Co-authored by James M. Brady.
On March 8, the Securities and Exchange Commission proposed Regulation Systems Compliance and Integrity (Regulation SCI), which would require certain self-regulatory organizations, alternative trading systems, plan processors and exempt clearing agencies (SCI Entities) to comply with certain requirements with respect to their technology systems. Proposed Regulation SCI would supersede and replace the SEC’s current Automation Review Policy.
Under the proposed regulation, SCI Entities must establish written policies and procedures to ensure that their technology systems have adequate levels of capacity, integrity, resiliency, availability and security. SCI Entities must also require participation by designated members and participants in testing the SCI Entities’ business continuity and disaster recovery plans, and coordinate such testing with other SCI Entities. Upon the occurrence of certain events, including systems disruptions, systems compliance issues and systems intrusions, SCI Entities must file proposed Form SCI with the SEC and take appropriate corrective action.
Comments should be submitted on or before 60 days after the proposed rules are published in the Federal Register.
The text of the proposed rules is available here.