Washington D.C.
Oct. 4, 2017
Before the
Committee on Financial Services
United States House of Representatives
Chairman Hensarling, Ranking Member Waters, distinguished members of the Committee, thank you for the opportunity to testify before you today about the work of the U.S. Securities and Exchange Commission (SEC or Commission or agency).[1]
It is an honor to testify before this Committee for the first time. Since joining the SEC, my experience has strongly reinforced my view that our talented and committed staff is fundamental to the agency’s effectiveness. The SEC’s mission to protect investors, maintain fair, orderly and efficient markets and facilitate capital formation is deeply engrained throughout our offices and divisions. I also want to thank Commissioners Stein and Piwowar for their valuable counsel and guidance to me as well as for their unwavering commitment to the Commission.
With a workforce of about 4,600 staff in Washington and across our 11 regional offices, the SEC oversees, among other things (1) approximately $72 trillion in securities trading annually on U.S. equity markets; (2) the disclosures of over 8,100 public companies, of which 4,300 are exchange listed; and (3) the activities of over 26,000 registered entities, including investment advisers, broker-dealers, transfer agents, securities exchanges, clearing agencies, mutual funds, exchange traded funds, the Financial Industry Regulatory Authority (FINRA) and the Municipal Securities Rulemaking Board (MSRB), among others. We also engage and interact with the investing public on a daily basis through a number of activities ranging from our investor education programs to alerts on our SEC.gov portal. Additionally, on a typical day, investors and other market participants view disclosure documents filed on our EDGAR system more than 50 million times.
In a July speech, I outlined the principles that should chart the course for the SEC moving forward. The principles reflect my interactions with the men and women of the Commission staff.
These guiding principles are as follows:
- The SEC’s tripartite mission – protect investors, maintain fair, orderly and efficient markets and facilitate capital formation – is its touchstone;
- Our analysis starts and ends with the long-term interests of the Main Street investor;
- The SEC’s historic approach to regulation is sound;
- Regulatory actions drive change, and change can have lasting effects;
- As markets evolve, so must the SEC;
- Effective rulemaking does not end with rule adoption;
- The costs of a rule now often include the cost of demonstrating compliance; and
- Coordination is key.[2]
While I will not go into great detail on all of the principles here, I would like to highlight the second principle, which is particularly important to me – that our analysis starts and ends with the long-term interests of the Main Street investor; or as I call them, “Mr. and Ms. 401(k).” At a time when greater responsibility is shifting to Main Street investors to save for their own retirement, I am confident that this is the correct metric for our analysis of success in meeting our tripartite mission.[3] If Mr. and Ms. 401(k) are able to invest in a better future, then the SEC is serving them and our markets well.
Cybersecurity
Cybersecurity is an area that is vitally important to the SEC, our markets and me personally. The prominence of this issue and the heightened focus the agency has on it is the result of various factors, including (1) the increased use of and dependence on data and electronic communications, (2) the greater complexity of technologies present in the financial marketplace and (3) the continually evolving threats from a variety of sources. Cybersecurity touches the daily lives of virtually all Americans, whether it is our accounts with financial services firms, the companies we invest in or the markets through which we trade.
On September 20, I issued a press release and statement that (1) discussed the Commission’s cybersecurity risk profile, (2) reviewed our approach to oversight and enforcement and (3) disclosed a 2016 intrusion that I recently discovered may have led to illicit trading.[4]
The press release and statement are part of an ongoing assessment of the SEC’s cybersecurity risk profile and preparedness that I initiated upon joining the Commission in May. The initiative has various components, including the formation of a senior-level cybersecurity working group to coordinate information sharing, risk and threat monitoring, incident response and other cross-divisional and interagency efforts and an assessment of reporting and escalation procedures.
I will now discuss the 2016 intrusion. In August 2017, in connection with an ongoing investigation by our Division of Enforcement, I was notified of a possible 2016 intrusion into our EDGAR system. In response to this information, I immediately commenced an internal review. Through this review and the ongoing enforcement investigation, I was informed that the 2016 intrusion into the test filing component of our EDGAR system provided access to nonpublic EDGAR filing information and may have provided a basis for illicit gain through trading.
We believe the 2016 intrusion involved the exploitation of a defect in custom software in the EDGAR system. When it was originally discovered, the SEC Office of Information Technology (OIT) staff took steps to remediate the defect in custom software code and reported the incident to the Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT). Based on the investigation to date, OIT staff believes that the prior remediation effort was successful.
The first stage of our review and investigation of the 2016 intrusion consists of two related components. The first component focuses on the 2016 intrusion itself, including efforts to determine its scope and whether there were or are any related vulnerabilities in our EDGAR system. Various agency personnel, including members of the Division of Enforcement, the Office of the General Counsel and the Office of Inspector General (OIG) have been involved in this effort. The second component consists of our investigation into trading potentially related to the intrusion. This investigation is being conducted by our Division of Enforcement and is ongoing.
Importantly, in conducting this type of review and related forensic analysis, it is a priority and a constraint to maintain the security and day to day operational capabilities of EDGAR, which is a critical component of our disclosure-based market system and accepts filings virtually continuously during the week.
In addition, I formally requested that the OIG begin a review into what led to the intrusion, the scope of nonpublic information compromised and our efforts in response. I specifically requested that the OIG provide recommendations for how the SEC should remediate any related system or control deficiencies.
There are limits on what I know and can discuss about the 2016 incident due to the status (ongoing and incomplete) and nature (enforcement) of our reviews and investigations. Nevertheless, I directed the issuance of the press release and statement on September 20. I made this disclosure because I believed that, once I knew enough to understand that the 2016 intrusion provided access to nonpublic EDGAR test filings and that this may have resulted in the misuse of nonpublic information for illicit gain, it was important to disclose the incident and our cybersecurity risk profile more generally to the American public and Congress.
