On November 19, 2014, the Securities and Exchange Commission (the "SEC") voted to adopt Regulation Systems Compliance and Integrity (Regulation SCI), designed to strengthen the technology infrastructure of certain key U.S. securities markets participants, including alternative trading systems (ATSs) that meet specified volume thresholds. The Regulation, which supersedes and replaces the current Automation Review Policy ("ARP"), will mandate additional safeguards and oversight requirements to ensure that critical technology infrastructure systems operate effectively, and that problems are promptly identified, communicated and corrected.
Under Regulation SCI, "SCI entities," including ATSs, will have to ensure that their core technology infrastructure meets standards for capacity, integrity, resiliency, availability and security. They will need processes, policies and procedures to review and monitor their systems, and, in certain cases, pre-approval from the SEC for system modifications. SCI entities will be required to conduct expanded business continuity and disaster recovery testing and coordinate such testing on an industry or sector-wide basis. Regulation SCI will become effective 60 days after publication in the Federal Register. Entities subject to the new rules generally will have to comply nine months after the effective date.
In addition to the recently approved rules, certain SEC Commissioners have suggested that Regulation SCI-type regulations should be applied to a broader group of market participants. In her comments announcing the approval of Regulation SCI, SEC Chairman, Mary Jo White, stated that she has directed the SEC staff to research "whether an SCI-like framework should be developed for other key market participants, such as broker-dealers."