SEC’s regulatory agenda cements commitment to ESG and cyber

The US Securities and Exchange Commission (SEC) has published its Annual Regulatory Agenda, which comprises both short and long term regulatory actions that the Regulator plans to take over the coming year.

The regulatory agenda looks to tackle a number of progressive regulatory issues, including:

• Proposed rules around disclosures for climate change, human capital, corporate board diversity and cybersecurity risk and governance.
• Increased transparency around short-sale disclosures, stock buybacks and securities-based swaps ownership.
• Modernised market structures, including treasury markets, equity markets and other fixed-income markets.
• Regulations to address the “gamification” of trading on mobile apps, including rules related to behavioural prompts, predictive analytics, and differential marketing.

However, while the agenda looks to cover myriad emerging trends it has not been met without scrutiny, with many, including some within the SEC, noting a lack of clarity or commitment around pressing issues such as digital assets, gig worker compensation with equity and proxy plumbing.  

Is this regulatory agenda more than just a PR spin?

Commenting on the agenda, SEC Chair Gary Gensler said, “To meet our mission of protecting investors, maintaining fair, orderly, and efficient markets, and facilitating capital formation, the SEC has a lot of regulatory work ahead of us.”

In his first speech as SEC Chairman, Gary Gensler, noted in his Testimony before the Subcommittee on Financial Services and General Government, that he looked forward to developing a disclosure regime which included “climate risks and human capital”. This led to speculation that, as the Regulator changed Chair following the US election, environmental, social, and corporate governance factors (ESG), including climate change would be high on the Regulator’s agenda for 2021.

However, pockets of the industry expressed scepticism about the true weight of the SEC’s statements, suggesting it may be business as usual, with a public relations spin.

Interestingly, one such commentator who expressed “reservations” about the SEC’s desire to regulate around ESG was Commissioner Elad Roisman, who suggested that its existing disclosure regime already requires issuers to provide investment information that was sufficiently detailed about ESG factors.

While the majority of rules and regulations published within the Annual Regulatory Agenda remain at “proposed rule stage” or “prerule stage”, the SEC is making a commitment, in writing, to developing a regulatory regime that tackles ESG factors, from climate change to cyber security risks. Whether these rules emerge as enforcement regulations remains to be seen, but it takes the commitment beyond speculative speeches to planned actions.

CUBE comment

Until now, the SEC has been reserved in taking definite action in these areas. While other global institutions have made bold moves (and bolder claims), the SEC has remained relatively stoic. The SEC’s recent change in administration is clear within this agenda, which undoubtedly marks a change in tack – one that is forward-thinking and regulating in line with market and societal activity. Whether the regulations will emerge, and indeed come into force is another thing.

As is to be expected from a transparent rule making process, the SEC’s agenda is not free from criticism, with some asking how the Regulator plans to tackle emerging technology-based crypto and digital assets.

For firms still reeling from the effects of a global pandemic, the notion of more regulation may be unwelcome, regardless of the underlying cause. The inevitable truth is, as issues surrounding the climate, diversity, good governance etc. come to the fore, regulators (and regulations) will grow to meet them.

For the compliance team, the challenge is two-fold: keeping on top of emerging regulations, and subsequently working out how to implement them. Regulatory change management solutions, such as CUBE, seamlessly automate the change-management process, meaning the compliance team can free up hours previously spent on manually trawling, and devote it to implementation.