AGENCY:

Securities and Exchange Commission.

ACTION:

Final rule.

SUMMARY:

The Securities and Exchange Commission (“SEC” or “Commission” or “we”), with the concurrence of the Office of Government Ethics (“OGE”), is adopting jointly issued amendments to the Commission's existing Supplemental Standards of Ethical Conduct for Members and Employees of the Securities and Exchange Commission (“Supplemental Standards”). This rule amends the existing Supplemental Standards jointly issued by SEC and OGE, supplements the Standards of Ethical Conduct for Employees of the Executive Branch (“OGE Standards”) issued by OGE, and is necessary and appropriate to address ethical issues unique to the SEC. Specifically, the Commission is prohibiting employee ownership of sector funds that have a stated policy of concentrating their investments in entities directly regulated by the Commission; revising transaction and reporting requirements for certain assets that pose a low risk of conflicts of interest or appearance concerns; permitting employees to comply with reporting obligations by authorizing their financial institutions to transmit information on behalf of employees about their covered securities transactions and holdings data through an approved automated compliance system; clarifying that the limitation on purchasing securities that are part of an initial public offering (IPO) until seven days after the IPO also applies to direct listings of securities; correcting certain technical matters; and adjusting its transaction and reporting requirements to provide the flexibility necessary to implement an automated compliance system.

DATES:

This final rule is effective March 29, 2024.

FOR FURTHER INFORMATION CONTACT:

Jay Bragga, Office of the Ethics Counsel, (202) 551–5170, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549–1050.

SUPPLEMENTARY INFORMATION:

The Commission is adopting amendments to 5 CFR 4401.102 (Rule 102), its Supplemental Standards.

I. Background

On August 7, 1992, OGE published the OGE Standards.^[1] The OGE Standards, codified at 5 CFR part 2635, effective February 3, 1993, established uniform standards of ethical conduct that apply to all executive branch personnel.

Section 2635.105 of the OGE Standards authorizes an agency, with the concurrence and joint issuance of OGE, to adopt agency-specific supplemental regulations that are necessary and appropriate to properly implement its ethics program. The Commission previously adopted supplemental regulations—found at 5 CFR part 4401—in 2010 with the concurrence and joint issuance of OGE.^[2] On February 7, 2023, the Commission, with OGE's concurrence, proposed to amend those existing supplemental regulations.^[3]

As discussed in the Proposing Release, the Commission, with OGE's concurrence, has determined that the following revisions to the supplemental regulations are necessary and appropriate for successful implementation of the SEC's ethics program considering its unique programs and operations. The Commission, with the concurrence of OGE, proposed to amend its Supplemental Standards to (1) prohibit employee ownership of sector funds that have a stated policy of concentrating investments in entities directly regulated by the Commission (referred to herein as “Financial Industry Sector Funds”), (2) eliminate pre-clearance, reporting, and holding period requirements for certain diversified investments (referred to herein as “Permissible Diversified Investment Funds”), (3) enhance consistency, timeliness, and accountability in employee reporting of purchases, sales, acquisitions, and dispositions of securities through automated reporting by having employees authorize their financial institutions to transmit information on behalf of employees about their covered securities transactions and holdings data through a third-party automated compliance application, (4) clarify that the limitation on purchasing securities that are part of an initial public offering (“IPO”) until seven days after the IPO also applies to direct listings of securities, and (5) make other structural and technical corrections to the regulations. The Proposing Release invited public comments, to be submitted on or before March 31, 2023. The Commission received approximately ninety comment letters. After carefully considering the comments received on the proposal, the Commission, with the concurrence of OGE, is adopting the proposal with certain modifications.

II. Description of Final Rule Amendments

A. Prohibited Ownership of Financial Industry Sector Funds

The Commission proposed amending § 4401.102(c)(1) to explicitly prohibit employee ownership of certain Financial Industry Sector Funds by expanding the scope of “entities directly regulated by the Commission” to include registered investment companies, common investment trusts of a bank, companies exempt in part or in total from registration under the Investment Company Act of 1940, or other pooled investment vehicles that have a stated policy of concentrating their investments in entities directly regulated by the Commission.

As discussed in the Proposing Release, the existing rule prohibits Start Printed Page 14564 employees from purchasing or owning any “security or other financial interest in an entity directly regulated by the Commission,” such as registered broker dealers and investment advisers.^[4] In order to avoid conflicts and appearance concerns with employee ownership of sector funds that invest in entities the SEC directly regulates, the Commission proposed to amend § 4401.102(c)(1) to explicitly prohibit employee ownership of certain Financial Industry Sector Funds by expanding the scope of “entities directly regulated by the Commission” to include investment funds that have a stated policy of concentrating their investments in entities directly regulated by the Commission.

1. Comments Received

The Commission received numerous comments in favor of the proposal to prohibit ownership of Financial Industry Sector Funds.^[5] In general, comments in support of this amendment focused on the fact that the prohibition would mitigate any actual or perceived conflicts and appearance concerns and would ensure employees of the SEC maintain the utmost trust and transparency with the public.

For example, one commenter noted that because the SEC regulates the industry in which Financial Industry Sector Funds predominately invest, an SEC employee who invests in these funds could be seen as having a financial interest in the success of the very companies they are tasked with regulating, which could potentially lead to bias in regulatory decision-making or the perception of such bias.^[6] The commenter expressed the view that “there is the same threat to independence” if an SEC employee owns “sector funds that specifically deal in entities that are regulated by the agency,” as that “has the same financial attachment as owning securities in a SEC regulated entity.” ^[7]

Another commenter called the amendment “an essential step in ensuring that employees of the SEC can maintain the utmost trust and transparency with the public,” agreeing that the amendment would “help avoid conflicts and appearance concerns with employee ownership of sector funds that invest in entities the SEC directly regulates,” and “mitigate any actual or perceived conflicts and appearance concerns.” ^[8]

Another commenter stated that the amendment appropriately brings Financial Industry Sector Funds within the definition of “entities directly regulated by the Commission” to account for the high risk of conflict posed by Financial Industry Sector Funds, noting that the amendment “recognizes that Commission employees owning financial industry sector funds may pose a substantial risk of conflicting with Commission work,” and pointing out that “Commission employees are uniquely situated to obtain material nonpublic information about the Commission's activities.” ^[9] The commenter stated that the Commission's regulatory and enforcement actions frequently move financial markets, so employee trading restrictions “should be effectively tailored to limit the opportunity for abusing non-public information or the risk that Commission staff will face an incentive to tilt the Commission's activities in any particular way because they hold a financial industry sector fund.” ^[10]

The Commission received several comments opposing the Financial Industry Sector Fund prohibition. In general, commenters argued that the risk of conflict is not so substantial as to impact the mission of the agency, that the proposal does not mitigate any known risk, that the requirement to divest should depend on the employee's role at the Commission, and that absent actual conflict, “optics” is not an appropriate rationale to prohibit employee ownership of such funds.^[11] Commenters also expressed doubt that such a prohibition is legally authorized and concern over the tax implications of required divestiture.^[12]

