Banking Exchange Magazine Logo

Banks Call for Changes to SEC Cybersecurity Proposals

The regulator’s proposals do not take into account other policy goals, according to a trade body coalition

  • |
  • Written by  Banking Exchange staff
Banks Call for Changes to SEC Cybersecurity Proposals

A coalition of banking sector trade bodies have written to the SEC calling for changes to its planned new rulebook on cybersecurity.

The Bank Policy Institute (BPI), the American Bankers Association (ABA), the Independent Community Bankers of America and the Mid-Sized Bank Coalition of America, collectively expressed support for the proposals but warned that they “insufficiently take into account other policy goals”.

According to the letter, targets such as ensuring the cybersecurity of parties, protecting the soundness of financial institutions, and identifying and punishing perpetrators of cybercrime, were not met.

The coalition stated that the timing and content requirements for incident disclosures were made “without sufficient regard” of potential security risks.

The letter stated: “Specifically, the very fact of disclosure that a cybersecurity incident is ongoing and unremediated may adversely impact a registrant’s ability to effectively respond to and remediate the incident, and significantly exacerbate the resulting risks and harms to the registrant and its shareholders, customers, and others.”

The organizations also stated that periodic disclosures should not be required to reveal the nature or status of remediation activities, including alterations to cybersecurity policies. They claimed that publishing such details would “assist” threat perpetrators who will look for ways to comprise information systems.

They also took issue with the proposed requirement for banks to disclose details of their selection and oversight of third-party entities, including contractual requirements used to tackle security risks.

The letter said banks “should only be required to disclose high-level information, including confirmation that policies and procedures are appropriately applied to third-party selection and ongoing oversight”.

The SEC recently doubled its digital finance oversight team, with the addition of 20 new staff to the newly-rebranded Crypto Assets and Cyber Unit, a part of its enforcement division.

back to top


About Us

Connect With Us


Webinar: Card Based Faster Payments in Today’s Digital Economy

Time/Date: June 28, 2022, at 2:00 ET

Consumers and businesses want instant gratification and the ability to move money in just minutes. From payroll to P2P to insurance benefits, demand is rising for instant disbursement. However, there are pain points in the current money movement ecosystem, and to address them, financial institutions need a payments strategy that addresses the dramatic rise in faster payments.

In this Banking Exchange hosted webinar on June 28, 2022, at 2:00 ET, Jaspreet Singh, Head of A2A/P2P Commercialization, Visa Direct at Visa Direct, and Al Griffin, Product Manager at Alacriti, discuss:


This webinar is brought to you by:
Alacriti logo