December 16, 2015
I strongly support this proposed rule.
The risk of cyberattacks is perhaps the most important single issue we face in terms of financial market stability and integrity.
The examples of cyberattacks or significant technological disruptions from inside and outside the financial sector are all too frequent and familiar.
Today, the aims of these attacks can go beyond traditional financial motives. Today, we must be concerned about the possibility of attacks intended to destroy information and disrupt or destabilize our markets.
The risk to American businesses and the economy is dramatic. And the interconnectedness of our financial institutions and markets means that a failure in one institution can have significant repercussions throughout the system.
The proposed rule that we are issuing today is an important step toward enhancing the protections in our markets. It builds on our core principles – which already require clearinghouses to focus on system safeguards— by setting standards consistent with best practices. It requires robust testing of cyber protections, setting forth the types of testing that must be conducted, the frequency of testing and whether tests should be conducted by independent parties. In addition, it enhances standards for incident response planning and enterprise technology risk assessments.
Our requirements should come as no surprise--clearinghouses should already be doing extensive testing. Indeed, we hope that today’s proposal sets a baseline that is already being met.
The proposal also complements what we as a Commission already do. We focus on these issues in our examinations to determine whether an institution is following good practices and paying adequate attention to these risks at the board level and on down.
This rule is largely in line with another system safeguards proposal that the Commission also approved today, which applies the same standards to other critical market infrastructure.
Since the 2009 G-20 agreement and the enactment of Dodd-Frank, clearinghouses have become increasingly important the financial system. As a result, I believe we must do all we can to ensure their strength and stability. This proposed rule is a critical component of this effort.
I thank the staff for their hard work on this proposal. Of course, we welcome public comment on both our system safeguards proposals, which will be carefully taken into account before we take any final action.
Last Updated: December 16, 2015