The matter involving our EDGAR system concerns me deeply and on many levels. I am focused on getting to the bottom of the matter and, importantly, lifting our cybersecurity efforts moving forward.
I recognize that I am not the only one who is deeply concerned. Rightfully, it will cause this Committee and others to increase their focus on whether the Commission’s approach to cybersecurity appropriately addresses our cybersecurity risk profile. This is all the more reason it was appropriate to disclose the 2016 intrusion when I did, even though our review and investigation were, and still are, ongoing.
I will now provide an update on developments in our review and investigation over the past week. Our efforts are organized into five principal work streams:
- The review of the 2016 EDGAR intrusion by the Office of Inspector General. Staff have been instructed to provide their full cooperation with this effort;
- The investigation by our Division of Enforcement into the potential illicit trading resulting from the 2016 EDGAR intrusion;
- A focused, operational review of and, as necessary or appropriate, uplift of our EDGAR system. Our EDGAR system has been undergoing modernization efforts. We have added, and expect to continue to add, additional resources to these efforts, which are expected to include outside consultants, and will increase the focus on cybersecurity matters;
- The more general assessment and uplift of our cybersecurity risk profile and efforts that we initiated shortly after my arrival at the Commission this past May, including, without limitation, the identification and review of all systems, current and planned (e.g., the Consolidated Audit Trail (CAT)), that hold market sensitive data or personally identifiable information; and
- The agency’s internal review of the 2016 EDGAR intrusion to determine, among other things, the procedures followed in response to the intrusion. This review is being overseen by the Office of the General Counsel and has an interdisciplinary investigative team that includes personnel from regional offices and will involve outside technology consultants.
Each of these efforts is moving forward and, as is the nature of matters of this type, will require substantial time and effort to complete.
I also have an update to previous disclosure regarding the scope of the 2016 intrusion into our EDGAR system.[5] Last week, I reported that, based on the information available at the time, we believed that the 2016 intrusion did not result in unauthorized access to personally identifiable information and that our investigation of these matters, as well as the extent and impact of the intrusion, is ongoing. As part of the investigation, our staff have been continuing their forensic analysis of data accessed from our EDGAR servers.
As a result of these efforts, I was informed this past Friday that an EDGAR test filing accessed by third parties in connection with the 2016 intrusion contained the names, dates of birth and social security numbers of two individuals. We are reaching out to the two individuals to notify them and will offer to provide them with identity theft protection and monitoring services. Should our review uncover additional such individuals whose sensitive information may have been accessed, we will contact them and offer them identity theft protection and monitoring as well. I will also make sure to keep the Committee informed of the ultimate findings and conclusions of our internal review into the 2016 intrusion.
I will now speak more broadly regarding our cybersecurity efforts.
We must remain on top of evolving threats when it comes to securing our own networks and systems against intrusion. This is especially true when protecting systems dealing with sensitive market and other data involving personally identifiable information. This means regularly evaluating progress, pursuing improvements and making it a priority to invest sufficient resources so our systems keep up with the fast-changing threat environment.
Looking forward, and to further the efforts discussed above, I have authorized the immediate hiring of additional staff and outside technology consultants to aid in our efforts to protect the security of the agency’s network, systems and data. I have also directed the staff to take a number of steps designed to strengthen our cybersecurity risk profile, with an initial focus on EDGAR. This effort includes assessing the types of data we take in through the EDGAR system, and whether EDGAR is the appropriate mechanism to obtain that data. Another part of this effort includes reviewing the security systems, processes and controls we have in place to protect data submitted through EDGAR.
The staff will also conduct similar reviews of other systems we use at the SEC, assessing the types of data we keep and the related security systems, processes and controls. We will also work to enhance our escalation protocols for cybersecurity incidents in order to enable greater agency-wide visibility and understanding of potential cyber vulnerabilities and attacks. More broadly, we are evaluating our cybersecurity risk governance structure, which has included the establishment of our senior-level cybersecurity working group and may include additional enhancements to promote the management and oversight of cybersecurity risk across the SEC’s divisions and offices.
Other initiatives resulting from the general cybersecurity assessment we initiated in May are ongoing or will commence shortly. These include internal, Commission-level incident response exercises and continued interaction on cybersecurity efforts with other government agencies and committees, including the Department of Homeland Security, the Government Accountability Office and the Financial and Banking Information Infrastructure Committee.
Despite the attention given to widely-publicized cyber-related incidents experienced by the Commission and others, I still am not confident that the Main Street investor has received a sufficient package of information from issuers, intermediaries and other market participants to understand the substantial risks resulting from cybersecurity and related issues. As a general matter, it is critical that investors be informed about the threats that issuers and other market participants face.
To be sure, we are continuing to examine whether public companies are taking appropriate action to inform investors, including after a breach has occurred, and we will investigate issuers that mislead investors about material cybersecurity risks or data breaches. As is noted in my July speech and on various other occasions, I would like to see more and better disclosure in this area.
Cybersecurity must be more than a firm-by-firm or agency-by-agency effort. Active and open communication between and among regulators and the private sector also is critical to ensuring the nation’s financial system is robust and effectively protected. Information sharing and coordination are essential for regulators to anticipate potential cyber threats and respond to a major cyberattack, should one arise. The SEC is therefore working closely with fellow financial regulators to improve our ability to receive critical information and alerts, react to cyber threats and harmonize regulatory approaches.
Overall, by promoting effective cybersecurity practices in connection with both the Commission’s internal operations and its external regulatory oversight efforts, it is our objective to contribute substantively to a financial market system that recognizes and addresses cybersecurity risks and, in circumstances in which these risks materialize, exhibits strong mitigation and resiliency.