For example, one commenter stated that the proposal does not mitigate any known risks and called the 90-day divesture requirement outlined in the Code of Federal Regulations “an unreasonably short time frame” that is likely to result in significant tax consequences and disrupt the diversity of investment portfolios.” ^[13] The commenter stated that the amendment would set an alarming precedent. The commenter claimed that the proposal does not explain why employees would be required to sell their holdings in such a short time frame despite the fact that employees have long been permitted to hold financial ETFs. The commenter further claimed that the risk identified in the proposal “is already somewhat mitigated as staff are currently prohibited from holding an excessive amount of sector ETF holdings. . . .” ^[14]

Another commenter echoed similar concerns, arguing that the SEC's proposal to ban Financial Industry Sector Funds “isn't mitigating any known risk.” ^[15] The commenter further noted that the Commission has already taken steps to minimize the risks posed by Financial Industry Sector Funds by imposing a limit on the quantity of sector funds, including those in the financial sector, that an employee is permitted to own. The commenter stated that the proposed ban is unnecessary because there has been no publicly reported issue linked to SEC employees including a small portion of Financial Industry Sector funds in their portfolios. The commenter described the amendments as “about so-called `optics' ” and stated that optics are not an appropriate rationale for an ethics rule.^[16]

Another commenter suggested that the prohibition on owning Financial Industry Sector Funds be more narrowly tailored and questioned why the Commission applies uniform personal trading regulations to employees in different divisions and roles. The commenter also asked why the trading restrictions are applied to spouses. The commenter disagreed with being “forced to sell a sector ETF that numerous other Chairs and Ethics Offices didn't find problematic,” and found it puzzling that they would have to divest and be faced with the choice of either hiring an accountant to manage Start Printed Page 14565 a potential taxable gain or pay such a tax immediately.^[17]

2. Final Rule

The Commission has carefully considered the comments received and is adopting § 4401.102(c)(1) as proposed. The President, through Executive Order 12,674, as modified, and OGE through 5 CFR 2635.105, have authorized agencies to prohibit employees, their spouses and minor children from holding certain investments based on the agency's determination that the acquisition or holding of such financial interests would cause a reasonable person to question the impartiality and objectivity with which agency programs are administered.^[18] Regulatory prohibited holdings restrictions must be established through an agency's supplemental ethics regulation, issued jointly by the agency and OGE.^[19] To date, over twenty other agencies, with the concurrence of OGE, have established prohibited holdings regulations for their employees.^[20] Many of these supplemental agency ethics regulations—including those established by agencies with regulatory oversight responsibilities over portions of the financial services industry—prohibit, restrict, or limit employee ownership of collective investment funds with stated policies or practices of investing in the sector or industry overseen or regulated by the issuing agency.^[21]

As described in the Proposing Release, the Commission is responsible for regulating the trading of securities, investigating securities fraud and manipulations, requiring registration of brokers, dealers, and investment advisers, and supervising the activities of entities it regulates for compliance with the securities laws.^[22] To ensure that the public can have the utmost trust in these activities, the Commission has long prevented employees from purchasing or owning any “security or other financial interest in an entity directly regulated by the Commission.” ^[23] In this regard, the Supplemental Standards help promote public confidence that staff are not benefiting personally from their positions as SEC employees with respect to non-public information about securities and securities markets. The Supplemental Standards also mitigate the risk of real or perceived conflicts of interest.

As explained in the Proposing Release, the Commission proposed to expand the prohibition to Financial Industry Sector Funds to avoid conflicts and appearance concerns with employee ownership of sector funds that invest in entities the SEC directly regulates such as registered broker dealers and investment advisers. Doing so will assure the public that Commission employees are not profiting from the SEC's unique access to material information. The final amendment is appropriately tailored to this risk by focusing on only investments in the financial services industry that are regulated by the Commission.

Moreover, the Commission finds it appropriate to extend the current prohibited holdings regulation to prevent the incongruous result under the current rules that an SEC employee is prohibited from owning a single share of a directly regulated entity but could theoretically hold an unlimited value in a Financial Industry Sector Fund that concentrates holdings in directly regulated entities. Both cases present similar conflict of interest concerns. The final amendment prohibiting employee ownership of Financial Industry Sector Funds therefore underscores the Commission's commitment to upholding the public's trust to oversee the U.S. capital markets and to taking appropriate steps to eliminate potential conflicts of interest, actual or perceived.

Finally, as noted in the Proposing Release, Congress authorized OGE and the Internal Revenue Service to defer capital gains taxes that arise because of the divestiture of property when it is reasonably necessary to comply with Federal conflict of interest statutes, regulations, rules, or Executive orders, including the Supplemental Standards.^[24] As a result, members and employees, including spouses and minor children, required to divest Financial Industry Sector Funds may be eligible for a Certificate of Divestiture (“CD”) from OGE to defer taxable gain consequences, as is the case for employees required to divest prohibited holdings under the current rule. Affected employees may contact the SEC's Office of the Ethics Counsel (“OEC”) staff for advice and counsel on the CD process.^[25]

B. Elimination of Pre-Clearance, Reporting, and Holding Period Requirements for Certain “Permissible Diversified Investment Funds”

As discussed in the Proposing Release, the SEC's existing supplemental regulations require employees to pre-clear all securities transactions and to confirm securities transactions by reporting them to the SEC within five business days after receipt of confirmation of the transaction. This current requirement applies to all securities not explicitly exempted, including diversified mutual funds and other diversified investment products that pose little or no conflicts of interest for members and employees. These diversified investment products, referred to herein as “Permissible Diversified Investment Funds,” include diversified registered investment companies (including open and closed-end mutual funds and unit investment trusts), money market funds, as defined in 17 CFR 270.2a–7 (Investment Company Act Rule 2a–7), 529 plans, as defined in the Internal Revenue Code, 26 U.S.C. 529, and diversified pooled investment funds held in employee benefit plans or pension plans.

In order to shift agency ethics compliance resources to better focus on relatively higher-risk trading and reporting of equities and the detection of any prohibited holdings, the Commission proposed amending 5 CFR 4401 by adding a new paragraph (g)(1)(vi) to eliminate the pre-clearance, reporting, and holding requirements for Permissible Diversified Investment Funds and to modify existing paragraphs (c)(2) and (6), and paragraphs (e)(2) and (3), to reflect the changes regarding such funds.

