulator unveils new cyber, risk, and automation rules
Businesses operating in California will need to meet new, first-in-the-nation privacy requirements for cybersecurity, risk assessments, and automated decision-making technology, under a large expansion of rules by the state.
-
Basic PageDOJ, EPA take legal action against the California Air Resources Board
The U.S. Department of Justice has filed two lawsuits against the California Air Resources Board, claiming it no longer has the legal right to enforce strict emissions rules for heavy-duty trucks.
-
PremiumCompliance in the spotlight as tariffs, sanctions turn into geopolitical weapons
Navigating tariffs and sanctions is becoming a core part of compliance for many companies. As the U.S. and others use economic policies for political aims, compliance teams must adapt to this new geoeconomic trend.