On February 9, 2022, the Securities and Exchange Commission (the “SEC”) voted 3 to 1 (Commissioner Peirce dissenting to propose cybersecurity risk management rules and amendments for registered investment advisers, registered investment companies and business development companies (the “proposal”). The proposed rules and amendments are designed to reduce cybersecurity risks to clients and investors and enhance the SEC’s ability to oversee advisers and funds. As proposed, the rules would require SEC-registered advisers and funds to adopt and implement written policies and procedures reasonably designed to address cybersecurity risks and registered advisers to confidentially report significant cybersecurity incidents to the SEC through a new Form ADV-C. In addition, the proposed rules would improve SEC-registered adviser and fund disclosures related to cybersecurity risks and incidents. The SEC is seeking comment from the public on the proposal. Consistent with Chair Gensler’s approach on several other recent rulemaking initiatives, the comment deadline is accelerated, with comments due on April 11, 2022 or 30 days after the proposal is published in the Federal Register, whichever is later.
Subscribe to stay current on S&C Insights.
Sending an e-mail through this web site does not create an attorney-client relationship. You should not send us any information through this web site that you would want treated confidentially.