Regulatory Agenda
We have been hard at work developing our regulatory agenda, consistent with the eight principles outlined above. As you know, we have a number of statutorily-mandated items that we need to address, and we are considering how to advance those while also pursuing other initiatives that are central to the fulfilment of our statutory mission. Mandated rulemakings include those required by both the Fixing America’s Surface Transportation (FAST) Act and the Dodd-Frank Wall Street Reform and Consumer Protection Act. In the coming weeks and months, I expect the SEC’s near-term rulemaking objectives to be fully reflected in our upcoming Regulatory Flexibility Act Agenda. As a general matter, I believe it is important that these publicly available agendas provide the necessary transparency and accountability for agency matters. If these plans are to meet their intended purpose, they must be streamlined to inform Congress, investors, issuers and other interested parties about what the SEC actually intends – and realistically expects – to accomplish over the coming year.
Putting together a rulemaking agenda has not slowed work to fulfill the SEC’s mission. As you know, Commissioners Michael Piwowar and Kara Stein advanced a number of important matters before I came on board, including moving to a two business day standard settlement cycle – or T+2.
I would like to now highlight several of the SEC’s accomplishments since I joined my fellow Commissioners and the women and men of the SEC in May.
Facilitating Capital Formation
The U.S. capital markets have long been the deepest, most dynamic and most liquid in the world. They provide businesses with the opportunity to grow, create jobs and furnish diverse investment opportunities for investors, including retail investors, pension funds and other retirement accounts. Our markets also have long provided the United States economy with a competitive advantage and American Main Street investors with better investment opportunities than comparable investors in other jurisdictions. We should be striving to maintain and enhance these complementary positions, including being mindful of emerging trends and related risks.
In this regard, I continue to be troubled by the negative trend in the number of public companies – fewer companies are choosing to go public in their growth phase or at all and, consequently and significantly, there are fewer investment opportunities for Main Street investors. It is clear to me that our public capital markets are relatively less attractive to growing businesses than in the past. Based on my review and discussions with Commission staff and others, the reporting, compliance and oversight dynamic between private and public markets appears out of sync. Costs – ranging from direct compliance costs to the consumption of management and employee bandwidth – for public companies, particularly smaller and medium-sized companies, far outstrip those of comparable private companies. Thus, many companies with the choice of going public may be incentivized to stay private or stay private longer.
I view Mr. and Ms. 401(k) as bearing a potentially significant cost as a result of the shrinking number of public companies. I expect this dynamic, if not addressed, will lead to fewer opportunities for Main Street investors to invest directly in high quality companies. To be clear, it is not fewer opportunities to invest in IPOs themselves that troubles me. But without IPOs of growing companies, we have a shrinking and generally more mature portfolio of public companies. This is a significant concern. A shrinking proportion of public companies, particularly smaller and medium-sized companies, has costs beyond investment choices, including that there will be less publicly available information about the operations and performance of companies that are important to our economy.
I believe a key to restoring vibrancy in our public markets is a recognition that a one size regulatory structure does not fit all. Fortunately, this is not just a theory – through Congress’s enactment of, and the SEC’s work on, the Jumpstart Our Business Startups (JOBS) Act, there is an ecosystem displaying that a scaled disclosure and regulatory system provides incentives for companies to conduct public offerings while maintaining the world’s most robust investor protections. To be clear, this does not mean that we would sacrifice or limit the core principles of our public disclosure regime and other essential investor protections for the sake of accelerating public issuances. It is clear to me that companies that go through the U.S. IPO process emerge as better companies, with better disclosure. We want to encourage and preserve that dynamic. Overall, the SEC will strive for efficiency in our processes to encourage more companies to consider going public, which will result in more choices for investors, job creation and a stronger U.S. economy.
To this end, the SEC, through the Division of Corporation Finance (Corporation Finance), is undertaking efforts to promote capital formation, especially in our public markets. Corporation Finance recently announced that it would accept voluntary draft registration statement submissions for certain securities offerings, including for initial public offerings and offerings within one year of an IPO, for review by the staff on a non-public basis.[6] This expanded policy builds on the confidential submission process established in response to the JOBS Act. We believe this approach provides a meaningful benefit to companies and investors, and a number of companies have already pursued this path.
Corporation Finance also issued guidance clarifying that companies may omit from draft registration statements interim financial information that otherwise will not be required when a company files its registration statement.[7] This guidance should enable a company to reduce costs associated with preparing financial information that ultimately would not be included in its filing. Importantly, this guidance saves costs, but investors continue to benefit from the full array of financial information required when a company publicly files its registration statement.
Corporation Finance is also considering whether there are other areas in which interpretive guidance could assist companies without reducing investor protections, and whether enhancements can be made to staff processes to further benefit companies and investors.
Additionally, we are taking steps to fill the position of Advocate for Small Business Capital Formation (Advocate) and form the Office of the Advocate for Small Business Capital Formation (Office) and the Advisory Committee on Small Business Capital Formation (Advisory Committee), as required by Congress in the SEC Small Business Advocate Act of 2016. Among other statutorily-mandated functions, the Advocate will identify areas in which small businesses and small business investors would benefit from changes in Commission regulations or self-regulatory organization (SRO) rules. The Advocate also will work to identify problems that small businesses have securing access to capital, including any unique challenges to minority- and women-owned businesses.
We recently announced the application process for selecting the Advocate, which will cast a wide net that will encourage people with expertise and interest in facilitating capital formation throughout the country to apply. I anticipate that the Commission will select the Advocate in the coming months which will allow him or her to continue the agency’s work through the Office and the Advisory Committee to facilitate capital formation for small businesses across the country.
