Menu
Banking Exchange Magazine Logo
Menu

Banks Call for Changes to SEC Cybersecurity Proposals

The regulator’s proposals do not take into account other policy goals, according to a trade body coalition

  • |
  • Written by  Banking Exchange staff
Banks Call for Changes to SEC Cybersecurity Proposals

A coalition of banking sector trade bodies have written to the SEC calling for changes to its planned new rulebook on cybersecurity.

The Bank Policy Institute (BPI), the American Bankers Association (ABA), the Independent Community Bankers of America and the Mid-Sized Bank Coalition of America, collectively expressed support for the proposals but warned that they “insufficiently take into account other policy goals”.

According to the letter, targets such as ensuring the cybersecurity of parties, protecting the soundness of financial institutions, and identifying and punishing perpetrators of cybercrime, were not met.

The coalition stated that the timing and content requirements for incident disclosures were made “without sufficient regard” of potential security risks.

The letter stated: “Specifically, the very fact of disclosure that a cybersecurity incident is ongoing and unremediated may adversely impact a registrant’s ability to effectively respond to and remediate the incident, and significantly exacerbate the resulting risks and harms to the registrant and its shareholders, customers, and others.”

The organizations also stated that periodic disclosures should not be required to reveal the nature or status of remediation activities, including alterations to cybersecurity policies. They claimed that publishing such details would “assist” threat perpetrators who will look for ways to comprise information systems.

They also took issue with the proposed requirement for banks to disclose details of their selection and oversight of third-party entities, including contractual requirements used to tackle security risks.

The letter said banks “should only be required to disclose high-level information, including confirmation that policies and procedures are appropriately applied to third-party selection and ongoing oversight”.

The SEC recently doubled its digital finance oversight team, with the addition of 20 new staff to the newly-rebranded Crypto Assets and Cyber Unit, a part of its enforcement division.

back to top

Sections

About Us

Connect With Us

Resources

Technology is rapidly changing the way accountants perform and manage month-end activities. Spreadsheets, email, and shared drives no longer should slow us down. Automation generally supercharges any process and brings its value to the forefront. To get to the next level of closing, automation is a must so that repetitive, predictable, and laborious tasks can be automated.

Join us as we present a "sneak peek" into SkyStem's month-end close solution – ART. In under four weeks, your team can start reaping the benefits of month-end close automation by vastly reducing spreadsheets, cut down on reconciliation work, speed up the month-end close, and better manage your remote team.

Some results our customers have enjoyed include:

REGISTER NOW!

This webinar is brought to you by:
skystem logo