To shore up the Securities and Exchange Commission’ cybersecurity controls, the agency recently modified its approach to the pending requirement for registered investment companies to file Form NPORT electronically while the agency continues its review and updating of its EDGAR corporate filing system.
The agency announced that for the first nine months after the Form N-PORT compliance date of June 1, 2018, larger fund groups will maintain the Form N-PORT information in their records and make it available to the Commission upon request in lieu of filing the form on EDGAR.
The SEC adopted Form NPORT to require registered investment companies to report enhanced information about their monthly portfolio holdings in a structured data format.
SEC Chairman Jay Clayton announced earlier this year that EDGAR had been hacked in 2016.
Smaller fund groups, the agency said, will have a filing start date that is one year after larger fund groups begin filing the form.
In May 2017, Clayton initiated an assessment of the Commission’s cybersecurity risk profile and its approach to cybersecurity.
He then directed SEC staff to take steps designed to “assess and strengthen” the Commission’s cybersecurity risk profile.
In connection with these ongoing efforts, the agency said that it commenced a focused “review and uplift” of EDGAR and other systems. Form N-PORT uses the EDGAR system.
Clayton said that an important component of the Form N-PORT announcement is “the requirement that larger fund groups maintain — and Commission staff have access to — the information required on Form N-PORT.”
Filing of Form N-PORT through the EDGAR system will begin in April 2019 for larger fund groups and in April 2020 for smaller fund groups.
To ensure that investors do not lose access to important information, the Commission is requiring funds to continue filing public reports on existing Form NQ until they begin filing reports on Form N-PORT using EDGAR.
— Check out SIFMA Sees SEC Fiduciary Rule Proposal Within 18 Months on ThinkAdvisor.