The Securities and Exchange Commission today proposed amendments to expand and update Regulation Systems Compliance and Integrity (SCI), the set of rules adopted in 2014 to help address technological vulnerabilities in the U.S. securities markets and improve Commission oversight of the core technology of key U.S. securities markets entities (SCI entities).
“I am pleased to support this proposal because, consistent with maintaining orderly markets, these amendments would help promote the capacity, integrity, resiliency, availability, and security of critical intermediaries,” said SEC Chair Gary Gensler. “Technology plays an expansive and expanding role supporting our market systems, and our markets would benefit if we updated Reg SCI to reflect those changes. I think it’s important also to broaden Reg SCI to include a number of key market participants and enhance the standards those market participants must meet. Taken together, these amendments would make key market participants more robust, resilient, and secure. That benefits our markets.”
Trading and technology have evolved since Regulation SCI’s adoption in 2014. The growth in electronic trading allows ever-increasing volumes of securities transactions in a broader range of asset classes at increasing speed by competing trading platforms, including those offered by broker-dealers that play multiple roles in the markets. New types of registered entities that are highly dependent on interconnected technology have entered the markets. The prevalence of remote workforces and increased outsourcing to third party providers continue to drive the markets’ and market participants’ reliance on new and evolving technology.
To reflect technological developments in the markets, the proposed amendments would expand the scope of SCI entities to include registered security-based swap data repositories; all clearing agencies that are exempt from registration; and certain large broker-dealers, in particular, those that exceed a total assets threshold or a transaction activity threshold in national market system stocks, exchange-listed options contracts, US Treasury securities, or Agency securities.
The proposed amendments would also strengthen the requirements Regulation SCI imposes on SCI entities, including by requiring that an SCI entity’s policies and procedures include the maintenance of a written inventory and classification of all SCI systems and a program for life cycle management; a program to prevent the unauthorized access to such systems and information therein; and a program to manage and oversee certain third-party providers, including cloud service providers, of covered systems.
The proposed amendments would also expand the types of SCI events experienced by an SCI entity that would trigger immediate notification to the Commission, update the rule’s annual SCI review and business continuity and disaster recovery testing requirements, and update certain of the regulation’s recordkeeping provisions.
The proposing release will be published in the Federal Register. The public comment period will remain open until 60 days after the date of publication of the proposing release in the Federal Register.