|
SEC says cyber security biggest risk to
financial system
Send a link to a friend
[May 18, 2016]
By Lisa Lambert and Suzanne Barlyn
WASHINGTON (Reuters) - Cyber security is
the biggest risk facing the financial system, the chair of the U.S.
Securities and Exchange Commission (SEC) said on Tuesday, in one of the
frankest assessments yet of the threat to Wall Street from digital
attacks.
|
Securities and Exchange Commission Chair Mary Jo White is interviewed at
the Reuters Financial Regulation Summit in Washington, US May 17, 2016.
REUTERS/Gary Cameron |
|
 Banks around the world have been rattled by a $81 million cyber
theft from the Bangladesh central bank that was funneled through
SWIFT, a member-owned industry cooperative that handles the bulk of
cross-border payment instructions between banks.
The SEC, which regulates securities markets, has found some major
exchanges, dark pools and clearing houses did not have cyber
policies in place that matched the sort of risks they faced, SEC
Chair Mary Jo White told the Reuters Financial Regulation Summit in
Washington D.C.
"What we found, as a general matter so far, is a lot of
preparedness, a lot of awareness but also their policies and
procedures are not tailored to their particular risks," she said.
"As we go out there now, we are pointing that out."
 White said SEC examiners were very pro-active about doing sweeps of
broker-dealers and investment advisers to assess their defenses
against a cyber attack.
"We can't do enough in this sector," she said.
Cyber security experts said her remarks represented the SEC’s
strongest warning to date of the threat posed by hackers.
A former member of the World Bank’s security team, Tom Kellermann,
who is now chief executive of the investment firm Strategic Cyber
Ventures LLC, called it "a historic recognition of the systemic risk
facing Wall Street."
BROKEN WINDOWS
Under White, a former federal prosecutor, the SEC introduced an
initiative called "broken windows" designed to crack down on small
violations of SEC rules to deter traders and others from larger
transgressions.
But critics have questioned whether the initiative, similar to one
used by former New York City Mayor Rudy Giuliani in his crackdown on
crime in the city, is an effective use of the agency’s limited
resources.
The policy has been applied to instances of “rampant non-compliance”
involving serious, significant rules, White said, noting that she
considers the initiative a huge success.
For example, the SEC brought three groups of cases in a key area,
the prohibition against short selling ahead of an IPO by individuals
who then participated in the IPO, since 2013, she said. Each year,
there have been fewer cases, with the most recent number at around
12, White said. GAAP VS. NON-GAAP
Also on Tuesday, the SEC released guidance about how certain
accounting practices could potentially mislead investors that White
called "consequential."
[to top of second column] |
Companies are increasingly using non-Generally Accepted Accounting
Principles, or non-GAAP, to report earnings, permitting them to back
out certain expenses from earnings figures, such as non-cash costs.
But critics say the practice can also mislead investors by creating
a rosier picture of a company’s profits.
The SEC’s current rules allow companies to report with figures that
do not comply with GAAP, as long as certain conditions are met and
White said the guidance spells out those conditions, such as a
requirement that “the GAAP measure has to be of equal or greater
prominence than non-GAAP."
Non-GAAP "is not supposed to supplant GAAP and obviously not obscure
GAAP," she said.
She declined to say if the SEC is considering enforcement actions
against companies that might be misleading investors with non-GAAP,
but noted the SEC would not hesitate to bring one if it uncovered an
“actionable violation.”
For months now, the SEC has only had three commissioners, down from
its full complement of five, and the U.S. Congress has stalled on
confirming two nominees.
"We're really functioning on all cylinders," White said, ticking off
a list of projects the commission has recently completed.
She added that, to comply with rules on meetings and disclosures,
commissioners typically meet one-on-one.
"If there are only three of you, it's shorter-circuited to some
degree," she said. "There are some advantages, too."
Follow Reuters Summits on Twitter @Reuters_Summits
For other news from the Reuters Financial Regulation Summit, click
on http://www.reuters.com/summit/FinancialRegulation16
(Additional reporting by Sarah N. Lynch)
[© 2016 Thomson Reuters. All rights
reserved.]
Copyright 2016 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
