Information Security and ESG Identified as Key SEC 2023 Exam Priorities
“In a time of growing markets, evolving technologies, and new forms of risk, our Division of Examinations continues to protect investors,” said SEC Chair Gary Gensler. “In executing against the 2023 priorities, the Division will help ensure compliance with the federal securities laws and rules.”
Information Security a key priority
Information security is once again a top priority for the SEC. The agency has conveyed their focus on Cybersecurity, third-party vendors, unauthorized use of third-party providers, as well as operational resiliency. With respect to the “Unauthorized use of third-party providers” this could reference the so called “Shadow-IT” which is when employees use their personal devices and/or cloud services to access company information. This can lead to security breaches as well as data leakage. It’s also possible that it could refer to improper access to the vendors by internal persons. The SEC has been very clear in the past that they expect companies to have strong cybersecurity policies and practices, and this is unlikely to change.
ESG a key priority
As expected, the SEC will also continue its focus on ESG-related advisory services and fund offerings, including whether funds are operating in the manner set forth in their disclosures. In addition, the agency will assess whether ESG products are appropriately labeled and whether recommendations of such products for retail investors are made in the investors’ best interests.
The SEC has previously indicated that it expects firms to have formal processes in place for ESG investing together with appropriate policies and procedures related to ESG investing designed to prevent violations of regulations and law. Documentation of ESG-related investment decisions needs to be robust and clear; and compliance programs should be designed to guard against inaccurate ESG-related disclosures and marketing materials.
To learn more about all the SEC 2023 Exam Priorities, read the full release here.
If you have any questions about the SEC’s Exam Priorities for 2023 and how these may affect your business, please reach out to your usual Waystone Compliance Solutions representative or contact us below.