1. Comments Received

The Commission received several comment letters in support of the proposed amendment from both employees and the general public.^[26] For Start Printed Page 14566 example, one commenter agreed that the “proposal to remove the pre-clearance requirements for diversified funds is welcome, and is correct,” because “these funds are so diversified that there is no reasonable concern that ownership of these funds could pose a conflict of interest.” ^[27]

Another commenter supported the change because the amendment promotes the efficient allocation of resources and because “these funds pose minimal conflict of interest risks,” and “the elimination of requirements . . . relieves the unnecessary burden of the SEC's members and employees.” ^[28]

The Commission received a number of comment letters opposing the amendments removing requirements as to Permissible Diversified Investment Funds.^[29] For example, one commenter was concerned about the elimination of pre-clearance, reporting, and holding requirements for Permissible Diversified Investment Funds because “the current pre-clearance and reporting requirements serve a crucial role in maintaining transparency and accountability. Removing these requirements could create a perception of decreased accountability and increase the potential for conflicts of interest to arise.” ^[30] The commenter expressed concern “about the potential impact on individual investors who rely on the SEC's oversight to protect their investments,” stating that the proposed amendments “could make it more difficult for individual investors to assess whether SEC employees are acting in their best interests,” and urged the SEC to maintain “rigorous reporting requirements to ensure that the public can trust that the agency is acting in their best interests.” ^[31]

2. Final Rule

The Commission has carefully considered the comments received and is adopting § 4401.102(g)(1)(vi) as proposed. The SEC's existing supplemental regulations require employees to pre-clear all securities transactions and to confirm securities transactions by reporting them to the SEC within five business days after receipt of confirmation of the transaction. This current requirement applies to all securities not explicitly exempted, including diversified mutual funds and other diversified investment products that pose minimal risk or no conflicts of interest for members and employees.

To the extent that such funds qualify as diversified mutual funds or diversified unit investment trusts in accordance with 5 CFR 2640.201(a), OGE has already provided broad exemptions from the criminal financial conflict of interest law, 18 U.S.C. 208, that permit employees to participate in particular matters that could affect the underlying holdings of such funds or the funds themselves.^[32] Other Permissible Diversified Investment Funds may pose minimal risk or no conflicts of interest concerns, such as diversified pre-paid college tuition plans authorized by States under section 529 of the Internal Revenue Code and diversified collective investment trusts that are commonly held in defined contribution retirement plans. The Commission does not believe that eliminating the pre-clearance and reporting requirements as to Permissible Diversified Investment Funds will lead to an increase in the potential for conflicts of interest, nor does the Commission believe that it will lead to a reasonable perception of a decrease in ethical accountability for SEC employees. As discussed above, these Permissible Diversified Investment Funds are either exempt from criminal financial conflict of interest laws, or pose minimal risk or no conflicts of interest concerns. As explained in the Proposing Release, the SEC's current pre-clearance and reporting requirements, as applied to Permissible Diversified Investment Funds, have proven disproportionately burdensome for both SEC employees and the SEC's Office of the Ethics Counsel (“OEC”) staff, given the minimal risks such assets pose for most SEC employees. The current policy of requiring pre-clearance and reporting of Permissible Diversified Investment Funds contributes little to employee accountability or mitigation of ethics risk because they pose minimal conflicts of interest concerns. In order to shift agency ethics compliance resources to better focus on relatively higher-risk trading and reporting of equities and the detection of any prohibited holdings, the Commission is modifying its rules to reduce the emphasis on reporting and pre-clearing of Permissible Diversified Investment Funds, assets that pose substantially lower ethics risk, while maintaining the rigorous pre-clearance and reporting requirements as to assets that do pose the most significant potential for conflicts of interest. This risk-based approach will appropriately tailor compliance activities to address trading and holdings that pose the most significant potential for conflicts of interest. These changes will not apply to any sector funds, including Financial Industry Sector Funds, as described above, or to any other entities directly regulated by the Commission, or to any private equity, venture capital, hedge fund, or similar pooled investment instruments.

C. Automated Reporting of Purchases, Sales, Acquisitions, and Dispositions of Securities

Currently, under the Supplemental Standards members and employees are required to report transactions of securities to the Commission within five business days after receipt of confirmation of the transaction so that ethics officials can reconcile precleared trades in accordance with 5 CFR 4401.102(f). Section 4401.102(f) also requires employees to submit duplicate statements for every account containing reportable securities to the Designated Agency Ethics Official (“DAEO”) according to such procedures required by the DAEO. These requirements constitute additional supplemental confidential reporting requirements authorized by OGE pursuant to the Ethics in Government Act of 1978 (“EIGA”) (codified at 5 U.S.C. 13109), which permits OGE (and agencies, subject to OGE approval) to impose additional confidential financial disclosure requirements on officers and employees of the executive branch. Reporting is currently conducted by members and employees through the Commission's Personal Trading Compliance System and relies on employees to manually confirm and also provide evidence of transactions through submission of brokerage or other financial institution account statements.

The Commission proposed to automate the existing reporting process by amending 5 CFR 4401.102(f) to authorize OEC to collect covered securities transactions and holdings data directly from financial institutions through a third-party automated electronic system to satisfy the requirements to report securities holdings and transaction information. The Commission also proposed to revise transaction reporting deadlines to Start Printed Page 14567 provide necessary flexibility to adjust for securities transactions and holdings data obtained from financial institutions through a third-party automated compliance system by modifying the existing five business day reporting requirement to require all employees to report transactions in the manner, and according to the schedule, required by the DAEO.

1. Comments Received

The proposal to authorize the SEC to collect reportable transactions and holdings via a third-party automated system elicited numerous responses from commenters.

The Commission received several comments in support of the proposal.^[33] For example, one commenter expressed belief “that this change would increase efficiency and reduce the risk of human error,” noting that the proposed amendment “would eliminate the need for employees to manually submit brokerage or financial statements and instead create a system built on automated compliance.” ^[34] The commenter expressed appreciation that the proposed rule permits an employee to comply through other means if they cannot obtain consent from their brokerage or financial institution, ensuring “all employees can comply with the rule regardless of their bank or brokerage.” ^[35] The commenter stated that the transition “away from manual reporting reflects the widespread, modern trend toward efficiency through technology,” and also stated that the change “would greatly reduce the burden on Commission employees and compliance staff, increase the accuracy and completeness of data, and facilitate compliance.” ^[36]

Another commenter stated that the proposal “is definitely an enhancement compared to manual reporting of securities transactions,” as “submitting manually has the downside of being a burden and is vulnerable to human error.” ^[37] The commenter expressed the view that “these benefits are worth the change to require automated reporting. . . .” ^[38]

Yet another commenter supported the amendment, noting that “[i]t just eliminates a report that can be done either incorrectly or fraudulently,” and expressed appreciation for “the concessions for the people that would experience undue hardship,” which “make it so much easier to adopt the proposed changes.” ^[39]

The Commission received numerous comments opposing an automated compliance system. In general, commenters questioned the Commission's legal authority to implement such a system, expressed concerns over privacy and security, and noted the burden it would place on employees, their spouses, and their minor children.

i. Legal Authority

The Commission received several comments arguing that the SEC lacks the legal authority to implement a direct data feed reporting requirement for members and employees, as well as their spouses and minor children.^[40]

For example, one commenter argued that the proposal is “contrary to the law,” asserting that 5 U.S.C. 13109 “simply does not authorize” the proposed collection of covered securities transactions and holdings data from financial institutions through a third-party automated compliance system.^[41] Additionally, the commenter asserted that the EIGA does not cover family members or children of staff.

