Oct. 29, 2023
Dear Securities and Exchange Commission, I am writing to express my concerns regarding the proposed rule titled "Safeguarding Advisory Client Assets" and the lack of clarity on the definition of digital assets. While I appreciate the efforts taken to enhance investor protections and address gaps in the custody rule, it is essential to provide clear guidance on what constitutes a digital asset to avoid confusion and potential misinterpretation. The proposal encompasses a broader range of investments held in a client's account, including assets in a digital format. However, the definition of digital assets remains ambiguous, allowing room for varying interpretations. This ambiguity raises concerns about the potential privacy and safety risks associated with sharing sensitive financial data and social security numbers with multiple third parties. In an increasingly digital world, where data breaches and cyber threats are on the rise, it is imperative to prioritize the privacy and protection of investor information. Without a clear definition of digital assets and robust measures to safeguard client data, there is a risk of unauthorized access, misuse, and potential harm to investors. Furthermore, the proposal includes requirements for investment advisers to deliver notice to clients when opening an account with a custodian. While this transparency is commendable, it also means that sensitive client information, such as custodian information and account numbers, will be shared with multiple parties. This raises concerns about the potential for identity theft or unauthorized use of client accounts. To address these concerns, I urge the Securities and Exchange Commission to provide a comprehensive and precise definition of digital assets, ensuring clarity and consistency across the industry. This will help investment advisers and custodians understand their obligations and implement appropriate safeguards. Additionally, I recommend that the SEC consider the implementation of rigorous privacy measures and data protection protocols to safeguard client information. This could include encryption, two-factor authentication, regular external security audits, and limitations on data sharing to minimize the risk of data breaches. Moreover, the SEC should encourage investment advisers to explore alternative methods for client notification that do not compromise their privacy and security. For example, utilizing secure communication channels or encrypted platforms to exchange sensitive information and reduce the risk of unauthorized access. In conclusion, while the proposed rule aims to enhance investor protections and address custody rule gaps, the lack of clarity on the definition of digital assets and potential privacy risks need to be urgently addressed. By providing clear guidance, prioritizing investor privacy, and promoting secure data practices, the Securities and Exchange Commission can ensure the safety and wellbeing of investors in an increasingly digital landscape. Thank you for considering my concerns. Sincerely, Cheng Resina Sent from my iPhone