Much work remains to be done in this area, but I am pleased with the staff’s efforts to provide additional opportunities for issuers and investors alike.
Disclosure Effectiveness
I expect that the Commission will move forward in the near term on a number of additional initiatives aimed at promoting capital formation. For example, the Commission will soon consider a rule proposal required by the FAST Act to modernize and simplify the disclosure requirements in Regulation S-K in a manner that reduces costs and burdens on companies while still providing for the disclosure of all required material information.
The staff is also developing recommendations to finalize rule amendments that would eliminate redundant, overlapping, outdated or superseded disclosure requirements. In addition, the staff is developing recommendations for the Commission on final rule amendments to the “smaller reporting company” definition, which would expand the number of issuers eligible to provide scaled disclosures.
Further, the agency is continuing our initiative to modernize and simplify our disclosure requirements generally. We have a number of projects underway related to that effort, including, among others:
- Considering changes to the rules in Regulation S-X related to requirements for financial statements for entities other than the issuer; and
- Updating industry-specific disclosure requirements, such as the property disclosure requirements for mining companies and preparing recommendations for proposed rules to modernize bank holding company disclosures.
CEO Pay Ratio Disclosure
Corporation Finance also is examining existing disclosure rules, with an eye toward easing compliance burdens while maintaining the mandated disclosure. The SEC is required to implement rulemakings mandated by statute in accordance with applicable law, including the pay ratio disclosure rule adopted pursuant to Section 953(b) of the Dodd-Frank Act. This rule was adopted on August 5, 2015, and will continue to be implemented on schedule.
In response to questions about the pay ratio rule, the Commission recently approved interpretative guidance to assist companies in their compliance efforts.[8] Specifically, the interpretative guidance clarifies the disclosure rules mandated by Congress in a way that is true to the mandate and, to the extent practicable, allows companies to use operational data and otherwise readily available information to produce the disclosures. Additionally, the staff issued guidance which includes examples illustrating how reasonable estimates and statistical methodologies may be used. The staff will continue to monitor the rollout of the rule, in particular for whether unanticipated costs or difficulties have arisen.
Standards of Conduct for Investment Advisers and Broker-Dealers
I have made clear in public statements that I am focused on the standards of conduct that investment professionals must follow in providing advice to Main Street investors. The extensive study of the subject to date illustrates the complexity of the issue and the fast-changing nature of our markets, including the evolving manner in which personalized investment advice is provided. Main Street investors should have access to high-quality, affordable investment advice and a diverse range of investment products without sacrificing the protections of the securities laws.
Since my confirmation, the Department of Labor’s (DOL’s) fiduciary rule has partially taken effect. Staff conversations with investors and firms, prior to the DOL’s proposed extension, as well as various press reports, indicate that broker-dealers are considering, and some have started taking, a variety of actions to comply with the DOL Rule, including: (1) increasing compliance resources and efforts (e.g., disclosure, documentation and training, in particular, with respect to costs and rollover recommendations); (2) increasing the use of robo-advice; and (3) reevaluating and changing the types of products and accounts (and related fees) offered to retirement investors, focusing particularly on products or accounts that would address the compliance requirements driven by the Best Interest Contract Exemption (e.g., shifting some or all of their retirement accounts to level-fee advisory accounts).
Further, staff understands mutual fund complexes are considering various approaches to accommodate broker-dealers’ efforts to level compensation across similar types of products in response to the DOL Rule. These approaches include, for example: (1) issuing “clean shares” that do not have any sales loads, charges or other asset-based fees for sales or distribution (thus allowing brokers to set their own commissions that would be paid directly by investors);[9] and (2) issuing “T-shares” – or “transaction shares” – that have uniform sales charges across all fund categories.
While the SEC and the DOL have different statutory mandates, rulemaking processes and jurisdictions, actions taken by one regarding standards of conduct are going to have a significant effect on the other’s regulated entities and the marketplace. In other words, effects of the DOL rule extend well beyond the DOL’s jurisdiction, and vice versa. It is important that we understand these effects and work closely and constructively with DOL to implement appropriate standards of conduct for financial professionals who provide advice to retail investors. We are engaging expeditiously and constructively with our colleagues at the DOL to best serve the interests of investors.
As for Commission action related to standards of conduct, the SEC has been reviewing this area for some time. In recognition of the vast changes in the marketplace since the SEC last solicited information four years ago, on June 1, 2017, I issued a statement seeking public input on standards of conduct for investment advisers and broker-dealers.[10] In it, I articulated some key principles – clarity, consistency and coordination – that I expect to guide our approach. Specifically, our standards should be clear and comprehensible to the average investor, consistent across retirement and non-retirement assets and coordinated with other regulatory entities, including the DOL and state insurance regulators.
I also hope that my June 2017 statement will shape constructively the conversation on this important matter, so that we can properly tailor an approach or package of approaches that we believe will best address the issues identified. To date, we have received over 150 comments from investors and the industry, expressing a range of views. I also have personally met with various Main Street investor and industry groups and have found those conversations beneficial.
The Commission and its staff have extensive experience regulating broker-dealers and investment advisers, and we are reviewing the information interested parties have submitted. I look forward to continuing to work with my fellow Commissioners and the SEC staff as we evaluate our next steps on this important topic.
Equity, Fixed Income and Security-Based Swap Markets
The SEC has a responsibility to ensure that our securities markets provide vibrant, efficient and fair mechanisms for facilitating the formation and transfer of capital. In the decade plus since the adoption of Regulation NMS, technological advancements and innovations and commercial developments have led to significant changes in the way our trading markets operate. Generally speaking, our securities markets continue to be highly efficient and resilient. That said, it is imperative that we continuously examine and reassess our regulatory market structure. There are a few specific market structure issues and initiatives that I would like to now highlight.
