Regulatory Alerts2023-03-15
Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information
The Securities and Exchange Commission proposes amendments to Regulation S-P requiring broker-dealers, investment companies, registered investment advisers, and transfer agents to implement written incident response programs addressing unauthorized access or use of customer information. These amendments mandate timely notification to affected individuals regarding data breaches involving sensitive customer information, while broadening the scope of safeguarded records and extending disposal requirements to all transfer agents. The proposed rules also establish recordkeeping obligations and align annual privacy notice delivery with a statutory exception under the Gramm-Leach-Bliley Act to create a consistent federal standard for customer protection.