Another commenter stated that “[t]he proposed rule seeks to require me to give an undisclosed third-party direct access to my financial accounts,” arguing that neither 5 U.S.C. 13109 nor 5 CFR 2634.103 “appears to give the SEC the broad reach it seeks.” ^[42]

ii. Privacy and Security

Many commenters expressed concerns regarding cyber security and privacy issues such as the collection of sensitive Personally Identifiable Information (PII), the lack of detail in the proposal regarding the information security requirements of any third-party system used, and the potential for breaches of a third-party automated system that could result in misuse of sensitive financial information of SEC employees and their immediate family members.^[43]

For example, one commenter provided examples of prior government data breaches and argued that under the proposed rule, staff would lack any mechanism to safeguard their confidential information and that the financial data of Commission employees would potentially be susceptible to cybersecurity breaches.^[44] Other commenters were concerned that a third-party system would likely require employees to provide account numbers, or other sensitive PII, which employees are currently permitted to redact during the manual process of uploading statements.^[45] Commenters also stated that a third-party provider should not have “unfettered access” to their information at a brokerage or financial institution.^[46] Several commenters noted that the Proposing Release did not provide any details concerning the cybersecurity requirements or the measures that would be taken to protect sensitive financial information of employees and their immediate family members.^[47]

Another commenter questioned the necessity of such an automated system when employees are already required to pre-clear and report securities transactions and “also annually submit (with optional account number redaction) statements that contain all of our securities transactions for ourselves and covered family members over the preceding years.” ^[48] The commenter stated that the Commission is creating an unnecessary cybersecurity risk and expressed the belief that resources “should be spent on bad actors and providing SEC staff the necessary resources to supervise the securities industry, not on this endeavor.” ^[49]

Some commenters expressed skepticism in the ability of a contractor to appropriately safeguard sensitive financial information,^[50] while others Start Printed Page 14568 stated the proposal with regard to a third-party automated compliance system was unclear and/or lacked sufficient detail,^[51] criticizing the proposal for lacking information about cybersecurity or third-party vendor qualifications.^[52]

For example, one commenter asserted that the Proposing Release did not adequately address how the Commission would ensure the security of a third-party system.^[53] The commenter stated that given “the highly sensitive nature of the data that would be collected by the third-party system, the need for effective data-security measures to be taken to protect such information cannot be overstated.” ^[54] The commenter emphasized the importance of cybersecurity by pointing out previous cybersecurity incidents relating to sensitive personal information of Federal government employees.^[55]

As another example, one commenter expressed concerns about the potential security vulnerability of a third-party system in light of past incidents experienced by Federal agencies, Wall Street institutions, and service providers.^[56] The commenter stated that the proposed rule created an avoidable vulnerability.

iii. Burden

Commenters also expressed concerns over applicable policies when their brokerage firm(s) or other financial institution(s) cannot or will not transmit transaction and account information through a third-party trading compliance system. In particular, commenters asked whether employees, their spouses, or their minor children would have to close accounts held at those nonparticipating institutions.^[57]

For example, one commenter noted the possibility that certain firms, such as retirement plans or small brokers, may have trouble providing the data for employees to comply with this requirement.^[58] The commenter warned that without a “method for people to get an exemption and submit paper copies of their statements, the rule is going to effectively be a prohibition on employees' use of those firms.” ^[59]

Another commenter expressed the view that it is unreasonable to expect Commission employees to ensure that any broker-dealer or other relevant financial institution takes the steps necessary to provide transaction and holdings data to OEC.^[60] The commenter stated that Commission employees do not possess the leverage to ensure financial institutions provide the required data directly to the Commission through an automated system and noted that the Commission's proposal does not explain why any broker-dealer or other financial institution would choose to participate if it is not required to do so under the regulation.^[61]

Another commenter asked what the policy would be if a brokerage firm does not wish to transfer data directly to the SEC, stating that employees “should not be forced to close the accounts. Not all brokers may have ability to provide data to [a] 3rd party on periodic basis.” ^[62]

2. Final Rule

The Commission has carefully considered the comments received. In consideration of, and to alleviate, the concerns numerous commenters expressed regarding cybersecurity and privacy, the Commission has determined not to adopt the proposal that would have authorized mandatory use of an automated third-party compliance system. In a change from the proposal, the Commission's final rules (1) authorize the use of either an internal or third-party automated compliance system, and (2) permit rather than require employees to use an automated compliance system to comply with the reporting requirements of paragraphs 5 CFR 4401.102(f)(1) and (f)(2), which require employees to report and certify securities holdings, transactions, and duplicate statements for accounts holding covered securities. In light of these modifications, the Commission is not adopting the proposed amendments to the transaction reporting deadlines and finds it necessary to maintain the existing five-day transaction certification requirement in paragraph 4401.102(f)(2), and the existing requirement in paragraph 4401.102(f)(1)(ii) to submit duplicate account statements, for employees who elect to manually report information to the DAEO.

Specifically, the Commission is not adopting the following proposed paragraph from proposed section 4401.102(f)(4): “The DAEO may require members and employees to comply with the reporting requirements in this section by authorizing their brokerage or financial institution(s) to provide automatic transmission of brokerage statements and transaction information through a third-party automated compliance system. The DAEO shall permit a member or employee to provide the required information through another means if they cannot obtain consent from their brokerage or financial institution to use the third-party automated compliance system.” In place of this language, the Commission is adopting the following new paragraph 4401.102(f)(4): “A member or employee may comply with the reporting requirements set forth in paragraphs (f)(1) and (f)(2) of this section by authorizing the transmission of account statements, holdings and transaction information from an employee's brokerage or financial institution(s) to the DAEO through a Commission approved, automated internal or third-party compliance system.”

These modifications will allow the Commission to continue to improve the efficiency, accuracy and effectiveness of its compliance program by providing authority for employees to utilize either an internal system, as some commenters suggested,^[63] or a third-party system, to automate existing reporting requirements in accordance with the required security and privacy protocols discussed below. These modifications will also allow the Commission to gain additional experience and data regarding the benefits and costs of an automated compliance system without compelling employees who have concerns about security and privacy to utilize such a system.

i. Legal Authority

a. Collection of Securities Information

The Commission has consulted with OGE regarding the SEC's authority to have members and employees comply with the reporting requirements in 5 CFR 4401.102(f) through an internal or Start Printed Page 14569 third-party automated compliance system. OGE has advised that an automated method of collection is consistent with the EIGA at 5 U.S.C. 13109, which permits OGE (and agencies, subject to OGE approval) to impose additional confidential financial disclosure requirements on officers and employees of the executive branch. As explained above, in response to comments received, the Commission will implement the automated reporting system on a voluntary basis.

