SEC scraps proposed cybersecurity rules for investment advisers, market participants

SEC scraps proposed cybersecurity rules for investment advisers, market participants

This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • The Securities and Exchange Commission has withdrawn proposed cybersecurity regulations for investment advisers and companies participating in securities markets.
  • The decisions, announced on Thursday with no explanation, mark potentially significant reversals of the commission’s plans to subject major financial entities to cyber requirements for the first time.
  • The rollbacks also raise questions about the now Republican-led SEC’s commitment to a cyber incident disclosure rule for public companies that the agency adopted in 2023 under Democratic leadership.

Dive Insight:

The SEC had proposed the now-scrapped rules over concerns that financial advisers and securities-market participants — like investment funds and clearing agencies — weren’t taking cybersecurity seriously enough, leaving their computer systems vulnerable to intrusions that could cost vast sums of money or profoundly undermine confidence in the U.S. financial system.

In proposing the rule for securities-market participants, the SEC noted that the financial-services sector faced digital threats from hackers who “use constantly evolving and sophisticated tactics, techniques, and procedures” and pose “a serious risk” to the financial system.

Similarly, in proposing the rule covering investment advisers, the commission said it was “concerned about the efficacy of adviser and fund practices industry-wide to address cybersecurity risks and incidents,” warning that current practices, including those surrounding incident disclosure, “may not adequately address investor protection concerns.”

It remains unclear why the SEC, now led by an appointee of President Donald Trump, has withdrawn the proposed cybersecurity regulations. The commission did not respond to a request for comment.

But the SEC’s new leadership has taken aim at several regulations that the commission proposed and adopted during the Biden administration, including a landmark climate disclosure rule. As with climate change, the Trump administration has opposed Biden-era efforts to address cybersecurity through regulation.

The SEC’s actions could embolden the financial services industry to press its case for the rescission of the cyber incident disclosure rule, which the industry has already identified as a major priority.


Source link