Several recent Commission rulemaking proposals have been aimed at enhancing transparency in the market structure space. In July of last year, the Commission proposed amendments to Rule 606 of Regulation NMS that would require broker-dealers to disclose standardized information on their handling of large orders, both in response to customer requests and on a quarterly, aggregated basis. This proposal would also enhance existing broker-dealer order routing disclosure requirements for smaller orders.
In November 2015, the Commission proposed amendments to Regulation ATS to impose new transparency requirements on alternative trading systems (ATSs) that facilitate transactions in NMS stocks. That proposal would also greatly increase the Commission’s active oversight over the design and operation of such ATSs.
Both of these transparency-focused rulemaking proposals, which the Commission released prior to my Chairmanship, have received broad support from commenters. I support both initiatives, and I have asked the Commission staff to prepare final rulemaking recommendations for the Commission’s consideration.
Just as investors look for material information upon which to base their investment decisions, the Commission uses data to support and enhance our oversight function, including in our analysis of market structure, as well as for investigations, examinations and market analyses and reconstructions. The SROs also use data in carrying out their regulatory responsibilities.
Currently, trading activity in stocks is tracked through a number of systems. No single system tracks the orders that are routed and executed across multiple trading venues. As the Committee is aware, pursuant to Commission rule and the CAT National Market System (NMS) Plan, a Consolidated Audit Trail, or CAT, is currently being developed by a CAT plan processor (Thesys) and the securities exchanges and FINRA. The CAT is intended to provide these SROs and the Commission with consolidated cross-market data that is more complete, accurate, accessible and timely than the data currently available to regulators.
Of paramount concern to the Commission is the protection of sensitive CAT data. I appreciate that security issues are particularly acute with respect to a data repository that contains comprehensive information on trading activity in the securities markets, especially in light of recent events. I am therefore focused on issues of data security with respect to CAT. I have made this point clear to both Thesys and the SROs, and will continue to do so. I expect that the roll-out of the various components of CAT data reporting, the first phase of which is scheduled to take effect on November 15, 2017 (wherein the SROs will report data to the central repository), will reflect an ongoing assessment of the sensitivity of the data reported and related security concerns and protections.
Among the defenses built into the CAT NMS Plan are requirements for the plan processor to develop a comprehensive information security program that addresses the security and confidentiality of all information within the CAT data repository and associated operational risks. And the SROs, which have direct oversight of the plan processor, are obligated to monitor the information security program to ensure that it is consistent with the highest industry standards for the protection of data. For the subset of data that may be extracted from the CAT data repository, the SROs and the SEC have independent obligations to protect any such data. With respect to the SEC specifically, we have committed to review periodically the effectiveness of our confidentiality and data use procedures in connection with our access to the CAT.
Other components of the Commission’s analysis of market structure are two pilot programs – one currently in force, and the other being developed by Commission staff. The Tick Size Pilot, which began in October 2016, is testing the impact of wider tick sizes on the trading of stocks of certain smaller capitalization companies. Preliminary analyses of the pilot data indicate that the impact of the wider tick sizes on market quality has been mixed. For many covered securities, quoted spreads and depth of book have increased, and volatility has decreased. At the end of August, trading center data became publicly available and will enable more robust analysis of the pilot data.
I have also asked the Commission staff to develop a proposal for a pilot program that would test how adjustments to the access fee cap under Rule 610 of Regulation NMS would affect equities trading. The Equity Market Structure Advisory Committee (EMSAC) recommended a pilot program of this type. I am supportive of this type of pilot program because it should provide the Commission, as well as market participants and the public, with more data to assess how transaction-based fees and rebates affect order routing behavior, execution quality and market quality. I expect that the Commission will consider a transaction fee pilot proposal of this nature in the near future.
More generally, I believe that a thoughtful and methodical, data driven approach to market structure will help us fulfill our mission to protect investors, maintain fair, orderly and efficient markets and facilitate capital formation. Pilot programs such as the ones I just described allow us to evaluate whether adjustments to our market structure are necessary or appropriate, and if so, how to appropriately tailor them. At the same time, I also recognize that pilot programs – whether in the form of Commission or SRO initiatives – cannot simply live on in perpetuity. Once pilots have achieved their purpose in terms of providing the Commission and SROs with adequate data for reasoned decision-making, they should either be wound down or, when appropriate, made permanent.
Overall, as the Commission has evaluated equity market structure, the EMSAC has been a valuable and helpful resource to the Commission in providing expert advice and recommendations. Specifically, in addition to an access fee pilot recommendation, the EMSAC has provided the Commission with six thoughtful recommendations relating to NMS plan governance, SROs’ proposals requiring technology changes, limit-up/limit-down mechanisms, market wide circuit breakers, the market opening and Regulation NMS Rules 605 and 606. The Commission recently extended the term for the EMSAC until early 2018, which will enable the EMSAC to continue to provide us with input as we consider market structure initiatives, including the contemplated transaction fee pilot proposal.
Separately, as I have stated previously, I believe that the time is right for the Commission to broaden its review of market structure to include our fixed income markets. The fixed income markets are critical to our economy and, increasingly, Main Street investors, yet less attention has been paid to their efficiency, transparency and effectiveness relative to the equity markets. We are in the process of establishing the Fixed Income Market Structure Advisory Committee (FIMSAC). We hope to have the first FIMSAC meeting as soon as December of this year.
Finally, with respect to the regulatory regime for swaps and security-based swaps, Commodity Futures Trading Commission (CFTC) Chairman Christopher Giancarlo and I started talking soon after I joined the Commission. At our very first meeting, we discussed ways in which we could harmonize our respective rules and regulations. SEC and CFTC staff have been meeting to identify initial areas of focus, and it is my hope that the continued coordination will result in real regulatory efficiencies.
