SEC Announces Cyber Enforcement Initiatives

September 26, 2017

The U.S. Securities and Exchange Commission (SEC) announced two cyber enforcement initiatives on September 25, 2017 to address cyber threats and protect retail investors. The SEC will create a Cyber Unit to target cyber-related misconduct and establish a Retail Strategy Task Force to enforce initiatives that impact retail investors.

Cyber Unit

The Cyber Unit will enhance the SEC's ability to detect and investigate cyber threats. In the announcement, the SEC stated that the unit will target cyber-related misconduct such as:

  • Market manipulation schemes involving false information spread through electronic and social media
  • Hacking to obtain material nonpublic information
  • Violations involving distributed ledger technology and initial coin offerings
  • Misconduct perpetrated using the dark web
  • Intrusions into retail brokerage accounts
  • Cyber-related threats to trading platforms and other critical market infrastructure

Retail Strategy Task Force

The Retail Strategy Task Force will develop proactive initiatives to protect retail investors. The task force plans to leverage lessons learned from the enforcement division's cases. The team will include enforcement personnel across the U.S., including the SEC’s National Exam Program and the Office of Investor Education and Advocacy.

What You Can Do

The announcement of these two initiatives confirms the SEC’s commitment to enhancing their cyber-related expertise and protecting investors from cyber-related misconduct. ACA recommends evaluating your current cybersecurity programs and technology platforms to ensure you adhere to the SEC’s guidance. ACA can assist you by conducting a cybersecurity risk assessment, providing an SEC cyber mock audit, reviewing electronic communications including social media, and implementing trade surveillance to stay on top of items of interest and possible market manipulation.

For More Information

For more information, please contact Damon Zappacosta at ACA Compliance Group or your regular ACA consultant.