Statement on Amendments to Regulation SCI

Washington D.C.

Today, the Commission is considering amendments to Regulation Systems Compliance and Integrity (Reg SCI), the rule promoting the resiliency of key systems for key market participants. I am pleased to support this proposal because, consistent with maintaining orderly markets, these amendments would help promote the capacity, integrity, resiliency, availability, and security of these critical intermediaries.

At the heart of our markets is a number of market participants that are vital to our market infrastructure. Recognizing the need to protect the technological infrastructure underlying these important entities, the Securities and Exchange Commission adopted Reg SCI in 2014. The rule was designed to reduce the likelihood of system issues and their consequences should they occur.

Technology rapidly has changed since 2014, and with it the nature and structure of our markets as well the technological risks that our markets face. When it comes to change in business models, technology, and our markets, nine years is a long time. In those nine years, we’ve seen a dramatic increase in the digitalization of markets, the use of the cloud, and the use of Open APIs, among others. Further, we’re living in a transformative time with respect to changes brought on by the use of artificial intelligence, machine learning, and predictive analytics. Generative AI was only in its infancy in 2014. ChatGPT became available to the public only within the last nine weeks.[1]

Technology plays an expansive and expanding role supporting our market systems, and our markets would benefit if we updated Reg SCI to reflect those changes. I think it’s important also to broaden Reg SCI to include a number of key market participants and enhance the standards those market participants must meet.

Today’s proposal would broaden Reg SCI to include the largest broker-dealers in our markets as well as swap data repositories and certain exempt clearinghouses. In adopting the original 2014 rule, the Commission elected to take a “measured approach that takes an incremental expansion” potentially to incorporate brokers into Reg SCI over time.[2] Today, the rule covers four dozen entities, and this proposal would expand the list to include an estimated two dozen others.

The largest broker-dealers in our markets would comprise the majority of these additional covered entities. These brokers currently play a significant role in our markets—and if any of these brokers were affected by a technological event, it could disrupt or impede our markets’ orderly and efficient operations. Thus, their resiliency to technology events is too important for the Commission not to consider requiring these entities to meet Reg SCI’s requirements. Further, securities-based swap data repositories were not yet required to register with the Commission in 2014.

With respect to the proposed enhancements to Reg SCI’s requirements, let me highlight just two.

First relates to the management and oversight of third-party service providers. Over the last nine years, there has been a significant growth in reliance on these providers, particularly for cloud services, software-as-a-service, and more recently, artificial intelligence. Today’s amendments would ensure that key market participants take additional steps to meet their SCI obligations, regardless of whether the technology and systems they use are internal or come from a third-party service provider.

Second, the proposal would enhance the current requirements for key market participants to perform an annual systems review. It’s a thorough, holistic, and interconnected review that must meet a series of standards that the proposed rule specifies. I think that such an annual review could help maintain these entities’ technological resiliency.

Taken together, these amendments would make these key market participants more robust, resilient, and secure. That benefits our markets.

I’d like to thank the members of the SEC staff who worked on this proposal, including:

  • Heidi Pilpel, Haoxiang Zhu, David Saltiel, Andrea Orr, David Shillman, David Liu, Sara Hawkins, Gita Subramaniam, Josh Nimmo, An Phan, Matthew Lee, Stephanie Park, Roman Ivanchenko, Richard Schwinn, Jesse Brady, Patrick Norton, Alex Jadin, Arun Manoharan, Mark Donohue, Thomas McGowan, Randall Roy, Nina Kostyukovsky, Roni Bergoffen, Marilyn Parker, Jennifer Colihan, Will Miller, Tyler Raimo, Michael Gaw, Erika Berg, David Hsu, and Leah Drennan in the Division of Trading and Markets;
  • Lauren Moore, Wei Liu, Ardith Spence, Jessica Wachter, Richard Oliver, Chyhe Becker, Rooholah Hadadi, Daniel Bresler, Robert Girouard, Jeorge Young, Charles Woodworth, and Yoon-ho Alex Lee in the Division of Economic and Risk Analysis;
  • Maureen Johansen, Ronesha Butler, Megan Barbero, Meridith Mitchell, Malou Huth, Robert Teply, and David Mendel in the Office of the General Counsel;
  • Keith Cassidy, Dan Dewaal, Alexis Hall, Joseph Murphy, Carrie O’Brien, and Michael Hershaft in the Division of Examinations;
  • Lory Stone and Ben Brutlag in the Division of Enforcement;
  • Valerie Szczepanik in Office of the Strategic Hub for Innovation and Financial Technology;
  • Dave Sanchez in the Office of Municipal Securities; and
  • Mark Jacoby in the Office of the Chief Accountant.

[1] ChatGPT’s stable release was on February 13, 2023. The platform’s prototype was released on November 30, 2022.

[2] See Securities and Exchange Commission, “Regulation Systems Compliance and Integrity” (Nov. 19, 2014), available at

Last Reviewed or Updated: March 15, 2023