The EIGA places responsibility on OGE as the “supervising ethics office” to interpret the EIGA for the executive branch.^[64] The EIGA authorizes OGE to “require officers and employees under its jurisdiction (including special Government employees as defined in section 202 of title 18) to file confidential financial disclosure reports, in such form as the supervising ethics office may prescribe.” ^[65] OGE has established regulations implementing this authority at 5 CFR 2634 subpart I. Through regulation, OGE has established a baseline set of standardized confidential disclosure requirements applicable to all executive branch agencies. These include use of a standard form (OGE Form 450) and uniform requirements concerning information to be reported on the standard form.^[66]

OGE's regulations also permit agencies to establish alternative and supplemental confidential disclosures, through separate regulations jointly issued with OGE, that go beyond the requirements imposed under the executive-branch wide regulations.^[67] Pursuant to OGE regulations, an agency may require its employees to file additional confidential financial disclosures if necessary because of special or unique agency circumstances.^[68] The existing Supplemental Standards, promulgated with OGE in 2010, already establish supplemental reporting requirements for members and employees of the Commission. These regulations already establish the content, timing, and method of reporting information to OEC. As noted above, the primary change that the Commission is undertaking is to permit employees and members to transmit to OEC through an approved, automated internal or third-party compliance system information already required to be disclosed. OGE has determined that collecting securities transaction data directly from an employee's broker, who acts as the employee's agent, is consistent with 5 U.S.C. 13109.

The Commission also received comments concerning the collection of information related to an employee's spouse and unemancipated minor children. As set out in the current existing Supplemental Standards, subject to appropriate exceptions, employees are already required to report securities transactions and duplicate account information for the accounts of a spouse or unemancipated minor pursuant to 5 CFR 4401.102(f).^[69] This information collection is authorized under 5 U.S.C. 13109 and OGE's implementing regulations. As a result, OGE (and agencies through jointly issued supplemental regulation) have long required disclosure of the assets of a spouse or dependent child to the extent appropriate to avoid conflicts of interest.^[70] The supplemental confidential financial disclosures required by the SEC's supplemental ethics regulation currently apply to spouses and minor children, and the final regulation as adopted will continue to require disclosure of that information.

b. Collection of Account Identifying Information

The Commission received several comments concerning the authority of the SEC to collect account information such as account numbers and the protection of that information once collected.^[71] To effectuate the collection of transaction information through an automated system, a limited amount of biographical and account identifying information, such as account numbers, account owners, and the relationship of the account owner to the employee (if the account owner is not the employee) is required to be collected. This information is necessary to identify the appropriate account and, similar to the manual filing of duplicate account statements, will help to ensure the authenticity of the transaction data collected.

While this information must be collected for members and employees to voluntarily enroll in the system, the Commission notes that all information collected by the Commission pursuant to 5 CFR 4401 is subject to the confidentiality restrictions on release set out in the EIGA (codified at 5 U.S.C. 13109), and the Privacy Act, 5 U.S.C. 552a. First, the Commission notes that the information collected pursuant to § 4401.102(f) is subject 5 U.S.C. 13109 and to the Privacy Act of 1974 (5 U.S.C. 552a). Section 13109(a)(2) provides that reports filed pursuant to section 13109(a)(1) “shall be confidential and shall not be disclosed to the public.” ^[72] “Section 107(a) [now 13109(a)] leaves no discretion on this issue with the agencies” and thus confidential “reports and the information which they contain are, accordingly, exempt from being released to the public under [the Freedom of Information Act].” ^[73] Confidential financial disclosure reports and the information contained in them are also subject to the Privacy Act of 1974 (5 U.S.C. 552a), which provides that information maintained by an agency about an individual may not be disclosed except for under very limited circumstances. OGE's government-wide Privacy Act system of records, OGE/GOVT–2, therefore prohibits disclosure of confidential financial disclosure information—including information received “by a designated person such as a[n] . . . Attorney accountant, [or] Start Printed Page 14570 banker . . .”—except under established routine uses set out in the system of records or as per written consent by the employee.^[74] Moreover, OGE/GOVT–2 requires that all electronic confidential financial disclosure records be “protected from unauthorized access through password identification procedures, limited access, firewalls, and other system-based protection methods.” ^[75] It should also be noted that information that is not necessary to authenticate transaction information will not be required to be disclosed by any member or employee. Finally, this final rule does not require any member or employee to use the Commission approved automated trading compliance system.

ii. Privacy and Security

The Commission acknowledges commenters' concerns with respect to security risks surrounding an automated third-party compliance system. As noted above, use of an automated trading compliance system will be voluntary, and any information collected is subject to the confidentiality restrictions on release set out in 5 U.S.C. 13109, and the Privacy Act, 5 U.S.C. 552a. The system itself must comport with all applicable privacy and cybersecurity standards including, but not limited to, the Federal Information Security Management Act (“FISMA”). Consistent with those laws, SEC employees, ethics officials, and any third-party contractor will be limited in the information that they can access, and account numbers will be accessible to only those within the system who have appropriately established role-based permissions. Accordingly, the Commission will take steps to ensure that such information is not accessible to any person other than as necessary and appropriate to carry out the functions and purposes of an automated system, to ensure compliance with the ethics rules and regulations that apply to members and employees, or as permitted by the Privacy Act, OGE/GOVT–2, and other applicable rules and regulations.

While the technical requirements of any automated compliance system are yet to be determined, establishment of the system will need to follow various procedural steps and authorization processes, such as the Federal Acquisition Regulation procedural requirements and the FISMA Authority to Operate (“ATO”) security authorization processes. Implementation of a third-party compliance system will depend on the system and the third-party vendor meeting rigorous authorization, privacy, and security protocols to comply with multiple Federal Government and SEC standards, including but not limited to data encryption requirements. Further, SEC IT systems must adhere to strict FISMA requirements and SEC Information Security and Privacy Controls, which are based on the controls outlined in NIST 800–53 under its Risk Management Framework. In addition, depending on system architecture, the system data provider may be required to meet the standards of the Federal Risk and Authorization Management Program (“FedRAMP”). A FedRAMP authorization is based on the same NIST 800–53 controls and yet is an even more rigorous process due to its standards regulating and monitoring the cybersecurity of cloud services. FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The FedRAMP certification process involves a comprehensive assessment of the system's security controls, which includes vulnerability scans and penetration testing. Once certified, a system is continuously monitored and audited regularly to ensure that it remains in compliance with FedRAMP's stringent security standards.

Information security is a critical prerequisite for a third-party automated compliance system. Throughout any future acquisition process, privacy controls and information security will be an essential factor in determining whether the Commission proceeds with such a system. OEC will continue to engage with Commission stakeholders, including the Office of Information Technology and Office of Acquisitions, to ensure privacy and security concerns are addressed.

iii. Burden

The Commission has considered the comments reflecting concerns about the burdens mandatory use of an automated compliance system would impose on employees, particularly if an employee's brokerage firm or other financial institution is unable or unwilling to provide the envisioned data feeds. In consideration of the comments, the Commission believes voluntary use of an automated compliance system will mitigate these concerns.

