Cybersecurity was the main topic during a two-hour oversight hearing of the US Securities and Exchange Commission held by the Senate Bank, Housing and Urban Affairs Committee.
Questions by committee members to SEC Chairman Jay Clayton, the hearing’s sole witness, bounced between the breach of the SEC’s EDGAR corporate filing platform and the hack of credit reporting firm Equifax that has affected an estimated 143 million US consumers.
A popular question posed by Committee Chairman Sen. Michael Crapo (R-ID) and Ranking Member Sen. Sherrod Brown (D-OH) regarded when the SEC first detected the EDGAR breach and why regulator’s waited until September 20 to disclose the event.
Jay Clayton, SEC
“We looked at the facts that we had and wanted to make a clear disclosure and one that was not misleading,” said Clayton. “We knew enough to make the disclosure.”
He also noted that the matter is subject to an ongoing internal and external investigations.
Sen. Brown and Sen. Mark Warner (D-VA) raised the issue that far too few companies are classifying cybersecurity breaches as material issues and disclose them publicly.
“In our research of 9,000 public companies, fewer than 100 companies felt that breaches reached material for disclosure,” said Warner.
Clayton agreed, adding that companies should be making more and better disclosure of cybersecurity incidents.
When asked by Warner whether the SEC’s Regulation System Compliance and Integrity should be expanded to venus like alternative trading systems, dark liquidity pools, and other venues, Clayton agreed that the SEC should look at those trading platforms on the same basis as those venues that fall under Reg SCI.
Several times during the hearing Clayton also allay the concerns of Chairman Carpo, Sen. Mike Rounds (R-SD), Sen. David Perdue (R-GA) over the data that the Consolidated Audit Trail will collect when the platform’s first phase goes live in November.
“We do not want to take data from the CAT unless we need it and can protect it,” he said.
Clayton demurred answering Sen. Joe Donnelly (D-IN). Sen Tim Scott (R-SC), and Sen Jon Tester’s question whether the SEC will approve the acquisition of the Chicago Stock Exchange by a group of investors led by Chongqing Casin Enterprise Group.
The SEC is approaching the decision in the style of rulemaking, explained Clayton.
“There were 140 days for review, and the appropriate division approved it,” he said. “Now the committee will review the approval.”
NEWSLETTER SIGN UP
And receive exclusive articles on securities markets
It's been a month since we had our Women In Finance Awards in New York City at the Plaza! Take a look back tab some moments, and nominate for our upcoming awards in Mexico City and Singapore here: https://www.marketsmedia.com/category/events/
4
Citadel Securities told the SEC that trading tokenized equities should remain under existing market rules, a position that drew responses from various crypto industry groups. @ShannyBasar for @MarketsMedia:
SEC Commissioner Mark Uyeda argued that private assets belong in retirement plans, saying diversified alts can improve risk-adjusted returns and that the answer to optimal exposure “is not zero.” @ShannyBasar reporting for @MarketsMedia:
COO of the Year Award winner! 🏆
Discover how Jennifer Kaiser of Marex earned the 2025 Women in Finance COO of the Year recognition.
Related articles
-
The SEC erased nearly a year’s worth of text messages sent and received by former Chair Gary Gensler.
-
The regulator's emails and email attachments were subject to unauthorized access.
-
PQC aims to strengthen communication and data security as quantum computing advances.
-
The DORA compliance deadline is just three months away.
-
Quantum computing poses a major cybersecurity concern as it can break cryptography & encryption algorithms.