SEC adopts updated ethics rules for members and employees

Amended rules aim to strengthen and modernize the regulator’s ethics compliance program.

The agency said the amendments update the SEC’s “existing, robust ethics requirements that govern the securities holdings and transactions of all agency employees, their spouses, and minor children”. The rule was adopted jointly with the Office of Government Ethics, apply to SEC members and employees (and, in some cases, their family members).

The new requirements

To strengthen the SEC’s ethics requirements, the agency has established the following new elements to its ethics program:

  • Sector fund restrictions: While the Commission has long prohibited employees from investing in stocks of entities directly regulated by the Commission, such as broker-dealers and investment advisers, the rule amendments expand the prohibited holdings restrictions to ban employees from investing in financial industry sector funds. The agency believes employee ownership of financial industry sector funds poses similar risks of conflicts of interest and appearance concerns as more directly regulated securities.
  • Data collection enhancement: The amendments permit employees to comply with existing reporting requirements by authorizing financial institutions to transmit data on their covered securities transactions and holdings directly to the SEC through an automated electronic system. The hope here is that the detection and remediation of violations happen in real time, reducing manual processes for transaction confirmations and reporting, and providing an independently verifiable source for compliance monitoring and testing.
  • Mutual funds, clarified: Because diversified mutual funds generally pose a low risk of conflicts of interest, misuse of nonpublic information for personal gain, or appearance problems as compared to other types of securities, the rule amendments exempt diversified mutual funds from the supplemental ethics rule’s requirements – but with an exception. The exception is for mutual funds that concentrate investments in a particular sector, industry, business, state, or country other than the United States.
  • Initial public offerings, clarified: The amendments explain that the limitation on purchasing securities that are part of an IPO until seven days after the IPO also applies to direct listings of securities.

Privacy and cybersecurity questions

For many years, SEC employees have been required to preclear securities transactions and comply with minimum holding periods.

All employees are prohibited from, among other things, transacting in securities of companies the agency is investigating, engaging in short selling, transacting in derivatives, participating in initial public offerings for seven calendar days after the offerings, or purchasing or carrying securities on margin.

SEC received approximately 90 letters that helped inform the final amendments after the comment period ended last March.

One of the more interesting areas that received comments focused on whether the SEC possesses the legal authority to implement a direct data feed reporting requirement for members and employees, as well as their spouses and minor children. (The SEC did not end up adopting that requirement, as noted below.)

For example, one commenter argued that the proposal is “contrary to the law,” asserting that the US law deemed as supporting it “simply does not authorize” the proposed collection of covered securities transactions and holdings data from financial institutions through a third-party automated compliance system. Additionally, the commenter asserted that the Ethics in Government Act of 1978 does not cover family members or children of staff.

Another commenter stated that “[t]he proposed rule seeks to require me to give an undisclosed third-party direct access to my financial accounts,” arguing that US law does not “appear to give the SEC the broad reach it seeks”.

Another commenter expressed concerns about the potential security vulnerability of a third-party system in light of past incidents experienced by federal agencies, Wall Street institutions, and service providers.

The SEC took the comments seriously and said it would not adopt the proposal that would have authorized mandatory use of an automated third-party compliance system. In a change from the proposal, the SEC said its final rules:

  1. authorize the use of either an internal or third-party automated compliance system, and;
  2. permit rather than require employees to use an automated compliance system to comply with the reporting requirements that obligate employees to report and certify securities holdings, transactions, and duplicate statements for accounts holding covered securities.

“These modifications will also allow the Commission to gain additional experience and data regarding the benefits and costs of an automated compliance system without compelling employees who have concerns about security and privacy to utilize such a system,” the SEC said.