Because the Commission is adopting a rule to permit rather than require employees to use an automated compliance system, the Commission has determined it is necessary to maintain the existing requirement under 5 CFR 4401.102(f)(1)(ii) for members and employees to “submit duplicate statements for every account containing reportable securities to the DAEO according to such procedures required by the DAEO,” for employees who will continue to manually submit required information. This modification clarifies that employees who choose not to report via an automated compliance system will still have to submit the required account statements to the DAEO manually.

Similarly, the Commission is modifying the proposed language of 5 CFR 4401.102(f)(2) to maintain the existing requirement for members and employees to report all purchases, sales, acquisitions, or dispositions of securities “within five (5) business days after receipt of confirmation of the transaction,” while maintaining the DAEO's discretion to determine the manner and schedule of reporting for employees who elect to use an automated compliance system. This adjustment clarifies that employees who manually report required information remain subject to the existing five business day transaction reporting deadline, while also providing the necessary flexibility for the DAEO to adjust reporting schedules as appropriate for an automated compliance system.

D. Application of Seven Day IPO Waiting Period to Direct Listings of Securities

Members and employees of the Commission are currently prohibited from purchasing a security in an IPO for seven calendar days after the IPO is effective, except for IPOs of shares in a registered investment company or other publicly traded or publicly available collective investment fund. The Commission proposed to amend 5 CFR 4401.102(c)(2) to expand the limitation on purchasing a security in an IPO for seven calendar days after the IPO is effective by also prohibiting a member or employee from purchasing securities that are directly listed to an exchange for seven calendar days after the direct listing effective date. The Commission also proposed to remove the current exception to the prohibition on purchasing within seven calendar days for IPO shares in a registered investment company or publicly traded or publicly available collective investment fund because the Commission's proposed amendment regarding the exception for Permissible Diversified Investment Funds in paragraph (g) would cover IPO shares in a registered investment Start Printed Page 14571 company or publicly traded or publicly available collective investment fund.

1. Comments Received

Several commenters expressed support for the proposed amendment.^[76] For example, one commenter “wholeheartedly agree[d]” with this amendment, noting that if an “SEC employee is barred from purchasing securities in an IPO for seven calendar days, it only makes sense to prohibit them from purchasing securities in a direct listing for seven calendar days.” ^[77]

Another commenter pointed out the “common traits” between IPOs and direct listings and agreed that direct listings “should be treated with the same existing rule” applied to IPOs.^[78]

No commenters opposed this proposed amendment.

2. Final Rule

The Commission has carefully considered the comments received and is adopting § 4401.102(c)(2) as proposed. Members and employees of the Commission are currently prohibited from purchasing a security in an IPO for seven calendar days after the IPO is effective, except for IPOs of shares in a registered investment company or other publicly traded or publicly available collective investment fund. As noted in the Proposing Release, the Commission believes that securities that are directly listed on an exchange present the same appearance concerns and risks as securities offered in a traditional IPO, given that direct listings are typically accompanied by the filing of a registration statement, as in a traditional IPO. For that reason, the Commission is expanding the limitation found at paragraph (c)(2) of the regulation to prohibit a member or employee from purchasing securities that are directly listed to an exchange for seven calendar days after the direct listing effective date. The seven calendar days waiting period for purchasing directly listed securities ensures that employees do not use, or appear to use, material, non-public information to their advantage in purchasing such securities.

E. Other Structural or Technical Corrections

The Commission proposed to amend § 4401.102(h) to reflect that the Office of the Ethics Counsel is no longer part of the Office of General Counsel. We did not receive any comment on this proposed amendment, and the Commission is adopting 5 CFR 4401.102(h) as proposed.

Further, the Commission has determined to modify the waiver provision at 5 CFR 4401.102 (h)(1) and (2), as proposed, and is therefore adopting 5 CFR 4401.102 (h)(1) and (2) with modifications. As a technical matter, the Commission finds it appropriate to adjust the language of the waiver provision to more closely align with the language used elsewhere in the rule. Currently, the proposal provides for “waiver of the prohibitions or limitations that would otherwise apply to a securities holding or transaction . . .” The term “limitation” is not found in the text of the rule. The text of the rule refers to various prohibitions, restrictions and requirements. Thus, to more accurately reflect what may be eligible for a waiver, the Commission is adopting a technical correction to remove the word “limitations” from 5 CFR 4401.102 (h)(1) and (2) and replace it with “restrictions and requirements.” Further, in order to correct a grammatical error in 5 CFR 4401.102(b)(2), the Commission is adding “any” to “. . . the purchase or sale of security:” so that the text of paragraph (b)(2) reads: “Members and employees are prohibited from recommending or suggesting to any person the purchase or sale of any (emphasis added) security. . . .”

Finally, for clarity and to conform with Federal Register style requirements, 5 CFR 4401.102(b)(2)(ii) has been revised to replace a general cross reference to “this Rule” with a more specific cross reference to “this section 4401.102.” Similarly, 5 CFR 4401.102(e)(3) has been revised to supplement a general cross reference to paragraph (c)(1) with a more specific cross reference to “paragraph (c)(1) of section 4401.102,” and 5 CFR 4401.102(f)(2) has been revised to supplement a general cross reference to paragraph (4) to a more specific cross reference to “paragraph (f)(4).”

III. Administrative Law Matters

The Commission finds, in accordance with section 553(b)(3)(A) of the Administrative Procedure Act (“APA”),^[79] that the final amendments relate solely to agency organization, procedure, or practice. They are therefore not subject to the provisions of the APA requiring notice and opportunity for public comment.^[80] The Regulatory Flexibility Act of 1980 (“RFA”) ^[81] therefore does not apply. Nonetheless, the Commission, in consultation with OGE, previously determined that it would be useful to publish the proposed rules for notice and comment before adoption. Because the final amendments relate to “agency management or personnel” and “agency organization, procedure or practice that does not substantially affect the rights or obligations of non-agency parties,” the final amendments are not subject to the Small Business Regulatory Enforcement Fairness Act (5 U.S.C. 804(3)(B–C)) (“SBREFA”). The final amendments do not contain any collection of information requirements as defined by the Paperwork Reduction Act of 1995 (“PRA”).^[82]

At least two commenters suggested that the APA ^[83] or PRA ^[84] would apply to the proposed rules, and one of these commenters urged the Commission also to consider whether the RFA or SBREFA applied to the proposed rules.^[85] As discussed above, however, the public notice and comment and other relevant provisions of the APA, RFA and SBREFA do not apply because the final amendments relate solely to agency management or personnel and agency organization, procedure or practice and do not substantially affect the rights or obligations of non-agency parties. With respect to the APA, although the final amendments are not subject to the APA's notice and comment requirements, as discussed above, the Commission did publish the proposed amendments for public comment before adoption, and the final amendments otherwise fully comply with the applicable requirements of the APA.