Regulatory Relief and Assistance for Hurricane Victims
The SEC has been closely monitoring of the impact of Hurricane Harvey, Hurricane Irma, and Hurricane Maria on investors and capital markets. Agency officials have been and will remain in close communication with market participants and key market infrastructure providers, as well as FINRA and other regulators concerning the storms and their aftermath. We are also actively working with firms in affected areas to ensure that investors continue to have access to their securities accounts.
Last week, as part of its evaluation of impacts on regulated entities in affected areas, the Commission announced it was providing regulatory relief to publicly traded companies, investment companies, accountants, transfer agents, municipal advisors and others affected by Hurricane Harvey, Hurricane Irma, and Hurricane Maria.[11] The loss of property, power, transportation and mail delivery due to the hurricanes poses challenges for some individuals and entities that are required to provide information to the SEC and shareholders.
To address compliance issues caused by Hurricane Harvey, Hurricane Irma, and Hurricane Maria, the Commission issued an order that conditionally exempts affected persons from certain requirements of the federal securities laws for specified periods following the natural disasters. The Commission also adopted interim final temporary rules that extend the filing deadlines for specified reports and forms that companies must file pursuant to Regulation Crowdfunding and Regulation A. The exemptive relief and rules are structured for a broad class of companies and others affected by the hurricanes and their respective aftermaths.
Some companies and other affected persons may require additional or different assistance in their efforts to comply with the requirements of the federal securities laws. The Commission staff will address these and any disclosure-related issues on a case-by-case basis in light of their fact-specific nature. Those affected by the hurricanes that require additional assistance are encouraged to contact Commission staff for individual relief or interpretive guidance. We also ask any member of Congress assisting constituents on these matters to contact us as well and to encourage their constituents to reach out to our staff.
Additionally, our Office of Investor Education and Advocacy issued an Investor Alert warning investors about the potential for investment scams in these wake of these disasters, including those promising high returns for small, thinly-traded companies that supposedly will reap huge profits from recovery and cleanup efforts.[12] The SEC brought several enforcement actions against individuals and companies following Hurricane Katrina in 2005.
Enforcement
I am committed to the responsibility of safeguarding our capital markets and American investors with energy and purpose and ensuring that there is no room for bad actors therein. Through the dedication and expertise of our Division of Enforcement (Enforcement) staff and its leadership, we are able to root out fraud and shady practices effectively and with unwavering purpose. Enforcement is focused on protecting all investors – without favor for account size, geography or other measures of priority – and that is clear from recent enforcement actions targeting pump and dump schemes, insider trading and a boiler room on Long Island ripping off seniors’ hard earned retirement savings. Successful enforcement actions impose meaningful sanctions on securities law violators, result in penalties and disgorgement of ill-gotten gains that can be returned to harmed investors and deter wrongdoing.
While a vigorous enforcement program is at the heart of the Commission’s work to protect investors and maintain the integrity of the securities markets, the SEC’s enforcement program also plays an important part in ensuring that investors and other market participants have access to material information to make informed investment decisions. The SEC has brought significant enforcement actions against issuers that committed reporting and disclosure violations. Comprehensive, accurate and timely financial reporting is the bedrock upon which our markets are based and Enforcement remains focused on pursuing violations in this area.
Our actions against parties who engage in insider trading also help promote investor confidence. Trading on material, non-public information undermines the fairness and integrity of the securities markets and creates an unlevel playing field. The SEC is committed to taking action against those who breach their duties – and subvert our markets – in pursuit of personal gain, having charged more than 700 defendants in civil insider trading cases since fiscal year 2010.
Through these efforts to root out financial fraud, insider trading and other misconduct in the securities industry, Enforcement serves a critical role in helping the Commission fulfill its tripartite mission. Moving forward, the SEC will continue to focus resources – including data collection and analysis, which has greatly enhanced our ability to detect unlawful behavior – on key areas where misconduct harms investors and impairs market integrity. In particular, I have asked the Division of Enforcement to evaluate regularly whether we are focusing appropriately on retail investor fraud and investment professional misconduct, insider trading, market manipulation, accounting fraud and cyber matters. I believe our Main Street investors would want us to focus on these areas.
Examinations
Another critical tool for the SEC to meet its mission is our national examination program, led by our Office of Compliance Inspections and Examinations (OCIE). Commission staff conduct risk-based examinations of registered entities, including broker-dealers, investment advisers, investment companies, municipal advisors, national securities exchanges, clearing agencies, transfer agents and FINRA, among others. Our examination staff work closely with staff members in our regulatory divisions to provide input on policy and regulatory issues and initiatives and also are in regular communication with Enforcement staff to discuss trends and observations and provide referrals.
Our examination program is one of many areas where we have doubled down on our focus on doing more with our limited resources. In this regard, I note that registered investment advisers now manage more than $70 trillion in assets, which is more than triple 2001 levels. In light of this trend, in 2016, the SEC reassigned approximately 100 OCIE staff to the investment adviser examination unit. As a result of this shift and the introduction of various enhancements to OCIE processes, advancements in OCIE’s use of technology and other efficiencies, the SEC is on track to deliver an increase of more than 40 percent in the number of investment adviser examinations this fiscal year – to approximately 15 percent of all investment advisers.[13]
While this has been a very positive step, more needs to be done to continue to increase investment adviser examination coverage levels, while at the same time being careful to avoid decreasing examination quality. To that end, the SEC will continue to explore additional efficiencies and improvements to our risk-based examination program. One way to achieve this is through the continued leveraging of data analysis. We have developed tools that scan an array of data fields to help us analyze and identify potentially problematic activities and firms. This allows us to make better decisions concerning which firms to examine and appropriately scope those examinations, among other things. I expect that for at least the next several years we will need to do more to increase the agency’s examination coverage of investment advisers in light of continuing changes in the markets.
