The U.S. Securities and Exchange Commission on Thursday named Gabriel Benincasa, a senior adviser at the financial industry consulting firm Patomak Global Partners LLC, as the agency’s first chief risk officer, a move that comes as the regulator seeks to bolster its cyber defenses.

The SEC said Benincasa will coordinate the efforts to identify, monitor and address risks facing the agency, working in the office of chief operating officer Ken Johnson, an agency official since 2010.


➤➤ Our weekly briefing Compliance Hot Spots provides the latest news and trends in compliance and enforcement—what regulators are up to and how firms and in-house counsel are crafting new strategies. Learn more and sign up here.


Just last month, the SEC charged nine defendants in a scheme that involved hacking into the agency’s corporate filing database, known as Edgar, and trading on non-public earnings results.

Benincasa takes over for Julie Erhardt, who served as acting chief risk officer as the SEC recruited for the position. Erhardt will now return to her role as deputy chief accountant for technology and innovation.

“Establishing the chief risk officer position at the SEC is an important step forward in our continuing efforts to strengthen the agency’s risk management program,” SEC chairman Jay Clayton, who created the new position, said in a statement. “Gabe is an experienced senior leader with deep risk, legal, compliance, and financial markets expertise. I am certain we will benefit from his advice and insights. I also want to thank Julie for giving us a running start on this initiative.”

Benincasa’s hiring comes just months after he joined Patomak Global Partners in New York, a firm headed by Paul Atkins, who served on President Donald Trump’s transition team as a top adviser on financial regulation. Atkins, who also began his legal career at Davis Polk & Wardwell, served as an SEC commissioner under the George W. Bush administration.

Benincasa earlier served as the general counsel and chief compliance officer at Quad Capital. A lawyer and certified public accountant, he began his legal career at Davis Polk before taking in-house roles at Morgan Stanley and Bank of America. Benincasa has also held top legal and compliance positions with Credit Suisse Group AG and the financial technology firm Investment Technology Group.

In a prepared statement, Benincasa said: “It is an honor to serve America’s investors and markets as the SEC’s first Chief Risk Officer. I look forward to joining the team and building upon existing programs to help the agency tackle current and future challenges.”

Under Clayton’s leadership, the SEC has paid increased attention to cybersecurity—both inside and outside of its doors.

The SEC has released guidance for preparing disclosures of cybersecurity risks and incidents, along with policies for preventing company insiders from trading on confidential information about breaches. Last year, the SEC charged a pair of former Equifax employees with trading on their inside information about a hack that exposed the personal information of nearly 150 million Americans—about half of the U.S. population.

Benincasa’s hiring reflects the SEC’s effort to also look inward. In December, Clayton said the SEC is “focused on assessing and improving our own cybersecurity risk profile—again, trying to eat a bit of our own cooking.” In those remarks, he highlighted the creation of the chief risk officer position.

“We have worked to promote a culture that emphasizes the importance of data security throughout our divisions and offices. The staff has also been engaging with outside experts to assess and improve our security controls,” Clayton said. “We recognize, however, that no system can be entirely safe from a cyber intrusion, and that there is a lot of work that remains to be done.”