The PRA imposes certain requirements on Federal agencies in connection with the conducting or sponsoring of any “collection of information.” ^[86] The final amendments are not a “collection of information” within the meaning of the PRA because the information required by the final amendments is collected from current Federal employees when acting within the scope of their employment.^[87]

IV. Economic Analysis

The Commission is sensitive to the economic effects of its rules, including the costs and benefits that result from its rules.^[88] As discussed further below, we expect the economic effects of the final amendments will be limited. The amendments are directed at internal procedures that apply only to Commission members and employees. We expect these changes will not impose any costs on parties other than the Commission and its members and employees, or if there are such costs then we expect those costs to be negligible. We believe that the changes will not have any significant impact on the functioning of securities markets and will have minimal, if any, effects on efficiency, competition, and capital formation. We lack data on current compliance costs and are accordingly not able to quantify the costs, benefits, and effects on efficiency, competition, and capital formation expected to result from the final amendments.

We discuss below the potential benefits, costs, and economic effects of the four significant categories of final amendments to the Supplemental Standards: (1) prohibiting employees from holding Financial Industry Sector Funds; (2) eliminating the pre-clearance, reporting, and holding period requirements for Permissible Diversified Investment Funds; (3) authorizing the use of either an internal or third-party automated compliance system and permitting employees to use an automated compliance system to comply with the reporting requirements, and maintaining the existing five-day transaction certification requirement and the existing requirement to submit duplicate account statements for employees who elect to manually report information to the DAEO; and (4) prohibiting purchases of direct listed assets for seven calendar days after the direct listing effective date. In addition, the adopted amendments make certain definitional and technical changes that we believe would not have a substantial economic effect.

A. Amendments Concerning Financial Industry Sector Funds

The Commission is adopting amendments to explicitly prohibit employee ownership of Financial Industry Sector Funds by expanding the scope of “entities directly regulated by the Commission,” and excluding Financial Industry Sector Funds from the exception for Permissible Diversified Investment Funds. The existing rules prohibit members and employees from purchasing or holding securities of entities directly regulated by the Commission, but do not expressly prohibit Financial Industry Sector Funds focused on entities regulated by the Commission.

The final rule enhances the integrity of capital markets by further guarding against any perception of improper use of nonpublic information by Commission members and employees. Expanding the prohibition to include investments in Financial Industry Sector Funds reduces potential conflicts of interest and bolsters investor confidence in fair, orderly, and efficient markets. Commenters agreed that prohibiting investment by Commission members and employees in Financial Industry Sector Funds would reduce the risk that nonpublic information could be improperly used.^[89]

The primary costs of this amendment will be borne mostly by impacted members and employees who currently hold these funds, as they must sell, or otherwise divest, affected assets. We do not have sufficient information to quantify the total effects associated with such divestment. We also expect minimal incremental technical or administrative costs to implement this change under the Commission's existing ethics compliance program.

Some commenters have expressed concerns about the potential costs of divestiture to employees or members. For example, one commenter stated that the divestiture “will likely cause significant tax consequences and also alter the diversity of their holdings.” ^[90] The typical 90-day time frame for divestiture provides affected employees or members a sufficient time to gradually unwind positions in a phased approach to minimize tax liabilities or potential market impacts. During this transition period, employees may consult with financial and tax professionals to develop appropriate divestiture plans. In addition, eligible employees may seek a Certificate of Divestiture from the Office of Government Ethics, which can provide capital gains tax deferral to alleviate the tax burden of complying with the divestiture requirements.^[91] We also expect the impact to portfolio diversity to be minimal, because many other investment options—such as broader-based index funds or assets in other sectors—remain available and do not raise ethics concerns. The final amendments allow flexibility for impacted individuals to re-allocate capital in ways that still allow for adequate portfolio diversification without creating any actual or perceived conflicts.

B. Amendments Concerning Permissible Diversified Investment Funds

The Commission is adopting amendments to eliminate certain procedural requirements for Permissible Diversified Investment Funds by making them exempt from pre-clearance, reporting, and 30-day holding period stipulations under Rule 102(g)(1). Currently, Commission members and employees are required to pre-clear trades in these funds, confirm executed transactions, and hold the assets for at least 30 days before selling.

The final amendments reduce administrative burdens for members and employees, and potentially enable more timely execution of investment decisions in Permissible Diversified Investment Funds. The amendments will also allow the Commission to better focus resources on monitoring holdings and transactions that present more significant ethical concerns. The magnitude of benefits will depend on how the policy change affects individuals' investment choices and portfolios, which is impracticable to predict.

We do not anticipate that the amendments will impose any material costs on the Commission, its members and employees, or the public. Because these diversified funds already qualified for applicable regulatory conflicts exemptions, exempting them from existing procedural requirements is unlikely to meaningfully increase risks of actual or perceived conflicts of interest. Start Printed Page 14573

C. Amendments Permitting Automated Reporting of Covered Holdings and Transactions and Related Adjustment of Transaction Reporting Deadlines

Currently, under the Supplemental Standards, the process for collecting covered securities transactions and holdings is internal to the Commission. As described in Section II.C, employees are required to report transactions of securities to the Commission within five business days after receipt of confirmation of the transaction so that ethics officials can reconcile pre-cleared trades in accordance with 5 CFR 4401.102(f). Section 4401.102(f) also requires employees to submit duplicate statements for every account containing reportable securities to the DAEO according to such procedures required by the DAEO. Reporting is currently conducted by employees through the Commission's Personal Trading Compliance System and relies on employees to manually confirm and provide evidence of transactions through submission of brokerage or other financial institution account statements. The DAEO has, through internal policy, provided employees with the option to redact from these documents sensitive PII that is not required to be reported. Some commenters noted that the proposing release characterized the current system as “successful” and questioned what, if any, additional benefits the proposed rule would provide beyond the existing requirement.^[92] The manual nature of the reporting can yet be time consuming and prone to human error, requiring additional time to resolve identified issues. Some commenters concurred and described qualitatively the time costs imposed by the current system, both on Commission employees and Ethics staff who review these filings for compliance issues.^[93]

The Commission proposed to automate the existing reporting process by amending 5 CFR 4401.102(f) to authorize OEC to collect covered securities transactions and holdings data directly from financial institutions through a third-party automated electronic system to satisfy the requirements to report securities holdings and transaction information. The Commission also proposed to revise transaction reporting deadlines to provide necessary flexibility to adjust for securities transactions and holdings data obtained from financial institutions through a third-party automated compliance system by modifying the existing five business day reporting requirement to require all employees to report transactions in the manner, and according to the schedule, required by the DAEO.

