Key Takeaways on the SEC’s Draft Strategic Plan for 2022 – 2026¹

Key Takeaways on the SEC’s Draft Strategic Plan for 2022 – 2026¹

By Jacqueline Hallihan, Co-Executive Director
Compliance Services, Part of Confluence

The Securities and Exchange Commission (SEC) is seeking public comment on its draft Strategic Plan for fiscal years 2022 to 2026, noting the SEC oversees 38% of the capital markets worldwide, representing more than $100 trillion. 

The draft Strategic Plan focuses on three strategic goals to advance the SEC’s mission over four years:

Three Strategic Goals:

  1. Protect working families against fraud, manipulation, and misconduct. 
  2. Develop and implement a robust regulatory framework that keeps pace with evolving markets, business models, and technologies. 
  3. Support a skilled workforce that is diverse, equitable, and inclusive and is fully equipped to advance agency objectives.

Key Takeaways:

SEC’s Goal 1: Protect working families against fraud, manipulation, and misconduct

In pursuit of this goal, the SEC has identified three objectives: 1) Pursue enforcement and examination initiatives focused on identifying and addressing risks and misconduct that affect individual investors; 2) Enhance the use of market and industry data, particularly to prevent, detect, and enforce against improper behavior; and 3) Modernize the design, delivery, and content of disclosures so investors, particularly retail investors, can access consistent, comparable, and material information to make informed investment decisions.

Key Takeaways related to Goal 1:

In summary, Objective 1 emphasizes the SEC’s intent to “pursue enforcement and exam initiatives and pursue misconduct” wherever it finds it—”including responsible individuals.” The Plan pinpoints an exam focus on cyber and private fund conflicts of interest, stating, “The SEC’s examinations program will continue to focus on uncovering key risks and violations that could impact individual investors, from cybersecurity to private fund adviser conflicts of interest.” The EXAMS program will focus on uncovering key risks and violations.  

Regarding risk, the SEC is taking a proactive approach to better identify, analyze and respond to market developments and risk.

Objective 2 centers on capabilities to manage and analyze data. They intend to develop and implement faster and more comprehensive methods to allow the Enforcement and Examinations Divisions to leverage data. They also focus on employing timely “cutting-edge data analysis” to manage data as a strategic asset. This objective can be achieved, the Plan indicates, “…by expanding disclosure and analytical tools, broadening the use of machine learning and artificial intelligence, and developing long-term risk analysis directly connected to policy development,” focusing on strategic and collaborative analysis. Additionally, they will expand the use of economic, risk, and data analyses to set priorities and focus resources.

Objective 3, “Modernizing Design, Delivery and Content of Disclosures,” reflects the need to update the disclosure framework. An example includes investors seeking information about issuers’ climate risks, cybersecurity hygiene policies, and their most important asset: their people. The SEC needs to continue to update the disclosure framework to address these areas of investor demand and modernize the supporting systems.

SEC’s Goal 2:  Develop and implement a robust regulatory framework that keeps pace with evolving markets, business models, and technologies

Key Takeaways related to Goal 2:

In summary, the three objectives for Goal 2 center around more transparency, modified rules, and enhanced disclosure in private or unregulated markets; coordination with fellow and foreign regulators; and supervising global entities appropriately with consistent data protection policies.  

Crypto comes up twice in the Plan as a focused risk in the context of evolutionary risks, stating the SEC must pursue new authorities from Congress where needed, continue to collaborate with other regulators effectively, and engage more proactively on digitization initiatives. Cyber threats are also identified as an example of evolutionary risk, as are the pandemic and the rapid growth in crypto assets.

The SEC intends to enhance investor education through proactive outreach, roundtables, field hearings, and focus on emerging and popular investment topics including crypto assets, derivatives, and fixed income.

Based on their premise, “the ongoing movement of assets into private or unregulated markets, the continual creation of new financial instruments and technologies, and the challenges of increased globalization all require the agency to update and evolve rapidly.” The SEC’s strategic goals to tackle these challenges are to:

  • Enhance transparency in private markets and modify rules to ensure that core regulatory principles apply in all appropriate contexts.
  • Develop specific regulations to ensure investors remain informed and protected via a broad-based disclosure framework.   
  • Continue to focus on supervising global entities appropriately, noting the challenge of protecting sensitive information when coordinating with other regulators. This Goal states consistent data protection policies are essential for this effort.

Cybersecurity threats are examples of how technology has introduced new or amplified existing risks. The Plan highlights that cybersecurity threats to the complex system that helps the markets function are “growing in scale and sophistication,” as well as the need for continued coordination with fellow regulators, including foreign regulators.

“Evolutionary risks” such as rapid growth in crypto assets, external events such as the pandemic, and the evolution of markets without the subsequent strengthening of agency authorities, are all identified as representing systemic and infrastructure risks. The SEC’s Plan states, “… it must pursue new authorities from Congress where needed, continue to collaborate with other regulators effectively, and engage more proactively on digitization initiatives, to be better prepared for, and more agile in, its response to such risks in the future.” 

The SEC intends to continue to focus on investor education and outreach as well as on emerging and popular investment topics, reflecting input that includes proactive outreach, roundtables, and field hearings. The SEC must also enhance its expertise and resources beyond equities, citing crypto assets, derivatives and fixed income, and maintain an agile approach.

SEC’s Goal 3:  Support a skilled workforce that is diverse, equitable, and inclusive and is fully equipped to advance agency objectives

Key Takeaways related to Goal 3: 

The Plan emphasizes it must continue to innovate and improve technology and processes consistently while supporting its people and positioning them to fulfill its critical mission. The three objectives focus on the workforce, promoting collaboration, and maximizing telework opportunities while maintaining collaboration and culture-building with in-office presence. 

One of the most important areas identified is a focus on data and information security, optimizing controls on systems and data based on risk. This goal also means managing the risks associated with the SEC’s vendors and supply chains. 

The third objective is to modernize technology in a cost-effective, secure, and resilient manner. The objective states, “The SEC is moving aggressively to the cloud, remaking its technology environment to optimize capabilities, costs, resilience, and security for the agency as a whole.” The objective also highlights the need to continue to invest in modernizing key systems and “innovate with new technologies such as machine learning.”

How The Strategic Plan Impacts Investment Advisers and Regulated Firms:

Mapping the SEC’s strategic vision and objectives, albeit a draft, and the impacts on regulated firms, gives a line of sight for what to expect. Foremost, the SEC has been leading the industry using data analytics and identifying emerging market events and risks. Their strategic focus over the next several years to use AI and machine learning and enhance its data analytics signals the industry to do likewise with their compliance programs. As has often been stated, compliance programs are fluid and constantly evolving. Using technology and analytics to assist in that process is no longer a “nice to have” but a “must have.”

Contact us to learn how CSS Compliance Services, part of Confluence, can help you with use of technology and analytics to strengthen your Compliance Program, conduct risk assessments, RIA annual reviews, or performance analytics and regulatory compliance reporting.

1Source: https://www.sec.gov/files/sec_strategic_plan_fy22-fy26_draft.pdf, August 24, 2022