Cybersecurity was the main topic during a two-hour oversight hearing of the US Securities and Exchange Commission held by the Senate Bank, Housing and Urban Affairs Committee.
Questions by committee members to SEC Chairman Jay Clayton, the hearing’s sole witness, bounced between the breach of the SEC’s EDGAR corporate filing platform and the hack of credit reporting firm Equifax that has affected an estimated 143 million US consumers.
A popular question posed by Committee Chairman Sen. Michael Crapo (R-ID) and Ranking Member Sen. Sherrod Brown (D-OH) regarded when the SEC first detected the EDGAR breach and why regulator’s waited until September 20 to disclose the event.
Jay Clayton, SEC
“We looked at the facts that we had and wanted to make a clear disclosure and one that was not misleading,” said Clayton. “We knew enough to make the disclosure.”
He also noted that the matter is subject to an ongoing internal and external investigations.
Sen. Brown and Sen. Mark Warner (D-VA) raised the issue that far too few companies are classifying cybersecurity breaches as material issues and disclose them publicly.
“In our research of 9,000 public companies, fewer than 100 companies felt that breaches reached material for disclosure,” said Warner.
Clayton agreed, adding that companies should be making more and better disclosure of cybersecurity incidents.
When asked by Warner whether the SEC’s Regulation System Compliance and Integrity should be expanded to venus like alternative trading systems, dark liquidity pools, and other venues, Clayton agreed that the SEC should look at those trading platforms on the same basis as those venues that fall under Reg SCI.
Several times during the hearing Clayton also allay the concerns of Chairman Carpo, Sen. Mike Rounds (R-SD), Sen. David Perdue (R-GA) over the data that the Consolidated Audit Trail will collect when the platform’s first phase goes live in November.
“We do not want to take data from the CAT unless we need it and can protect it,” he said.
Clayton demurred answering Sen. Joe Donnelly (D-IN). Sen Tim Scott (R-SC), and Sen Jon Tester’s question whether the SEC will approve the acquisition of the Chicago Stock Exchange by a group of investors led by Chongqing Casin Enterprise Group.
The SEC is approaching the decision in the style of rulemaking, explained Clayton.
“There were 140 days for review, and the appropriate division approved it,” he said. “Now the committee will review the approval.”
NEWSLETTER SIGN UP
And receive exclusive articles on securities markets
Pension funds, sovereign wealth funds, endowments and other institutional asset owners are sitting on vast troves of data -- but extracting value from that data is more challenging than ever.
#AssetOwners #DataQuality
Technology costs in asset management have grown disproportionately, but McKinsey research finds the increased spending hasn’t consistently translated into higher productivity.
#AI #Fiance
We're in the FINAL WEEK for the European Women in Finance Awards nominations – don't miss your chance to spotlight the incredible women driving change in finance!
#WomenInFinance #FinanceAwards #FinanceCommunity #EuropeanFinance @WomeninFinanceM
ICYMI: @marketsmedia sat down with EDXM CEO Tony Acuña-Rohter to discuss the launch of EDXM International’s perpetual futures platform in Singapore and what it means for institutional crypto trading.
Read the full interview: https://bit.ly/45xRUWh
Related articles
-
The SEC erased nearly a year’s worth of text messages sent and received by former Chair Gary Gensler.
-
The regulator's emails and email attachments were subject to unauthorized access.
-
PQC aims to strengthen communication and data security as quantum computing advances.
-
The DORA compliance deadline is just three months away.
-
Quantum computing poses a major cybersecurity concern as it can break cryptography & encryption algorithms.
We're Enhancing Your Experience with Smart Technology
We've updated our Terms & Conditions and Privacy Policy to introduce AI tools that will personalize your content, improve our market analysis, and deliver more relevant insights.These changes take effect on Aug 25, 2025.
Your data remains protected—we're simply using smart technology to serve you better. [Review Full Terms] | [Review Privacy Policy] By continuing to use our services after Aug 25, 2025, you agree to these updates.
