REGULATORY DEVELOPMENTS
SEC PROPOSES RULES TO INCLUDE CERTAIN SIGNIFICANT MARKET PARTICIPANTS AS “DEALERS” OR “GOVERNMENT SECURITIES DEALERS”
On March 28, the SEC proposed new rules that would require certain market participants, such as proprietary trading firms, that perform certain dealer-like roles by acting as liquidity providers and/or engaging in certain levels of buying and selling securities, to (1) register with the SEC, (2) become a member of an SRO and (3) comply with federal securities laws and regulatory obligations. A dealer is defined as a person “engaged in the business” of buying and selling securities for such person’s own account. Excluded from this definition is a “trader” who “buys or sells securities…for such person’s own account…but not as a part of a regular business.” The proposal would, in essence, eliminate the trader exclusion for most firms.
The proposal would apply to any person or firm that has or controls total assets of at least $50 million. The SEC’s proposal is designed to expand the definition of dealer to capture proprietary trading firms engaging in certain specified levels of trading activity to the degree that such firms play a significant role in providing liquidity to the overall market. The proposal, if adopted, would extend the regulatory framework applicable to broker-dealers to such firms. Interestingly, the SEC notes that the proposal would even apply to firms that transact in “digital asset securities.” Coupled with other recent SEC proposals, like proposed amendments to Regulation ATS, this rule could be one of the SEC’s first major steps toward regulating cryptocurrency markets, in addition to the proprietary trading firms that transact in traditional securities.
“I was pleased to support this proposal because I believe it reflects Congress’s statutory intent that firms engaging in important liquidity-providing roles in the securities markets, including in the U.S. Treasury market, be registered with the Commission.”
— SEC Chair Gary Gensler
SEC PROPOSES CHANGES TO REGULATION M TO REMOVE CREDIT-RATING REFERENCES
On March 23, the SEC proposed amendments to Regulation M which, if adopted, would remove references to credit ratings currently included in Regulation M. Under the proposed changes, the measure of credit-worthiness of nonconvertible debt securities, nonconvertible preferred securities and asset-backed securities included in the exception to Rule 101 of Regulation M would be replaced with new standards. The exception to Rule 102 of Regulation M would be eliminated.
Further, the SEC proposed new paragraph (b)(17) of Rule 17a-4 under the Securities Exchange Act of 1934, which would require broker-dealers relying on Rule 101’s exception for certain nonconvertible debt securities and nonconvertible preferred securities to preserve, for a period of not less than three years, the first two years in an easily accessible place, the written probability of default determination. The public comment period will remain open for 30 days following publication of the proposing release in the Federal Register or 60 days after publication of the proposing release on the SEC’s website, whichever period is longer.
FDIC ISSUES REQUEST FOR INFORMATION ON BANK MERGERS
On March 25, the FDIC issued a bulletin seeking comment and feedback on the effectiveness of current rules and regulations related to bank mergers.
The FDIC would like to measure the effectiveness of the existing framework in meeting the requirements of the Bank Merger Act. The request for information (RFI) is seeking comments regarding the application of the laws, practices, rules, regulations, guidance and statements of policy that apply to mergers involving one or more insured depository institutions. This would include a merger between an insured depository institution and a noninsured institution.
The RFI is prompted by significant changes that have taken place over the past several decades in the banking industry and financial system. Specifically, the RFI states that three decades of consolidation and growth in the banking industry have significantly reduced the number of smaller banks and increased the number of large and systemically important banks. Additionally, a recent executive order instructed U.S. agencies to consider the impact that consolidation may have on maintaining a competitive marketplace.
The FDIC is accepting comments within 60 days of publication in the Federal Register.
FINRA ISSUES CYBERSECURITY ALERT
On March 21, FINRA’s Cyber and Analytics Unit (CAU) issued a Cybersecurity Alert (Alert) highlighting a statement made by President Biden on the same date regarding potential threats to the United States’ cybersecurity. Of particular concern is the mounting intelligence that Russia is “exploring options for potential cybersecurity attacks.”
According to President Biden’s statement, most of America’s critical infrastructure is owned and operated by the private sector; as such, the CAU is reiterating the President’s request that private sector companies immediately reinforce their cyber defenses and be vigilant against potential cybersecurity attacks. In addition to reinforcing cybersecurity, the Alert also highlights the Department of Homeland Security’s efforts to share mitigation guidance and to actively engage organizations and critical infrastructure holders from across the private sector to share information related to cybersecurity attacks to help ensure protection.
FDIC AND OCC DESIGNATE POINTS OF CONTACT FOR COMPUTER SECURITY INCIDENT NOTIFICATIONS
On March 29, the FDIC and the OCC issued bulletins related to the joint rule establishing computer-security incident notification requirements for banking organizations and their bank service providers (Computer-Security Incident Notification: Final Rule) that goes into effect on May 1, 2022.
FDIC-supervised banks can comply with the rule by notifying their case manager of an incident. To satisfy the notification requirement, an OCC-supervised bank may email or call its supervisory office, submit a notification via the BankNet website, BankNet.gov, or contact the BankNet Help Desk.
For the purposes of the rule, a “notification incident” generally includes “a significant computer-security incident that disrupts or degrades, or is reasonably likely to disrupt or degrade, the viability of the bank’s operations; results in customers being unable to access their deposit and other accounts; or impacts the stability of the financial sector,” including: a major computer-system failure; a cyber-related interruption, or another type of significant operational interruption. If a bank is unsure whether it is experiencing a notification incident for purposes of the final rule, the bank should contact its supervisory office.
SEC PROPOSES NEW RULES APPLICABLE TO SPACS AND CERTAIN REVERSE MERGERS
On March 30, the SEC held an open meeting to consider proposed rules and amendments regarding special purpose acquisition companies (SPACs), shell companies, and projections disclosure.
Read the client alert for more information on the proposed new rules and amendments.
CFPB BROADENS SCOPE OF UDAAP AUTHORITY TO DISCRIMINATION AND CONSUMER REVIEWS
The Consumer Financial Protection Bureau (CFPB) has been actively reshaping the scope of its supervisory and enforcement priorities with respect to unfair, deceptive, or abusive acts or practices (UDAAPs) under the Consumer Financial Protection Act (CFPA). On March 16, 2022, the CFPB updated its UDAAP Examination Procedures to guide examiners in identifying unfair discrimination in the offering or providing of consumer financial products or services. Then, on March 22, the CFPB published policy guidance on prohibited conduct under the CFPA relating to consumer reviews. These developments call for covered institutions to engage their change management processes and update their compliance management system (CMS) to mitigate UDAAP risk.
Read the client alert to learn more.