In the coming fiscal year, OCIE also plans to increase the number of inspections to assess compliance with Commission rules, such as Regulation Systems Compliance and Integrity (Regulation SCI), to ensure that the cybersecurity infrastructure that is critical to the U.S. securities markets is effective.
Municipal Securities Investor Outreach
The municipal securities market plays a vital role in building and maintaining America’s infrastructure. State and local governments issue municipal securities to help finance a wide range of public projects and to provide cash flows for governmental needs, among other things. At the same time, municipal securities themselves provide an important investment option for millions of individual Americans. Retail investors hold as much as 75 percent of outstanding municipal securities – both directly and indirectly through mutual funds and other funds.
I have concerns, however, that some retail investors do not sufficiently understand and appreciate the unique aspects of municipal securities and the municipal securities market. Therefore, I have asked the staff to prepare a new series of educational materials – including Investor Bulletins – that are geared specifically to prospective and existing retail investors in municipal securities. I anticipate that the Investor Bulletins will provide basic, plain-language information concerning the characteristics, features and pricing of municipal bonds –including, for instance, background information on their tax status, pricing determinations and call provisions.
More generally, the Commission and its staff will remain vigilant and focused on municipal securities issues. Our staff will continue to administer and vigorously enforce our rules and the statutory provisions within our jurisdiction concerning municipal securities brokers and dealers, municipal advisors, municipal issuers and investors in municipal securities. We will also continue to closely oversee and coordinate with the Municipal Securities Rulemaking Board.
Agency Operations
I have devoted a significant portion of my first five months as Chairman to developing a deeper understanding of the agency’s internal operations and management. I have come to appreciate more directly what I had witnessed from my years in private practice – the knowledge, expertise and professionalism of the SEC staff. It has been a top priority for me to engage with, and understand the perspectives of, the SEC’s workforce.
I am particularly excited to report that the SEC staff’s engagement and morale are high, thanks in significant part to the leadership and efforts of division and office directors, supervisors and staff. Setting a new record for the agency this year, nearly 80 percent of the eligible workforce shared their views by completing the Office of Personnel Management’s Federal Employee Viewpoint Survey in May and June of 2017.
This year’s survey results showed notable increases in employee engagement, overall satisfaction and leader effectiveness indices. These are critical indicators for our organization because our diverse workforce is our most valuable asset. It is only through the hard work of our employees that we are able to accomplish our mission.
Since 2012, the SEC’s rating on the Partnership for Public Service “Best Places to Work” has improved by 20 percentage points, from 56 percent to 76 percent and last year we were ranked 6th among 27 mid-sized agencies. In fact, this success has earned us distinction as a role model for other federal agencies. In April 2017, the House Oversight and Government Reform Committee invited the SEC’s Chief Human Capital Officer to testify on the agency’s survey results as the “most improved” mid-sized federal agency.[14] We aim to continue building upon these 2017 results in the years to come.
Efficiencies and Resource Needs
I take very seriously the SEC’s responsibility to ensure that the SEC is a good steward of the funds Congress entrusts to our use, and maximizes the value of those funds to the American investor. We are engaged in ongoing efforts to find efficiencies in internal operations, including through automation, streamlined internal processes and better use of data. We will continue to develop and leverage our capabilities for risk analysis to inform our decision making, including how most efficiently to use staff resources. Given the pace of change in today’s capital markets, it is more important than ever that agency operations be nimble so we can direct resources where they are needed most.
For example, with Congressional approval, the SEC in June 2017 combined the agency’s various EDGAR filer support functions into one EDGAR Program Office. As this Committee knows and as discussed above, the EDGAR system is central to the agency’s mission and critical to the functioning of the capital markets. On a typical day, investors and other market participants view or download more than 50 million disclosure documents filed on EDGAR. This new office also will coordinate and rationalize the agency’s enhancements and investments related to EDGAR, including modifications to conform with changes to Commission rules, and will help consolidate the agency’s filer support functions.
Other internal improvement initiatives include combining the agency’s various communications-related functions, crafting proposals for Commission consideration to convert paper filings into electronic formats and exploring ways to better apply and schedule examination staff resources towards significant risks to investors. We will continue to explore opportunities for efficiencies and cost savings in the months to come.
The agency’s efforts to streamline operations are reflected in the SEC’s budget requests over the next two years. The President’s request for fiscal year 2018 is for $1.602 billion for SEC operations, which holds the SEC budget at essentially the same level it has been in fiscal years 2016 and 2017. This request reflects savings and efficiencies in progress throughout the SEC, sufficient to offset required cost increases, and continues investments in technology, as described further below.
It is important to note that the SEC collects transaction fees that offset the annual appropriation to the Commission. Whatever amount Congress appropriates to the agency will, by law, be fully offset by transaction fees, and will not impact the deficit or the funding available for other agencies. The current transaction fee rate is just over two cents ($0.02) for every $1,000.00 in covered securities sales.
Fiscal Year 2019 Budget Request
For fiscal year 2019, the SEC’s budget request totals approximately $1.7 billion for SEC operations. I do not make a request for additional funds lightly, especially in a tight budgetary environment. But after an evaluation of the SEC’s capabilities and needs, I believe this request is necessary for the SEC to continue the effective pursuit of our tripartite mission.
