SEC Proposes Additional Requirements to Protect Consumer Financial Information

The Securities and Exchange Commission has proposed additional requirements for broker-dealers, investment companies, registered investment advisers and transfer agents (“covered institutions”) aimed at further protecting the privacy of consumer financial information. According to a fact sheet, the proposed rule would require covered institutions to

  • Adopt written policies and procedures for an incident response program to address unauthorized access to customer information,
  • Adopt written policies and procedures for timely notification to affected individuals in the event customer information is compromised, and
  • Broaden scope of information covered by the regulations’ requirements.

Comments can be submitted within 60 days of publication of the proposal in the Federal Register.