In a letter filed today with the Securities and Exchange Commission (SEC) in response to the Risk Management Proposal, the FIA Principal Traders Group (FIA PTG) recommended that the SEC:
- Prioritize critical operations as focus of rule scope and requirements.
- Take into account firm attributes, market structure and service provider due diligence mechanisms as part of reasonably designed policies and procedures.
- Leverage the Financial Services Information Sharing and Analysis Center (FS-ISAC) for incident reporting and threat analysis.
- Eliminate public disclosure requirements and associated risk in favor of Reg S-P customer notifications.
- Address implementation and enforcement concerns in the adopting release.
FIA PTG encouraged the SEC to consider their recommendations intended to focus the Proposal on critical operations and minimize the impact of cybersecurity incidents on the U.S. securities markets. FIA PTG said their recommendations seek to reduce cyber risk and manage the implementation burden of the Proposal.
