New Rule to Protect Client Privacy in the Age of Cyber Threats

  • SEC announces amendments to Regulation S-P requiring RIAs and brokers to notify clients of data breaches
  • Larger entities have 18 months to comply, smaller ones get a two-year period
  • Incident-response plans must be developed for detecting, preventing, and responding to cyberattacks

The Securities and Exchange Commission (SEC) has announced amendments to Regulation S-P, a privacy rule adopted in 2000 that governs how certain financial institutions handle consumer data. The updated rule requires investment advisors, broker-dealers, fund companies, and transfer agents to notify clients of any data breaches affecting their personal information within 30 days. Larger entities will have 18 months to comply, while smaller ones get a two-year period. The amendments also mandate incident-response plans for detecting, preventing, and responding to cyberattacks.

Factuality Level: 8
Factuality Justification: The article provides accurate and objective information about the updated Regulation S-P rule by the Securities and Exchange Commission (SEC) regarding data breach notifications for investment advisors, broker-dealers, and fund companies. It includes relevant details such as compliance periods for different entity sizes, the SEC Chairman’s statement, and Commissioner Hester Peirce’s support with a minor concern about potential overload of breach notices. The article is well-structured and informative without any significant issues related to digressions, misleading information, or personal perspectives presented as facts.
Noise Level: 6
Noise Justification: The article provides relevant information on the updated Regulation S-P rule by the Securities and Exchange Commission (SEC) regarding data breach notifications for investment advisors, broker-dealers, and fund companies. It includes quotes from SEC Chairman Gary Gensler and Commissioner Hester Peirce discussing the importance of protecting consumer privacy and potential concerns about the scope of the rule. However, it lacks in-depth analysis or exploration of long-term trends or consequences of the decision on those who bear the risks.
Key People: Gary Gensler (SEC Chairman), Hester Peirce (Commissioner)

Financial Relevance: Yes
Financial Markets Impacted: Investment advisors, broker-dealers, and fund companies
Financial Rating Justification: The article discusses the Securities and Exchange Commission’s (SEC) amendments to Regulation S-P, which affects investment advisors, broker-dealers, and fund companies. The rule requires these firms to notify clients of data breaches that could have compromised their personal information and develop incident-response plans for cyberattacks or data breaches. This has implications on the financial industry as it relates to consumer privacy and data security, which can impact the companies’ reputation and potentially their stock prices.
Presence Of Extreme Event: No
Nature Of Extreme Event: Other
Impact Rating Of The Extreme Event: No
Extreme Rating Justification: There is no extreme event mentioned in the text.

Reported publicly: www.barrons.com