Following OCIE’s recent and detailed risk alert regarding the threat of ransomware, the SEC announced that it has created the Event and Emerging Risk Examination Team (EERT) as a part of the Office of Compliance Inspections and Examinations (OCIE). The EERT will engage with registrants regarding emerging threats and current market events, to provide oversight to firms facing such risks or events and to help the SEC be well-positioned to respond to significant market events or issues with systemic impact. The EERT will also be responsible for implementing OCIE examination priorities, including but presumably not limited to those stated in its Examination Priorities. The EERT will engage in examinations, monitoring, and direct interactions with registrants to ensure that firms “are better prepared to address exigent threats, incidents, and emerging risks.”
Consistent with SEC statements regarding the technological interdependence of the financial markets, the creation of the EERT appears to be an acknowledgement of those practicalities and how that risk can be exacerbated by emerging threats, including cybersecurity events or other operational resiliency concerns.