Better Markets filed a comment letter in response to the Securities and Exchange Commission’s proposal to establish comprehensive cybersecurity standards for registered advisers and registered investment companies.
Why It Matters. Despite the increasing number and sophistication of cyberattacks and data breaches in our financial markets, there are currently no rules that require advisers or funds to adopt and implement cybersecurity standards. As part of an adviser’s fiduciary responsibilities to their clients, they are required to take steps to protect their clients’ interests – including safeguarding their personal data and funds from loss due to cyberattack and data breaches. With more than $100 trillion in assets under management by more than 14,000 advisers across the industry, a cyberattack or data breach of only a small portion of those assets could have wide-ranging impacts on investors and financial stability more broadly.
What We Said. Broadly speaking, enhancing the cybersecurity resiliency of our financial markets and increasing transparency into the cyber risks facing registered investment advisers and registered investment companies is desperately needed in today’s digital economy. This proposal would accomplish both of these goals by ensuring that advisers and funds are properly mitigating the risks associated with cyberattacks and data breaches to safeguard investor’s data and funds. It would also increase information sharing between the private and public sectors to mitigate systemic risk. The SEC should move forward with its proposal and consider further enhancing disclosures to clients and investors and shortening the incident reporting window.
Bottom Line. Better Markets supports the Commission’s proposed rule to establish comprehensive cybersecurity standards for registered advisers and registered investment companies, which would further protect investors and advance financial stability in our capital markets.
Read our full Comment Letter here.