SEC: Put Information Disposal Rules In Writing

September 20, 2004 at 08:00 PM
Share & Print

The U.S. Securities and Exchange Commission wants investment advisors and other companies it regulates to put their procedures for disposing of personal consumer report information in writing.[@@]

The SEC already has proposed a regulation, Regulation S-P, that would implement Section 216 of the federal Fair and Accurate Credit Transactions Act of 2003. The proposed regulation would require companies that the SEC oversees to take proper precautions to keep discarded consumer information out of the hands of stalkers and identity thieves.

The SEC says it now has decided to add amendments to the proposed regulation that would require the policies and procedures adopted under the safeguard rule to be in writing.

"Since 2001, our staff has examined brokers, dealers, investment companies and registered investment advisers for their compliance with the safeguard rule," SEC officials write in a discussion of the proposed rule amendments that appear today in the Federal Register. "In the course of these examinations, our staff has identified firms that lack written policies and procedures that address the safeguarding of consumer information and records."

About 10% of the SEC-regulated firms that should be complying with FACT appear to lack written consumer information disposal policies, the officials estimate in a section of the notice that discusses the costs and benefits of the proposed amendments.

Officials estimate complying with the amendments will lead affected companies to devote about 277,000 hours per year to developing, reviewing and updating their consumer information disposal policies and procedures.

"We believe it is very unlikely that a firm of any size and complexity could adequately safeguard customer information and records without written policies and procedures," the SEC officials write. "At a minimum, we believe the proposed amendment would benefit firms because written policies and procedures will (i) eliminate uncertainty as to what actions an employee must take to protect customer records and information, and (ii) promote more systematic and organized reviews of safeguard policies and procedures by firms."

Comments on the proposed amendments are due Oct. 20.

The SEC has posted more information about the proposed amendments at //a257.g.akamaitech.net/7/257/2422/06jun20041800/edocket.access.gpo.gov/2004/pdf/04-21031.pdf

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Related Stories

Resource Center