The US Securities and Exchange Commission (SEC) has proposed new rules to improve the securities market’s resilience against cybersecurity risksdata loss and system failure

The proposed rules specify how market entities such as broker-dealers and clearing agencies need to respond to hacking incidents and safeguard consumer data.

They also govern how stock exchanges, transaction clearing houses, and other entities that are important to the country’s economic security should protect themselves against system failure. 

All market entities would need to develop policies and processes that are reasonably intended to mitigate their cybersecurity risks under the proposed regulations.

They should also review and evaluate the effectiveness of their cybersecurity policies and processes at least once a year.

SEC chair Gary Gensler said: “The nature, scale, and impact of cybersecurity risks have grown significantly in recent decades. Investors, issuers, and market participants alike would benefit from knowing that these entities have in place protections fit for a digital age.”

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Under the proposal, broker-dealers, investment companies, registered investment advisers, and transfer agents will have to notify individuals affected by data breaches.

According to the current legislation, covered businesses must inform clients on how they utilise their financial information.

Gensler said: “I think we should close this gap. Thus, under our proposal, covered firms would be required to notify customers of breaches that might put their personal financial data at risk.”

Furthermore, the SEC has suggested changes to the Regulation Systems Compliance and Integrity (SCI) to address technological flaws in the securities markets and enhance control of the core technology of important US securities market firms.