Two men share securities regulation news

Breaking news and expert analysis on legal and compliance issues

[Back To Home][Back To Archives]

From Securities Regulation Daily, October 4, 2017

FSC questions SEC head on cybersecurity, IPOs, DOL rule

By Amy Leisinger, J.D.

The House Financial Services Committee today heard testimony from SEC Chairman Jay Clayton on a plethora of securities regulation topics and issues currently facing the financial industry. In the midst of outlining his plans for the Commission going forward, the chairman faced numerous questions on the recently disclosed breach of the agency’s EDGAR system and the SEC’s planned approach to general cybersecurity issues. Committee members also asked how the agency will respond to the drop in initial public offerings and whether the Commission agrees with the Department of Labor’s fiduciary rule and/or favors a uniform approach to the standards of conduct for broker-dealers and investment advisers.

SEC agenda. According to Clayton, the Commission has four main areas on which it will focus more resources in the near future: (1) cybersecurity; (2) retail investor protection; (3) market integrity; and (4) capital formation. The SEC’s mission to protect investors, maintain fair and efficient markets, and facilitate capital formation will be the touchstone, he said, and all analysis will start and end with the long-term interests of the average investors—those he termed "Mr. and Ms. 401(k)." "As markets evolve, so must the Commission," he explained, and this will require both retrospection and introspection to achieve effective balancing of compliance burdens and the information necessary to investors, such as the upcoming open meeting to discuss simplification of Regulation S-K disclosures. Rulemaking should not end with the adoption of a rule, Clayton stated, and internal cooperation and coordination with other lawmakers and regulators will be crucial in serving American investors.

Cybersecurity. The issue hit hardest by committee members was the recently disclosed 2016 breach of the Commission’s EDGAR system. In his remarks, Clayton explained that the intrusion into the test filing component of the system, which appears to have been caused by the exploitation of a defect in custom software within the EDGAR system, provided access to nonpublic filing information and may have provided a basis for illicit trading gains. When the problem was originally discovered, the SEC Office of Information Technology took steps to fix it and reported the incident to the Department of Homeland Security, the chairman noted.

Representative Carolyn Maloney (D-NY) asked what measures are being taken to protect the agency going forward, and Clayton noted possible improvements to the SEC’s incident response plan and its search for a Chief Risk Officer to guide the agency more specifically on cybersecurity issues. The Commission expects to continue to add resources to its cybersecurity efforts to review all systems that hold market sensitive data or personally identifiable information, he explained.

As efforts progress, FSC Chairman Jeb Hensarling (R-Texas) urged the chairman to delay implementation of the consolidated audit trail until controls are in place to protect the data; similarly, Rep. Andy Barr (R-Ky) urged postponement of the new monthly mutual fund portfolio disclosure requirements. Clayton stressed that the SEC recognizes the sensitivity of this information and considers whether the agency truly needs the data and can protect it prior to taking possession of it. In response to FSC Ranking Member Maxine Waters’ (D-Calif) question as to whether the Commission has the resources it needs to complete its cybersecurity efforts, the chairman noted that the SEC will request a 7-percent budget increase for FY 2019 primarily to address these and related market integrity and retail fraud concerns. Concentration on cybersecurity issues cannot lessen focus on other important market oversight initiatives, Clayton explained.

IPO decline. Hensarling expressed concern regarding the decline in the total number of companies choosing to go public, and Clayton agreed with his sentiments, noting that this shift results in fewer investment opportunities for Main Street investors. According to Clayton, the public capital markets are less attractive to growing businesses, likely due to the fact that compliance and oversight dynamics between private and public markets are out of sync. The same regime applies to all public companies and all IPOs, and this approach may not be appropriate, the agency head opined. "A one size regulatory structure does not fit all," as evidenced by the use of the scaled disclosure obligations and regulatory system provided under the JOBS Act, he explained.

DOL fiduciary rule. A number of committee members also questioned the SEC chairman on the DOL’s fiduciary rule and its current delay. Representative Ann Wagner (R-Mo) asked whether broker-dealers and investment advisers should be subject to the same standard, as opposed to a bifurcated approach. Ultimately, Clayton explained, investors need choices, both among service providers and with regard to investment products. The SEC and the DOL have different statutory mandates, but action by one in this area is inevitably going to affect the other’s regulated entities. The keys will be clarity, consistency, and coordination: standards must be clear to investors, consistent across asset types, and coordinated among regulatory entities. As part of tailoring the proper approach, the SEC staff is currently reviewing over 150 comments made in response to a June 2017 statement seeking public input on standards of conduct, Clayton said.

Other areas of concern. The committee also questioned Clayton on a number of other regulatory issues ranging from board diversity and related disclosure obligations, the potential conflicts between the EU’s MiFID II and domestic requirements concerning the treatment of commissions and research payments, and the interrelation of state regulatory obligations and SEC mandates. In particular, several committee members addressed the evolution of Fintech and initial coin offerings and potential regulatory approaches. Clayton noted that new products sometimes create new avenues for old frauds and that the Commission needs to be ready to respond. Enforcement may not always be the answer, he explained, and, as such, the SEC has issued a report listing various potential pitfalls involved with Fintech and stressing the potential need for an exemption when a cryptocurrency arguably meets the definition of a security. While it is crucial to ensure that these types of offerings are done correctly, we also need to find an efficient way for the average American to participate in this marketplace, he stated.

MainStory: TopStory BrokerDealers CyberPrivacyFeed FedTracker Securities FiduciaryDuties InvestmentAdvisers IPOs JOBSAct PublicCompanyReportingDisclosure RiskManagement SECNewsSpeeches SecuritiesOfferings TrumpAdministrationNews

Back to Top

Securities Regulation Daily

Introducing Wolters Kluwer Securities Regulation Daily — a daily reporting service created by attorneys, for attorneys — providing same-day coverage of breaking news, court decisions, legislation, and regulatory activity.

A complete daily report of the news that affects your world

  • View full summaries of federal and state court decisions.
  • Access full text of legislative and regulatory developments.
  • Customize your daily email by topic and/or jurisdiction.
  • Search archives for stories of interest.

Not just news — the right news

  • Get expert analysis written by subject matter specialists—created by attorneys for attorneys.
  • Track law firms and organizations in the headlines with our new “Who’s in the News” feature.
  • Promote your firm with our new reprint policy.

24/7 access for a 24/7 world

  • Forward information with special copyright permissions, encouraging collaboration between counsel and colleagues.
  • Save time with mobile apps for your BlackBerry, iPhone, iPad, Android, or Kindle.
  • Access all links from any mobile device without being prompted for user name and password.