SEC Proposed Rule: Improving Systems Compliance and Integrity
|FINAL RULE: This page refers to the proposed Regulation SCI from March 2013. For a summary of the final rule, click here.|
|Proposal Date||Comment Deadline||Final Rule Issue||Effective Date|
|March 25, 2013||July 8, 2013||November 19, 2014||February 3, 2015|
At a March 7, 2013 meeting, the Securities and Exchange Commission proposed its Regulation SCI, improving system compliance and integrity. Under the proposed rules, self-regulatory organizations, certain alternative trading systems, plan processors, and certain exempt clearing agencies would be required to carefully design, develop, test, maintain, and surveil systems that are integral to their operations.<ref>SEC Proposes Rules to Improve Systems Compliance and Integrity. SEC. Retrieved on March 8, 2013.</ref>
The proposed rule entered the Federal Register on March 25, 2013. The deadline for public comment was July 8, 2013. Comments may be viewed HERE.
After the May 6, 2010 "flash crash," the Joint CFTC-SEC Advisory Committee on Emerging Regulatory Issues was formed in order to address market structure and regulatory issues that may contribute to volatility. On February 18, 2011, the committee issued its recommendations regarding a regulatory response to the flash crash. In response to the recommendations, the SEC has finalized regulations on risk management controls on participants with direct market access and on a consolidated audit trail system.
This rule would require certain participants, specifically national securities exchanges, significant alternative trading systems, clearing agencies, and plan processors (disseminators of market data), to develop and adhere to certain policies, procedures and technology standards, and conduct business continuity testing with their members or participants. Previously, rather than mandatory rules, such participants have followed a voluntary set of principles articulated in the SEC’s Automation Review Policy (ARP) and participated in the ARP Inspection Program.
In October 2012, the SEC held a roundtable on automated trading systems and how a regulatory structure could be implemented. (View Roundtable Summary).
Summary of the Rule
The proposed provisions would apply primarily to the systems of SCI entities that are core to the functioning of the securities markets, such as those that directly support trading, clearance and settlement, order routing, market data, regulation, or surveillance. Among the provisions are requirements to:<ref>SEC Proposes Rules to Improve Systems Compliance and Integrity. SEC. Retrieved on March 8, 2013.</ref>
- Establish policies and procedures relating to the capacity, integrity, resiliency and security of its technology systems.
- Establish policies and procedures to ensure its systems operate in the manner intended, including in compliance with relevant federal securities laws and rules.
- Take timely corrective action in response to systems disruptions, systems compliance issues and systems intrusions.
- Notify and provide the SEC with detailed information when such systems issues occur as well as when there are material changes in its systems. Written notices would be filed electronically on new Form SCI.
- Inform its members or participants about certain systems problems and provide information about the systems and market participants affected by the problem and the progress of corrective action.
- Conduct an annual review of its compliance with Regulation SCI, and submit a report of the annual review to its senior management and the SEC.
- Designate certain individuals or firms to participate in the testing of its business continuity and disaster recovery plans at least once annually, and coordinate such testing with other entities on an industry- or sector-wide basis.
- Provide SEC staff with access to its systems to assess compliance with Regulation SCI.
Related Document: Proposed Rule