This request would allow the agency to lift the hiring freeze implemented at the start of fiscal year 2017 and recruit professionals with key skills and market expertise such as electronic trading, cybersecurity, retail investor fraud, investment adviser oversight and market analysis. The agency anticipates a need to hire such individuals in key positions to effectively carry out our core mission. The request seeks additional funds for development, modernization and enhancement of information technology systems, including additional investments in protecting the security of the SEC’s network and systems. These funds, coupled with those from the SEC Reserve Fund, would allow the continued implementation of a number of key multi-year technology initiatives, discussed further below, which will enhance the SEC’s ability to collect, analyze and act on large amounts of data.
Leveraging Technology
Advances in technology have driven significant changes in securities markets. Today, companies support human decision-making with automated algorithms, which ingest massive amounts of unstructured data to make trading decisions. Investors are using innovative platforms to conduct transactions and research investments. Firms solicit investors through sophisticated, multichannel communications.
In recent years we have seen an extraordinary increase in the volume and velocity of data available to the securities industry, investors and the SEC. The ever-increasing volume of data demands advanced analytics tools and best-in-class infrastructure that is dynamic, scalable and secure. Similarly, demand from the public for SEC information has never been higher. Last year, SEC.gov received 10.4 billion page views – double from just two years ago – and the public downloaded more than 2.6 petabytes of data. The information the SEC provides is driving the marketplace, and helping companies attract funding, grow and create jobs.
All of these shifts require the SEC to expand our own technology capabilities and increase our efficiency. The SEC’s budget requests seek the resources needed to stay on top of these critical developments and promote our mission in an evolving landscape. The Commission has made progress in modernizing our technology systems, with the benefits of increasing our use of data analytics, increasing program effectiveness and streamlining operations.
The $234 million that the SEC plans to spend on information technology in fiscal year 2018 is quite modest, by way of comparison, to the amounts that the major Wall Street firms spend on their own information technology systems. For example, in 2016 one large financial institution alone spent more than $9.5 billion on technology firm-wide, with $3 billion of that dedicated to new initiatives. Another large financial institution spent $6.6 billion in 2016 on technology initiatives.
The fiscal year 2018 and fiscal year 2019 budget proposals would support a number of key information technology initiatives, such as:
- Increasing investments in information security to address, as a top priority, the ability to monitor and avoid advanced persistent threats, and to improve risk management and monitoring;
- Expanding data analytics tools to integrate and analyze the large and ever-increasing volume of financial data we receive, enabling us to detect potential fraud or suspicious behavior earlier and allocate resources more effectively;
- Improving our examination program through advanced risk assessment and surveillance tools that help identify high-risk areas for further examination;
- Enhancing additional systems that support our enforcement program, including applying sophisticated algorithms that foster the detection of potential insider trading and manipulation;
- Streamlining public access to our EDGAR electronic filing system; and
- Investing further in business processes automation and enhancements, including the retirement of legacy systems, which will drive cost efficiencies and improve security across the agency.
Leasing
An important component of the SEC’s funding needs over the next two years is to support the leasing of office space. The current leases for the SEC’s headquarters buildings (Station Place I, II and III) will expire in fiscal years 2019, 2020 and 2021, respectively. In addition to the funds requested to support our operations, the SEC is requesting funds in fiscal year 2018 necessary to participate in the General Services Administration’s (GSA’s) competitive procurement process for a successor lease for the SEC’s headquarters. In accordance with its standard process, GSA has requested that the agency set aside the funds that might become necessary to cover construction and related costs should the SEC need to move from its current building.[15] None of these funds would be used for the operations of the SEC, and the agency has proposed appropriation language that provides a mechanism whereby any unused portion of these funds would be refunded to fee payers.
Similarly, in fiscal year 2019, funds will be required for the GSA procurement of a new lease for the SEC’s New York Regional Office, for which the current lease is set to expire in 2021. As with the SEC’s headquarters lease procurement, GSA requires that the SEC set aside funds for potential construction and related costs in the event that the competitive acquisition process might result in the SEC needing to move to a new building. None of these funds would be used for the operation of the SEC, and any unused portion would be refunded to fee payers.
Conclusion
My aim for today’s testimony is to provide a window into the scope of the SEC’s daily work to advance our mission of protecting investors, maintaining fair, orderly and efficient markets and facilitating capital formation. In closing, I want each of you – and all of your constituents, including, in particular, Main Street investors – to know that the SEC is open for business. We want to serve you and hear from you. Whether it be through providing educational resources and investor alerts on investor.gov, supporting small businesses and other issuers seeking to raise capital or vigorously enforcing the securities laws, SEC staff and division and office leadership stand ready and willing to engage with any and all who we can assist, and who can inform us, on issues consistent with our tripartite mission.
I thank this Committee and its members, especially the Chairman and Ranking Member, for their continued support of the SEC and its staff, and I look forward to answering any questions you may have.
[1] The views expressed in this testimony are those of the Chairman of the Securities and Exchange Commission and do not necessarily represent the views of the President, the full Commission, or any Commissioner.
[9] Related to this effort, on January 11, 2017, the Division of Investment Management issued interpretive guidance to Capital Group clarifying that Section 22(d) of the Investment Company Act of 1940 does not prevent a broker acting in an agency capacity from charging its customers a commission for transacting in “clean shares” of a registered investment company. Capital Group used the term “clean shares” to refer to a class of fund shares without any front-end load, deferred sales charge or other asset-based fee for sales or distribution. Capital Group, SEC Staff Letter (Jan. 11, 2017), available at https://www.sec.gov/divisions/investment/noaction/2017/capital-group-011117-22d.htm.
[13] In fiscal year 2016, OCIE completed nearly 1,450 investment adviser exams, more than it had completed in any of the prior seven fiscal years and 20 percent more investment adviser exams than it completed in fiscal year 2015. In fiscal year 2017, OCIE completed more than 2,100 investment adviser exams, a significant increase over fiscal year 2016.
[15] According to GSA’s schedule, a new lease would be awarded in fiscal year 2018.