X

SEC Sets Comment Deadline on Cybersecurity Proposal

Comments are due by May 22, 2023 on an SEC proposal that would implement cybersecurity risk management and reporting requirements. The comment deadline was published in the Federal Register.

As previously covered, the proposal would apply to registered investment advisers, registered investment companies and business development companies and would amend certain rules that govern investment adviser and fund disclosures. The proposed rules would require:

  • advisers and funds to adopt and implement written policies reasonably designed to address cybersecurity risks;
  • advisers to report significant cybersecurity incidents to the SEC on proposed form ADV-C; and
  • advisers and funds to create cybersecurity-related books and records.

The proposal would expand adviser and fund disclosures relating to cybersecurity risks and incidents.

The SEC stated that the proposal is intended to improve the SEC’s ability to assess systemic risk resulting from cyber incidents (see also previous coverage).

Primary Sources

  1. SEC Proposed Rule; Reopening of Comment Period: Cybersecurity Risk Management for Investment Advisers, Registered Companies, and Business Companies; Reopening of Comment Period
  2. Federal Register: Cybersecurity Risk Management for Investment Advisers, Registered Investment Companies, and Business Development Companies; Reopening of Comment Period

Related Articles

  • SEC Proposes Buy-Side Cybersecurity Rules

    The SEC proposed cybersecurity risk management and reporting requirements that would be applicable to registered investment advisers, registered investment companies and business development companies. The SEC also proposed amendments to certain rules that govern investment adviser and fund disclosures.

Premium Content

Available only to Premium subscribers.

 

Join Premium

US Regulatory Intelligence combines regulatory and enforcement news, analysis, and practical work tools on an easy-to-use digital platform.

Request a Free Trial

Tags

Regulated Activities
Data Protection / Cybersecurity
Regulated Entities
Adviser / CTA / CPO Investment Funds (SEC Registered)
Sub-Entity
BDCs
Body of Law
Securities Law
Jurisdiction
US - Federal
Organization
SEC