The U.S. Securities Exchange Commission (SEC) on March 9, 2022 released for comment proposed amendments to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by public companies (“registrants”) that are subject to the reporting requirements of the Securities Exchange Act of 1934 (the Proposed Rule). According to the SEC, the proposed amendments are intended to better inform investors about a registrant’s risk management, strategy and governance related to cybersecurity and to provide timely notification to investors of material cybersecurity incidents.

The Proposed Rule by its terms applies to registrants and would therefore apply to corporate issuers and asset-backed issuers. The Proposed Rule, however, is not tailored to securitizations. In fact, it is surprising how little attention securitizations are given in the Proposed Rule. As such, it is difficult for participants in the securitization market to comment on the Proposed Rule. The risk, however, in not commenting on the Proposed Rule is that the SEC may issue a final version of the Proposed Rule that is substantially identical to the current version of the Proposed Rule.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]