Treasury calls on financial regulators to coordinate cybersecurity oversight

Highlighting 'fragmentation and overlap,' department suggests establishing one lead agency to align federal and state efforts

Jun 14, 2017 @ 2:09 pm

By Mark Schoeff Jr.

Government oversight of cybersecurity could become more streamlined under a proposal from the Trump administration.

In its first report on financial regulatory reform, the Treasury Department called for state and federal officials to work together to harmonize and coordinate examinations.

"In cybersecurity, financial institutions share the same goal as regulatory agencies: maintaining the safety and soundness of the financial system by mitigating and protecting financial institutions and the sector from cybersecurity risks," states the June 12 report. "Better coordination on cybersecurity regulation is needed to achieve this goal and enhance the resiliency of the sector. Given the risk of fragmentation and overlap, Treasury recommends that federal and state financial regulatory agencies establish processes for coordinating regulatory tools and examinations across sub-sectors."

In testimony before a House Appropriations subcommittee Monday, Treasury Secretary Steve Mnuchin said the Financial Stability Oversight Council should step in to sort out cybersecurity responsibilities.

"One agency should be named as the lead agency and coordinate amongst all the rest of them," Mr. Mnuchin said.

That is the approach Charles Schwab & Co. Inc. advocated in talks with the Trump administration.

"We are pleased that Treasury recognized the importance of examination coordination in any financial regulatory system reform," Jeff Brown, Schwab senior vice president and head of legislative and regulatory affairs, wrote in an email Wednesday.

In an earlier interview, he said the firm answers to four regulators on cybersecurity: the Securities and Exchange Commission, the Financial Industry Regulatory Authority Inc., the Office of the Comptroller of the Currency, and the Federal Reserve.

"They don't communicate with each other, they don't coordinate with each other, they don't consolidate with each other," Mr. Brown said. "Each comes in and does their exam, which could take two months."

The SEC and Finra have again this year made cybersecurity an examination priority. Each regulator also has released guidance over the last couple years, but neither has promulgated formal cybersecurity rules.

State regulators also have increased their scrutiny of advisory firms' cyberdefenses. State participation in the Financial and Banking Information Infrastructure Committee helps to get the regulators on the same page, according to Joe Borg, Alabama securities director and president-elect of the North American Securities Administrators Association.

"You're going to see a lot more coordination on cybersecurity going forward," Mr. Borg said this week at an Insured Retirement Institute conference in Washington.

At the same meeting, Ted Nickel, Wisconsin insurance commissioner and president of the National Association of Insurance Commissioners, said insurance regulators are working on a set of cybersecurity principles.

"I don't know that there's any overlap yet on the regulatory side," Mr. Nickel said at the IRI conference. "I think there just needs to be more coordination. If there are some areas of mutual oversight, we [should] align our cybersecurity rules or principles in a way that doesn't clash."


What do you think?

View comments

Recommended for you

Featured video


Why some retirement plan advisers think Fidelity is invading their turf

InvestmentNews editor Frederick P. Gabriel Jr. and reporter Greg Iacurci talk about this week's cover story that looks at whether Fidelity Investments is stepping on the toes of retirement plan advisers.

Latest news & opinion

Broker protocol: Indecision over recruiting agreement is rampant

Ruckus over recruiting agreement has even wirehouse lifers wondering if it's time

Cetera reportedly exploring $1.5 billion sale

The company confirmed it's talking to investment bankers to 'explore how to best optimize [its] capital structure at lower costs.'

Advisers bemoan LPL's technology platform change

Those in a private LinkedIn chat room were sounding off about fears the independent broker-dealer will require a move to ClientWorks before it is fully ready.

Speculation mounts on whether others will follow UBS' latest move to prevent brokers from leaving

UBS brokers must sign a 12-month non-solicit agreement if they want their 2017 bonuses.

Maryland jumps into fiduciary fray with legislation requiring brokers to act in best interests of clients

Legislation requires brokers to act in the best interests of clients.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting It'll help us continue to serve you.

Yes, show me how to whitelist

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print