The Investment Company Institute is urging the Securities and Exchange Commission to relax reporting requirements related to cybersecurity incidents, according to news reports.

In a letter submitted earlier this month, Susan Olson, general counsel for the ICI, says the regulator should require disclosure only to those impacted, FA-IQ sister publication Ignites writes.

All 50 states already have laws requiring disclosures of incidents that involve personally identifiable information, Ignites writes, citing Olson. And any additional disclosures, aside from not serving any public purpose, would also offer a road map for hackers for future attacks, she said, according to the publication.

Olson also welcomed the SEC’s proposed requirement for firms to set up comprehensive cybersecurity rules for investment advisors but wrote that failing to do so should not be treated as advisor fraud, as the SEC proposed in February, the publication writes.

The SEC would be overstepping its authority with such a requirement, Melissa MacGregor, managing director and associate general counsel at the Securities Industry and Financial Markets Association, wrote in a separate comment letter, according to Ignites.

MacGregor suggested instead that the SEC issue guidance “on good cyber hygiene and enforcement expectations,” the publication writes.

Olson also wrote that the SEC’s requirement of a new form, to be submitted to the regulator within 48 hours of a significant cybersecurity incident, could put the SEC itself at risk of hacks, according to the publication.

MacGregor, meanwhile, wrote that the SEC should disclose how it plans to guard against cyber attacks, considering the 2016 hack of its Edgar system, according to Ignites.

Earlier this month, the American Securities Association argued that the SEC needs to extend the required period for reporting cybersecurity incidents, stop requiring RIAs to disclose cyberattacks in their Forms ADV and drop the requirement for inventories of RIAs’ information systems, as reported.

Do you have a news tip you’d like to share with FA-IQ? Email us at