Skip to main content

What We Do

October 24, 2024

SEC Must Require that Broker-Dealers and Investment Advisers Have Cybersecurity Programs to Protect Investors

Better Markets filed a Supplemental Comment Letter to the Securities and Exchange Commission (SEC) regarding the SEC’s proposed cybersecurity rules for broker-dealers and cybersecurity rules for investment advisers.

Why It Matters. The SEC has already taken some measures to safeguard investors from data breaches.  Earlier this year, the SEC finalized a rule to require that financial institutions better secure the sensitive personal information of their customers.  And in 2023, the SEC finalized a rule requiring that public companies disclose significant cybersecurity incidents and inform investors about their policies and procedures regarding cybersecurity risk management. It is now time for the SEC to adopt rules that specifically address the cybersecurity programs at broker-dealers and investment advisers. Such rules would ensure that these firms have cybersecurity programs to better insulate investors from the risks of cyberattacks.

What We Said. The threat financial firms face from cyberattacks increases each day. As our comment letter shows, the fact that broker-dealers and investment advisers acquire sensitive personal information from their customers and clients makes them an inviting target for cybercriminals. For this reason, it is essential that the SEC adopt rules requiring that broker-dealers and investment advisers have policies and procedures governing cybersecurity.

Bottom Line. The SEC clearly recognizes the importance of cybersecurity at broker-dealers and investment advisers. Its Division of Examinations recently released its priorities for 2025, and those priorities include a focus on the cybersecurity practices of broker-dealers and investment advisers. The Division’s goal with its focus on cybersecurity is to prevent interruptions to mission-critical services and to protect investor information, records, and assets. The SEC would be best positioned to accomplish this goal by supplementing its exam program with rules imposing cybersecurity requirements on broker-dealers and investment advisers. The fact that no SEC rules currently require broker-dealers or investment advisers to have comprehensive cybersecurity programs must be remedied.

Better Markets Supplemental Comment Letter
Comment Letters
Share

Donate Today!

Donate

Contact Us

For media inquiries, please contact press@bettermarkets.org or 202-618-6433.

To sign up for our email newsletter, please visit this page.

Name(Required)
This field is for validation purposes and should be left unchanged.

Sign Up — Stay Informed With Our Monthly Newsletter

"* (Required)" indicates required fields

This field is for validation purposes and should be left unchanged.

For media inquiries,

please contact press@bettermarkets.org or 202-618-6433.

Donate

Help us fight for the public interest in our financial markets, protecting Main Street from Wall Street and avoiding another costly financial collapse and economic crisis, by making a donation today.

Donate Today