Cassandra Morrison
Senior Marketing Manager
The U.S. Securities and Exchange Commission (SEC) is one of the bodies that plays an important role in regulating financial markets. Since the stock market crash in 1929, its purpose has been to create guidelines for the stock market, financial institutions, and traders to promote a fair, transparent, and secure financial market.
Organizations participating in financial markets must follow the SEC rules and regulations. The SEC levies fines and other penalties to organizations that don’t comply with financial regulations—and companies that violate the rules may be liable.
The SEC presents many proposed and finalized rules each year, and the onus is on companies to maintain compliance. This process starts with understanding the SEC’s functions and regulations—and the industry best practices for staying in compliance with them.
The SEC started in 1934 as a result of the stock market crash in 1929. The devastation caused by the crash led many retail traders to distrust the financial markets, and many were hesitant to get involved again after banks ran out of money. The U.S. government believed regulations were necessary to restore market trust and provide investors with a more transparent and secure environment.
The two initial pieces of legislation driving the SEC were the Securities Act of 1933 and the Securities Exchange Act of 1934. The Securities Act required investors to receive information about new securities offered for public sale and prohibited deceit and fraud in securities sales. The Securities Exchange Act granted the SEC the broad power to oversee all aspects of the financial securities industry on the secondary market—such as regulating brokerage firms, clearing agencies, and other financial institutions—and investigate potential misconduct.
Since then, the SEC has continued to evolve to address changing conditions in the financial markets. For example, the EDGAR system was proposed in 1984 to create an electronic database to make information more easily accessible to the public. The Office of Credit Ratings in the SEC was created through the Dodd-Frank Act and oversees credit agencies to ensure they provide accurate information to the parties they examine.
The penalties for non-compliance—and, often, the public fallout that follows—can cause serious damage to financial organizations, and it’s the sole responsibility of every company to understand the regulations and monitor for compliance. Here are a few of the important SEC regulations firms must be familiar with in order to reduce risks.
The Regulating Best Interest (Reg BI) sets standards on how brokers and dealers interact with their retail customers. Reg BI requires organizations to keep in mind the best interests of their customers—not their own best interests—when making recommendations. These rules also demand transparent communication and disclosure of any relationships or conflicts of interest.
The Regulation Fair Disclosure (Reg FD) governs how publicly traded companies disclose information to the public. These regulations help prevent unfair advantage by barring public companies from selectively providing information to individual investors or analysts before they disclose it to the general public. If a company inadvertently gives investors information before it’s available to all, the information must be publicly disclosed as soon as possible.
The Sarbanes-Oxley Act was created in response to accounting scandals in the corporate world. Its purpose was to enforce stricter accounting standards for public financial institutions to ensure accurate accounting and reliable corporate disclosures. These SEC guidelines don’t lay out the exact procedures organizations must follow, but they outline the types of records companies should keep on file and for how long. This act imposes criminal penalties for organizations that don’t comply with its strict accounting requirements.
The Dodd-Frank Wall Street Reform was a response to the 2008 financial crisis. Its targets were the financial institutions believed to play a role in causing the crisis. Dodd-Frank established agencies to oversee financial institutions deemed “too big to fail” and to protect consumers from predatory lending. The reform also restricts banks’ investments in speculative trading to avoid exposing individual consumers to unnecessary risk.
The Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules are the SEC cybersecurity rules governing financial institutions’ responsibilities for handling cybersecurity events. These rules require companies to disclose their actions on cybersecurity strategy annually to protect investors, and they make it clear that incidents may be material to investors—meaning companies must now disclose any that occur.
The SEC doesn’t just create regulations for financial markets and trust financial institutions to comply with them—it actively monitors the markets and the actions of companies to ensure compliance.
The last several years have seen many significant SEC enforcement actions that illustrate what can happen if an organization falls out of compliance. In 2023 alone, the SEC announced 784 enforcement actions, levied $5 billion in fines, and saw to it that $1 billion was returned to investors.
Here are a few examples of impactful enforcements in recent years:
The widespread use of digital communication channels has led to an increased focus on communication monitoring for financial institutions. Business owners and employees can now communicate in many ways—including phone, text message, email, chat applications, and more—and financial institutions may encounter issues with employees communicating on personal devices and accounts.
Organizations without an effective electronic communications monitoring solution will likely fall out of compliance with SEC regulations. For instance, on October 29, 2023, the SEC issued several enforcement actions against off-channel communications. Ten firms had employees handling company communication on personal devices and didn’t maintain records of those interactions. The firm that self-reported the issue was given the lowest fine of $2.5 million.
To stay compliant and minimize risk, financial organizations must invest in strong communication surveillance strategies and software to monitor all forms of communication. Companies should also consider creating their own internal regulations around what devices and platforms employees can conduct business on.
Communication surveillance plays an essential role in helping financial organizations maintain compliance within complex digital environments. Modern surveillance tools help organizations track, store, and audit their business communications and activities to make it easier to comply with SEC regulations and report non-compliant behaviors—without increasing internal workloads.
Capture everything. Deploy anywhere. Store in one place.