Now that you’ve seen what ACA Insight has to offer, don’t be without it. Subscribe now!

The weekly news source for investment management legal and compliance professionals

Current subscribers - please log in to the website in the upper right-hand corner

News October 30, 2017 Issue

SEC Nominees Offer Guarded Views on Cybersecurity, Rules and Enforcement

One typically does not learn a great deal about nominees for public posts, like serving as an SEC commissioner, at the Senate confirmation hearings. They are, after all, not unlike job interviews and the candidates’ main goal is to get confirmed – so answers tend to be carefully worded and designed not to raise eyebrows. That said, some sense of where candidates stand tends to come through.

Such was the case with the October 24 confirmation hearings for SEC commissioner nominees Robert Jackson and Hester Peirce. They, along with David Ryder, the nominee to be director of the United States Mint, were questioned for about two hours by the Senate Banking Committee. The consensus of the committee, as  expressed by committee chair Senator Mike Crapo (R-ID), was that they were "strong candidates" and "will have the support of the Senate."

Should Jackson and Peirce be approved, they will join SEC chair Jay Clayton and existing commissioners Michael Piwowar and Kara Stein, bringing the Commission up to full strength for the first time in months. Jackson, a Columbia University law professor, was nominated by President Donald Trump on August 31 to fill a traditionally Democratic seat on the Commission, while Peirce, a former staff attorney at the SEC’s Division of Investment Management, was nominated by Trump on July 19 to fill the traditionally Republican seat. She is currently a director at George Mason University’s Mercatus Center.

"Barring unforeseen circumstances, it appears likely that both nominees will be approved by the Senate sometime in the not-too-distant future," said Ropes & Gray counsel David Tittsworth. "If and when that happens, the SEC will operate with a full complement of five commissioners for the first time since commissioners Daniel Gallagher and Luis Aguilar left at the end of 2015."

That said, the Commission will be at full strength only for a short time. Stein’s term has already expired, but she can retain her seat into 2018. Piwowar’s term also expires that year. Their absence will return the Commission to just three members. Should Trump then nominate two more commissioners and they are approved, he will have named all five members of the body.

That’s not unusual, though, said Proskauer partner and former SEC Division of Investment Management deputy director Robert Plaze. "President [Barack] Obama appointed all five over his two terms," he noted. "For some time now, the commissioners have been selected primarily by the Democratic and Republican leaders in the Senate and reflect the different views of the Congressional parties rather than the President who appointed them." "The challenge for Clayton (like his recent predecessors) will be to manage the conflicting views."

Cybersecurity and the CAT

Jackson listed cybersecurity as the top priority (followed by completion of outstanding Dodd-Frank rules, and enforcement) he believes the agency should address. "I think recent events, both at the SEC and [at] public companies, have taught us that we’ve got some work to do . . . in making sure that our securities rules and our securities regulators have the tools and technologies in place to keep up with the changing marketplace." Peirce also noted that "recent events suggest that cybersecurity will be an important area for us to keep an eye on."

Among the cybersecurity events that have occurred recently have been the Equifax breach and the penetration of the SEC’s own data base.

Jackson, when asked by Senator Jack Reed (D-RI) whether the SEC would need significant resources" to address cybersecurity, replied that it would. "The reason . . . is that companies are spending, the markets that the SEC hopes to regulate are spending billions of dollars on the latest technology, and for the SEC to keep up, they need to have the kind of resources that you just described. . . . I’m not sure we can ask the SEC to keep up unless we provide them with the resources that will allow them to do so."

Peirce, in response to the same question, said she would like to see how current resources are being used once she arrives at the agency. She noted that some recent reports by the SEC’s Office of the Inspector General addressed some problems in that regard.

The Comprehensive Audit Trail also came up. The CAT, due to begin partial operations next month, would eventually capture in a single data repository all customer and order information for transactions in national market system securities, across all markets, from the point of inception through routing, cancellations, modifications or execution. Concerns have been expressed since the SEC breach as to whether the SEC can properly safeguard this information (ACA Insight, 10/2/17).

"I do have concerns about anytime the SEC is collecting data," Peirce said, in response to a question from Senator Tom Cotton (R-AR). "I think it needs to ask, ‘Do we need the data? What are we going to use it for?’ and ‘Can we protect it?’ I’m not convinced that those questions have been answered to my satisfaction."

Jackson, who said it was important to remember that the CAT was created to avoid another "flash crash," nonetheless said that he had some of the same questions named by Peirce. "But I do think it’s important that we put the CAT in place, because the flash crash is something that we don’t ever want to repeat."

Rulemaking, rule review and the Fiduciary Rule

Two themes involving rulemaking came up during the hearing. One was the need to complete any remaining rule requirements from Dodd-Frank. The other was to review existing rules and make any changes necessitated by that review.

Most of the comments in regard to Dodd-Frank rulemaking were in regard to executive compensation, with Senator Elizabeth Warren (D-MA) pressing both nominees as to whether they would commit to move the SEC to implement what she called 20 rules required by the statute that have yet to be implemented.

Jackson appeared to satisfy her with a plain answer that he would do so. "Those protections are critical," he said.

Peirce, however, said she would "work with the chairman" to create the rules, but added that there were other priorities the SEC had, and she could not currently say in which order these other priorities and the remaining Dodd-Frank requirements would be addressed.

Warren described this answer as "less definitive" than Jackson’s response.

In response to a separate question from Senator Richard Shelby (R-AL), Peirce said that she was in favor of reviewing existing regulations. "It makes sense to go back and see how individual rules are working, and see how they’re working together, and when we need to pare things back and when we need to add things." She also spoke in favor of performing a cost/benefit analysis on proposed rules, as well as metrics to examine existing rules and see how they are performing.

As for the Department of Labor Fiduciary Rule, both nominees spoke in favor of the DOL and the SEC working together on future regulation in this area. "The SEC should have an important role," said Jackson. "It is a natural area for the SEC to do rulemaking. . . . What’s important in developing this standard is to make sure that the market and investors have consistency."

Peirce said that she was glad that the SEC and the DOL are "taking a look at it," and that it would be a good idea to "get the states involved, as well."

Enforcement

Jackson, in discussing enforcement as one of his priorities should he be confirmed as a commissioner, said that insider trading, in particular, needs agency attention. "I worry that some of the recent events have caused investors to wonder whether or not the SEC is really on top of the job, is really the cop on the beat that we need to make sure that investors are getting a fair deal. I think those enforcement efforts deserve further attention." He did not specify which recent events he was referring to.

Asked by Crapo whether the SEC should take action against individuals as well as regulated entities, Peirce said that looking at enforcement action against individuals is important "if something’s been done wrong and an individual has been involved."