Last Thursday, the Securities and Exchange Commission unanimously proposed new rules to require certain key market participants to have comprehensive policies and procedures in place surrounding their technological systems.
The SEC’s proposal, which has been given the name "Regulation SCI" is intended to replace the current voluntary compliance program with enforceable rules designed to better insulate the markets from vulnerabilities posed by systems and technology issues.
Self-regulatory organizations, certain alternative trading systems, plan processors, and a number of exempt clearing agencies would be required to carefully design, develop, test, maintain, and conduct ongoing surveillance on the performance of systems that are integral to their operations. The proposed rules would require them to ensure their core technology meets standards which the SEC will determine, as well as requiring companies to conduct business continuity testing, and provide certain notifications in the event of systems disruptions and other events.
“While it’s not possible to prevent every technological error that market participants may commit, we must ensure that our regulations are designed to minimize their impact on our markets and ultimately investors,” said SEC Chairman Elisse B. Walter. “Reg SCI would provide more explicit technology and control standards to help ensure that our markets remain resilient against technological vulnerabilities.”
The SEC will seek public comment on Regulation SCI for 60 days following its publication in the Federal Register.