View Rule
View EO 12866 Meetings | Printer-Friendly Version Download RIN Data in XML |
SEC | RIN: 3235-AN15 | Publication ID: Spring 2023 |
Title: Cybersecurity Risk Management Rules for Broker-Dealers, Clearing Agencies, MSBSPs, the MSRB, National Securities Associations, National Securities Exchanges, SBSDRs, SBS Dealers, and Transfer Agents | |
Abstract:
The Division is considering recommending that the Commission adopt amendments to require that market entities address cybersecurity risks, to improve the Commission’s ability to obtain information about significant cybersecurity incidents impacting market entities, and to improve transparency about cybersecurity risk in the U.S. securities markets. The Commission proposed a new rule and form and amendments to existing recordkeeping rules to require broker-dealers, clearing agencies, major security-based swap participants, the Municipal Securities Rulemaking Board, national securities associations, national securities exchanges, security-based swap data repositories, security-based swap dealers, and transfer agents to address cybersecurity risks through policies and procedures, immediate notification to the Commission of the occurrence of a significant cybersecurity incident and, as applicable, reporting detailed information to the Commission about a significant cybersecurity incident, and public disclosures that would improve transparency with respect to cybersecurity risks and significant cybersecurity incidents. In addition, the Commission proposed amendments to existing clearing agency exemption orders to require the retention of records that would need to be made under the proposed cybersecurity requirements. Finally, the Commission proposed amendments to address the potential availability to security-based swap dealers and major security-based swap participants of substituted compliance in connection with those requirements. |
|
Agency: Securities and Exchange Commission(SEC) | Priority: Substantive, Nonsignificant |
RIN Status: Previously published in the Unified Agenda | Agenda Stage of Rulemaking: Final Rule Stage |
Major: Undetermined | Unfunded Mandates: No |
CFR Citation: 17 CFR 232.101 17 CFR 240.3a71-6 17 CFR 240.17a-4 17 CFR 240.17Ad-7 17 CFR 240.18a-6 17 CFR 240.18a-10 17 CFR 242.10 17 CFR 249.624 ... (To search for a specific CFR, visit the Code of Federal Regulations.) | |
Legal Authority: 15 U.S.C. 77c 15 U.S.C. 77f 15 U.S.C. 77g 15 U.S.C. 77h 15 U.S.C. 77j 15 U.S.C. 77s(a) 15 U.S.C. 77z-3 15 U.S.C. 77sss(a) 15 U.S.C. 78c(b) 15 U.S.C. 78l 15 U.S.C. 78m 15 U.S.C. 78n 15 U.S.C. 78o(d) 15 U.S.C. 78o-10 15 U.S.C. 78w(a) 15 U.S.C. 78ll 15 U.S.C. 80a-6(c) 15 U.S.C. 80a-8 15 U.S.C. 80a-29 15 U.S.C. 80a-30 15 U.S.C. 80a-37 15 U.S.C. 80b-4 15 U.S.C. 80b-10 15 U.S.C. 80b-11 15 U.S.C. 7201 et seq. 18 U.S.C. 1350 ... |
Legal Deadline:
None |
||||||||||||
Timetable:
|
Regulatory Flexibility Analysis Required: Yes | Government Levels Affected: None |
Small Entities Affected: Businesses | Federalism: No |
Included in the Regulatory Plan: No | |
RIN Data Printed in the FR: Yes | |
Agency Contact: Nina Kostyukovsky Attorney Securities and Exchange Commission 100 F Street NE, Washington, DC 20549 Phone:202 551-8833 Email: kostyukovskyn@sec.gov |