In response to the proposed amendments, some commenters noted that automation through a third-party provider is expected to enhance the accuracy of covered securities transactions and holdings data made available to the DAEO.^[94] As some commenters also noted,^[95] Commission employees who use the third-party service provider system are expected to benefit from no longer having to manually process their covered securities transactions and holdings data. Many commenters expressed concerns over the potential costs to the Commission or its employees of a cybersecurity incident or breach involving the third-party system.^[96] Many commenters expressed concerns that the use of a third-party system will require Commission employees to disclose sensitive financial PII data beyond what is currently required, such as account numbers at their financial institutions.^[97] Some commenters noted that employees will face potential financial losses as well as psychological or other recovery costs in response to a cybersecurity incident or breach, and one commenter warned that the Commission would likely suffer reputational harm.^[98] Some commenters also suggested including in the amendments a voluntary opt-out (or opt-in) provision for Commission employees from the third-party automated electronic system.^[99]

In response to the concerns commenters expressed regarding cybersecurity and privacy, the Commission is adopting a new paragraph 4401.102(f)(4) that states that “a member or employee may comply with the reporting requirements set forth in paragraphs (f)(1) and (f)(2) of this section by authorizing the transmission of account statements, holdings and transaction information from an employee's brokerage or financial institution(s) to the DAEO through a Commission approved, automated internal or third-party compliance system.” In other words, the Commission will implement the automated reporting system on a voluntary basis with Commission employees deciding whether to use the automated system or to continue using the current manual system. For employees who elect to manually report information to the DAEO, the Commission will also maintain the existing five-day transaction certification requirement in paragraph 4401.102(f)(2), and the existing requirement in paragraph 4401.102(f)(1)(ii) to submit duplicate account statements.

The final amendments will benefit Commission employees, and thereby the Commission, by providing them with an additional approach for complying with the Supplemental Standards. Specifically, employees will be permitted to decide how to comply with reporting obligations, either through the current manual system (status quo) or through a Commission-approved, automated internal or third-party compliance system, to the extent that an employee's financial institution is able and willing to provide the envisioned data feeds under an automated system. Employees who elect not to report via an automated compliance system will continue to be required to submit the required account statements to the DAEO manually. Each employee who has both options available will select the option that delivers highest net benefits to that employee. When evaluating whether to comply using an automated system, employees will weigh the benefits of no longer having to manually transmit to the DAEO account statements, holdings, and transaction information against the costs to them of using the automated compliance system. These costs to employees include initial costs to learn about the automated system and to authorize their financial institutions to transmit covered securities holdings and transactions data to the DAEO through the automated system.^[100] Also, employees who select the automated system will be able to consider the cybersecurity risks of that system and the privacy risks from having to provide account identifying information, such as Start Printed Page 14574 account numbers, which employees may otherwise redact under the current system. In an automated system, this information is necessary to identify the appropriate account and ensure the authenticity of the transaction data collected.

Under the final amendments, Commission employees will continue to be responsible for ensuring that their covered securities transactions and holdings data are reported “in the manner required by the DAEO.” Some commenters noted ^[101] that this responsibility will continue to impose monitoring costs on Commission employees within an automated system. While employees who use the automated system will likely have an initial responsibility to enable or authorize the automated transmission of brokerage statements and transaction information from their broker or other financial institution, the monitoring costs of ensuring the automated system is functioning correctly such that data provided by financial institutions is properly transmitted to OEC will primarily be borne by the Commission through OEC. Therefore, we expect monitoring costs to employees who use the automated system to be minimal.

The final amendments will also benefit the Commission by allowing it to continue to improve the efficiency, accuracy and effectiveness of its compliance program by providing authority for employees to utilize an automated system. The Commission will also gain additional experience and data regarding the benefits and costs of an automated compliance system. As described above, an automated system is expected to enhance the accuracy and timeliness of covered securities transactions and holdings data made available to the DAEO, enhancing the DAEO's ability to monitor Commission employees' compliance with the Supplemental Standards and promptly remedy any compliance violations detected.

The Commission will incur direct costs from implementing and overseeing the new automated system in addition to the costs of maintaining the manual reporting system. As some commenters noted,^[102] these costs will include the costs of developing internally or contracting, administering, and monitoring the automated system. As described in Section II.C, these costs will be affected by the various procedural steps and authorization processes needed to establish an automated system, including the need for SEC IT systems to adhere to strict FISMA requirements and SEC Information Security and Privacy Controls as well as the need for any third-party vendor to meet rigorous authorization, privacy, and security protocols to comply with multiple Federal Government and SEC standards. While we are aware of third-party providers that supply automated reporting services similar to those contemplated under the amendment, we are not aware of a Federal Government agency currently having such an automated system or contracting with a third-party provider for this purpose. Hence, we are unable to ascertain the extent to which some third-party providers may bid and compete to provide this service to the Commission, and we cannot quantify the direct costs to the Commission of implementing the amendment.

D. Amendments Concerning Prohibiting Purchases of Direct Listed Assets

The Commission is adopting an amendment to Rule 102(c)(2) to prohibit members and employees from purchasing securities directly listed on an exchange for seven calendar days following the effective date of the direct listing.

The adopted restriction aims to further safeguard against any perception of improper use of nonpublic information by Commission members and employees. Expanding the prohibition to include directly listed securities is intended to reduce potential conflicts of interest and bolster investor confidence in the integrity of markets.

The primary costs of this amendment will be borne by impacted members and employees who will be restricted from trading these securities during the specified period. We do not expect any material direct costs to the Commission or public because of the rule change.

V. Statutory Basis

These amendments to the Commission's ethics rules are being adopted pursuant to statutory authority granted to OGE and to the Commission. These include 5 U.S.C. 7301; 5 U.S.C. Ch 131 (Ethics in Government Act of 1978); E.O. 12674, 54 FR 15159; 3 CFR 1989 Comp., p. 215, as modified by E.O. 12731, 55 FR 42547; 3 CFR, 1990 Comp., p. 306; 5 CFR 2634.103, 5 CFR 2634.201(f); 5 CFR 2635.905; 5 CFR 2635.105, 2635.403, 2635.803; 15 U.S.C. 77s, 78w, 77sss, 80a–37, 80b–11.

List of Subjects in 5 CFR Part 4401

• Administrative practice and procedure
• Conflict of interests
• Ethical conduct
• Government employees
• Government ethics
• Securities

Authority and Issuance

For the reasons set forth in the preamble, the SEC, with the concurrence of OGE, is amending title 5 of the Code of Federal Regulations, chapter XXXIV, part 4401, as follows:

PART 4401—SUPPLEMENTAL STANDARDS OF ETHICAL CONDUCT FOR MEMBERS AND EMPLOYEES OF THE SECURITIES AND EXCHANGE COMMISSION

1. The authority citation for part 4401 is revised to read as follows:

Authority: 5 U.S.C. 7301; 5 U.S.C. Ch 131; 15 U.S.C. 77s, 78w, 77sss, 80a-37, 80b-11; E.O. 12674, 54 FR 15159, 3 CFR 1989 Comp., p. 215, as modified by E.O. 12731, 55 FR 42547, 3 CFR, 1990 Comp., p. 306; 5 CFR 2634.103, 2634.201(f), 2634.905, 2635.105, 2635.403, and 2635.803.

2. Revise § 4401.102 to read as follows:

Footnotes