WASHINGTON: Cyber security is the biggest risk facing the financial system, the chair of the US Securities and Exchange Commission (SEC) said on Tuesday, in one of the frankest assessments yet of the threat to Wall Street from digital attacks.

Banks around the world have been rattled by a $81 million cyber theft from the Bangladesh central bank that was funnelled through SWIFT, a member-owned industry cooperative that handles the bulk of cross-border payment instructions between banks.

The SEC, which regulates securities markets, has found some major exchanges, dark pools and clearing houses did not have cyber policies in place that matched the sort of risks they faced, SEC Chair Mary Jo White told the Reuters Financial Regulation Summit in Washington D.C.

“What we found, as a general matter so far, is a lot of preparedness, a lot of awareness but also their policies and procedures are not tailored to their particular risks,” she said.

“As we go out there now, we are pointing that out.” White said SEC examiners were very pro-active about doing sweeps of broker-dealers and investment advisers to assess their defenses against a cyber attack. “We can't do enough in this sector,” she said.

Cyber security experts said her remarks represented the SEC's strongest warning to date of the threat posed by hackers.

A former member of the World Bank's security team, Tom Kellermann, who is now chief executive of the investment firm Strategic Cyber Ventures LLC, called it “a historic recognition of the systemic risk facing Wall Street.”

Broken windows

Under White, a former federal prosecutor, the SEC introduced an initiative called “broken windows” designed to crack down on small violations of SEC rules to deter traders and others from larger transgressions.

But critics have questioned whether the initiative, similar to one used by former New York City Mayor Rudy Giuliani in his crackdown on crime in the city, is an effective use of the agency's limited resources.

The policy has been applied to instances of “rampant non-compliance” involving serious, significant rules, White said, noting that she considers the initiative a huge success.

For example, the SEC brought three groups of cases in a key area, the prohibition against short selling ahead of an IPO by individuals who then participated in the IPO, since 2013, she said. Each year, there have been fewer cases, with the most recent number at around 12, White said.

GAAP vs. Non-GAAP

Also on Tuesday, the SEC released guidance about how certain accounting practices could potentially mislead investors that White called “consequential.” Companies are increasingly using non-Generally Accepted Accounting Principles, or non-GAAP, to report earnings, permitting them to back out certain expenses from earnings figures, such as non-cash costs. But critics say the practice can also mislead investors by creating a rosier picture of a company's profits.

The SEC's current rules allow companies to report with figures that do not comply with GAAP, as long as certain conditions are met and White said the guidance spells out those conditions, such as a requirement that “the GAAP measure has to be of equal or greater prominence than non-GAAP.” Non-GAAP “is not supposed to supplant GAAP and obviously not obscure GAAP,” she said.

She declined to say if the SEC is considering enforcement actions against companies that might be misleading investors with non-GAAP, but noted the SEC would not hesitate to bring one if it uncovered an “actionable violation.” For months now, the SEC has only had three commissioners, down from its full complement of five, and the U.S. Congress has stalled on confirming two nominees.

“We're really functioning on all cylinders,” White said, ticking off a list of projects the commission has recently completed.

She added that, to comply with rules on meetings and disclosures, commissioners typically meet one-on-one.

“If there are only three of you, it's shorter-circuited to some degree,” she said. “There are some advantages, too.”

Follow Dawn Business on Twitter, LinkedIn, Instagram and Facebook for insights on business, finance and tech from Pakistan and across the world.

Opinion

Editorial

Smog hazard
Updated 05 Nov, 2024

Smog hazard

The catastrophe unfolding in Lahore is a product of authorities’ repeated failure to recognise environmental impact of rapid urbanisation.
Monetary policy
05 Nov, 2024

Monetary policy

IN an aggressive move, the State Bank on Monday reduced its key policy rate by a hefty 250bps to 15pc. This is the...
Cultural power
05 Nov, 2024

Cultural power

AS vital modes of communication, art and culture have the power to overcome social and international barriers....
Disregarding CCI
Updated 04 Nov, 2024

Disregarding CCI

The failure to regularly convene CCI meetings means that the process of democratic decision-making is falling apart.
Defeating TB
04 Nov, 2024

Defeating TB

CONSIDERING the fact that Pakistan has the fifth highest burden of tuberculosis in the world as per the World Health...
Ceasefire charade
Updated 04 Nov, 2024

Ceasefire charade

The US talks of peace, while simultaneously arming and funding their Israeli allies, are doomed to fail, and are little more than a charade.