The Securities and Exchange Commission plans to propose at its open meeting on Feb. 9 new cybersecurity rules for advisors, to shorten the settlement cycle for most securities transactions as well as propose amendments to its whistleblower rules.
According to the meeting agenda, the commission will consider whether to propose new rules to address cybersecurity risk management for registered investment advisors and investment companies as well as related amendments to certain rules regarding advisor and fund disclosures under the Investment Advisers Act of 1940 and the Investment Company Act of 1940.
SEC Chairman Gary Gensler said on Jan. 24 that he wants advisors and broker-dealers to improve their "cyber hygiene" as well as their data privacy disclosures.
Investment companies, investment advisors and broker-dealers — which are not covered by the SEC's Regulation Systems Compliance and Integrity, or Reg SCI — must "comply with various rules that may implicate their cybersecurity practices, such as books-and-records, compliance, and business continuity regulations," Gensler said in a speech at the Northwestern Pritzker School of Law's 2022 Securities Regulation Institute.
Gensler stated that he'd asked SEC staff to make recommendations for the commission's consideration "around how to strengthen financial sector registrants' cybersecurity hygiene and incident reporting."