The SEC recently announced the creation of the Event and Emerging Risks Examination Team (“EERT”) in its Office of Compliance Inspections and Examinations (“OCIE”). OCIE is the unit charged with conducting compliance exams on registered investment companies, investment advisors and broker-dealers — although primary responsibility for examining broker-dealers lies with their self-regulatory organization, FINRA (itself subject to OCIE exams).
The SEC said the EERT unit “will proactively engage with financial firms about emerging threats and current market events and quickly mobilize to provide expertise and resources to the SEC’s regional offices when critical matters arise.”
The EERT will focus on “exigent threats, incidents, and emerging risks,” including those posing threats of significant “systemic impact” or risk to investor assets. The release specifically called out “exchange outages, liquidity events, and cyber-security or operational resiliency concerns” as examples.
Over the past decade or so, financial-market regulators – including the SEC – have moved toward a more risk-based understanding of regulation and compliance. That approach prioritizes self-examination and awareness of an enterprise’s risk environment and ability to maintain operations and compliance while responding to those risks that are realized. The EERT is the latest installment in that trend.
Registrants and public companies should regard the announcement as another indication that the SEC will expect them to have robust risk-based systems (not just compliance) as well.
The Release does not mention the COVID pandemic, but it comes amid the operational-resiliency challenges posed by the rapid shift to “work-from-home” and similar concerns addressed frequently by the Commission Staff during the past six months. In June, for example, the Corporate Finance Division issued COVID-related disclosure guidance to public companies, here.
SEC Press Release 2020-165 (July 28, 2020) is here.