As we kickoff 2015, let’s take a look back at some late 2014 efforts that will impact the year ahead (and beyond). In the fall of 2014, the Securities & Exchange Commission (SEC) released its “Strategic Plan for Fiscal Years 2014-2018.” In this document, the SEC laid out a plan and vision that provided us access to the organization’s line of thinking and the plans that it will certainly prioritize for 2015 and the years ahead.
This document was preceded by the February 2014 draft of this plan in which the SEC formally asked for comments from the public and presumably (as with most federal agency collaborations) the agency included many of these comments woven into the final version.
So with that as background, now is a good time to take a good look at the most recent document. Reviewing the SEC’s priorities and objectives helps us better understand how regulatory coverage, focus, and changes may play out in the coming years.
The document clearly articulates the SEC’s four strategic goals, attaching to each one a set of performance KPI’s that measure and “gauge the agency’s progress.” The four goals are to “establish and maintain an effective regulatory environment,” “foster and enforce compliance with the federal securities laws,” “facilitate access to the information investors need to make informed investment decisions,” and to “enhance the Commission’s performance through effective alignment and management of human, information, and financial capital.”
While these four areas cover a seemingly broad array of topics, it remains interesting that this list does not appear to place a priority on a number of areas that are worth mentioning. Specifically, a few main areas seem to pop out as being omitted from this document; in no particular order, these missing issues include mobile, retail access to dark pools, cybersecurity, and open source software.
- Mobile – The word “mobile” appears only once in the document and that mention is within the context of the SEC’s stated goal that the agency ensures that investors “have access to high-quality disclosure materials that facilitate informed decision-making.” Yet even here, there are three performance goals and the mobile aspect is only introduced as a “related goal” that the document clearly indicates “should not be considered a performance metric” and “does not require a target or timeframe.” This doesn’t appear to be a dramatically mobile-centric view of things, most would argue, given that we are in an era when we are all increasingly using our mobile devices to access, transact, and interact with the people and companies all around us.
- Retail Access to Dark Pools – Dark pools have been a significant topic of industry concern and regulatory inspection – but they are only mentioned once in the entire document. Moreover, dark pools are mentioned in the context of ensuring best execution and market fragmentation – which are important – but not in relation to how people (via their brokers or directly) might want to access these pools of liquidity.
- Cybersecurity – Cybersecurity has been an area of significant concern in the past 18 months to our capital markets infrastructure. RegSCI, the attacks on the exchanges themselves, and the ongoing attacks on our nation’s critical payments and trading infrastructure are all items that generate large headlines on a regular basis. Yet within this document, security (which only appears four times in the document (when not referring to securities)) is spoken about in the context of operational resiliency (along with availability, capacity, integrity, etc.). This makes sense in light of RegSCI recently having been finalized, but is not sufficient for a topic that permeates many discussions with clients, regulators, and the general public. Moreover, the words “cyber,” “denial of service,” and “hack(er)” do not appear anyplace in the document, either, all of which are commonplace topics that deserve some focus and attention.
- Open Source Software: 2014 witnessed a significant focus on open source projects and software upon which much of the financial markets and banking world – and other industries – rely. If you recall Shellshock, and Heartbleed in particular, a simple mention perhaps should have been included in some basic manner, even if only once.
In fairness to the SEC, it is true that the SEC’s “Vision” section (with its own list of six items) does include broad topics that might account for some of the topics omitted from the document. The two aspects of the vision statement that I am referring to are a “focus on strengthening market structure and systems” and “protection against fraud and abuse.” Clearly these could include areas such as cybersecurity, and possibly even the open source software issue.
Regardless, we hope that the framework laid down by the SEC fosters active dialogue on these, as well as other issues, dominating the strategic plans for those of us in financial services and related disciplines in the New Year that lies ahead.
On January 13, the SEC announced its 2015 Examination Priorities. Next week’s blog will feature an analysis of this announcement by our compliance SME, Walter Ferstand, who will also talk about the newest priorities set by FINRA. Stay tuned for part 2 of this discussion.