SEC proposes Reg S-P updates on incident response, breach notifications
By 
Kyle Brasseur2023-03-15T17:45:00
The Securities and Exchange Commission (SEC) on Wednesday proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.
The proposed amendments would update Regulation S-P to “address the expanded use of technology and corresponding risks” that have come with innovation since the rule was first adopted in 2000, the SEC said in a press release. The agency noted its proposed changes were informed by comments in response to an abandoned 2008 proposal to amend Reg S-P in a similar manner.
The new proposal will be subject to a 60-day comment period following publication in the Federal Register.
Related articles
-
News BriefSEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
News BriefFTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
-
PremiumSEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
More from Regulatory Policy
-
ArticleDOJ is ramping up, not ramping down, health care fraud enforcement
While the Trump administration may have shifted away from pursuing small, white-collar, financial crimes, its focus on health care fraud cases is as hot as ever.
-
ArticleU.K. enforcement appetite over off-channel comms grows as U.S. wanes
The U.K’.s financial regulator has given a strong indication that financial firms’ use of unauthorized devices and apps is under scrutiny and that policies around off-channel communications need to be tightened up.
-
ArticleFinCEN seeks to lighten the regulatory load on casinos
Regulatory relief from anti-money laundering rules is in the cards for casinos, insurance companies and other non-bank financial institutions, the U.S. Treasury Department’s Treasury’s Financial Crimes Enforcement Network (FinCEN) said Monday.