New SEC proposals and reopening of comment period

On March 15, 2023, the SEC proposed three rules related to cybersecurity risks and data breaches.

Proposed Enhancements to Regulation S-P would require broker-dealers, certain investment companies, registered investment advisers, and transfer agents to notify individuals affected by certain types of data breaches.

Addressing Cybersecurity Risks to the U.S. Securities Markets would require certain entities that are considered to perform critical services to support the US securities markets to establish, maintain, and enforce written policies and procedures that are reasonably designed to address their cybersecurity risks.

Proposed Expansion and Updates to Regulation SCI would expand the scope of entities subject to Regulation Systems Compliance and Integrity (SCI) and update certain of Regulation SCI's requirements.

Due to these new cyber-related rule proposals, the SEC reopened the comment period on proposed rules and amendments related to cybersecurity risk management and cybersecurity-related disclosure for registered investment advisers, registered investment companies, and business development companies, which had closed in April 2022.

Comments on each of these proposals and the reopened proposal are due 60 days after the date of publication in the Federal Register.

Welcome to Viewpoint, the new platform that replaces Inform. Once you have viewed this piece of content, to ensure you can access the content most relevant to you, please confirm your territory.

signin option menu option suggested option contentmouse option displaycontent option contentpage option relatedlink option prevandafter option trending option searchicon option search option feedback option end slide