SEC proposes Reg S-P updates on incident response, breach notifications
By 
Kyle Brasseur2023-03-15T17:45:00
The Securities and Exchange Commission (SEC) on Wednesday proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.
The proposed amendments would update Regulation S-P to “address the expanded use of technology and corresponding risks” that have come with innovation since the rule was first adopted in 2000, the SEC said in a press release. The agency noted its proposed changes were informed by comments in response to an abandoned 2008 proposal to amend Reg S-P in a similar manner.
The new proposal will be subject to a 60-day comment period following publication in the Federal Register.
Related articles
-
News BriefSEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
News BriefFTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
-
PremiumSEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
More from Regulatory Policy
-
ArticleU.K. delays audit reforms even as regulator piles on financial pressure
Delays to the U.K.’s Audit Reform and Corporate Governance Bill and creation of the ARGA regulator have sparked criticism. On Sept. 8, 66 MPs sent a letter to the Prime Minister urging reforms be returned to the Parliamentary agenda.
-
News BriefFTC ends appeal over noncompete ban but seeks public input
The FTC officially withdrew its appeal in a federal court case over its ban on employer noncompete clauses that it passed last year. The agency, however, says it wants public input regarding the effects of employer noncompete agreements.
-
News BriefHospitals, health IT face HHS crackdown for blocking electronic records
The Department of Health and Human Services is stepping up its enforcement against hospitals and other health entities that block the sharing of electronic health records.