The SEC’s New Year’s Resolutions: Retail Investors and Cybersecurity

2018 arrived in the wake of big changes at the U.S. Securities and Exchange Commission (“the SEC”). Jay Clayton was sworn in as Chairman of the Commission in May, naming Steve Peikin and Stephanie Avakian as Co-Directors of the Enforcement Division (the “Division”) in June. As many do for the start of a new year, they have evaluated the Division’s priorities and promised a new focus. According to a speech by Ms. Avakian late last year, we can expect the Division to direct its resources and attention to two priorities going forward: the protection of retail investors and cybersecurity.

Cybersecurity Threats

The Division also anticipates that the increasing number and impact of cyber-related issues will bring cybersecurity to the forefront of its priorities. In late 2017, the SEC announced the formation of a new Cyber Unit to deal with the increasingly complex nature of cyber threats from foreign and domestic actors, such as traders in stolen market-moving information, market manipulators, and state-sponsored hackers. Ms. Avakian described these threats as “so serious” as to require a dedicated group of personnel and resources devoted to their pursuit.

According to Ms. Avakian’s speech, the Cyber Unit, with the help of the SEC’s Office of Compliance, Inspections and Examinations, will focus on three main enforcement areas:

(i) hacking to access information, access brokerage accounts, or disseminate false information;

(ii) failures by investment advisers and broker dealers to reasonably safeguard information and system integrity; and

(iii) failures by public companies to timely disclose material cyber risks and incidents.


While the Division no doubt will continue to bring cases in other bread-and-butter areas, like financial reporting and insider trading, it is clear that the protection of “Main Street” investors and cybersecurity will be at the top of the Division’s priorities list in 2018. Compliance professionals and others in the securities industry will want to keep those priorities in mind as they evaluate their own risks, policies, and procedures in the year ahead.  MORE