Stock Markets:
Information Vendors Need SEC Oversight to Control Automation Risks
IMTEC-92-16: Published: Jan 29, 1992. Publicly Released: Jan 29, 1992.
Additional Materials:
- Full Report:
Contact:
(202) 512-6418
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
GAO reviewed the: (1) adequacy of controls in place to protect against automation risks at seven information dissemination vendors that transmit stock data to investors; and (2) Securities and Exchange Commission's (SEC) involvement in assessing such operations.
GAO found that: (1) all seven information dissemination vendors' computer facilities were unnecessarily vulnerable to automation risks; (2) such risks could obstruct the correct processing of data and the responsiveness, security, and continuity of the vendor's critical stock market operations; (3) the weaknesses uncovered increased concerns that vendors have not adequately controlled automation risks; and (4) because of resource limitations, SEC has focused its attention on other segments of the stock market.
Recommendations for Executive Action
Status: Closed - Implemented
Comments: SEC is: (1) establishing and maintaining a list of all information dissemination vendors; and (2) informing them of SEC oversight (automation review) responsibilities. Major vendors have already been contacted.
Recommendation: Because of the importance of maintaining the flow of vital information between stock markets and investors, SEC should identify all information dissemination vendors and inform them of the Commission's oversight responsibilities.
Agency Affected: United States Securities and Exchange Commission
Status: Closed - Implemented
Comments: SEC is meeting with vendors to discuss the possibility of developing policies to address automation risk. SEC intends to work with industry to develop common understandings concerning the business practices necessary to assess and control automation risks in securities information dissemination systems.
Recommendation: Because of the importance of maintaining the flow of vital information between stock markets and investors, SEC should inform such vendors of the policies they should follow to address automation risk, including controls to ensure the correct processing of data and responsive, secure, and continuous operation.
Agency Affected: United States Securities and Exchange Commission
Status: Closed - Implemented
Comments: SEC intends to work with the vendor community to expand its capacity to identify systems disruptions and assess their impact on investors. SEC already monitors and assesses the impact of systems disruptions at major vendors.
Recommendation: Because of the importance of maintaining the flow of vital information between stock markets and investors, SEC should determine whether vendors' automation practices are having an adverse effect on the investment community. This could be accomplished by such steps as analyzing the effect of system failures and potential system failures on investors and assessing whether investors view vendors' security weaknesses as posing a substantial risk to them.
Agency Affected: United States Securities and Exchange Commission
Status: Closed - Implemented
Comments: SEC intends to decide whether further oversight actions are needed, once it has implemented the GAO recommendations. SEC has recently decided to substantially increase the size of the technical staff in the Office of Automation and International Markets. This expansion is intended to address SEC automation oversight responsibilities.
Recommendation: Upon completion of these actions, SEC should decide whether further oversight actions should be taken.
Agency Affected: United States Securities and Exchange Commission
Explore the full database of GAO's Open Recommendations
»
Explore the full database of GAO's Open Recommendations
Sep 5, 2018
Community Banks:
Effect of Regulations on Small Business Lending and Institutions Appears Modest, but Lending Data Could Be ImprovedGAO-18-312: Published: Aug 6, 2018. Publicly Released: Sep 5, 2018.
Jul 19, 2018
-
Export-Import Bank:
The Bank Needs to Continue to Improve Fraud Risk ManagementGAO-18-492: Published: Jul 19, 2018. Publicly Released: Jul 19, 2018.
Jul 18, 2018
-
Securities Regulation:
SEC Inspections of Financial Industry Regulatory Authority's Governance Were Consistent with Internal GuidanceGAO-18-522: Published: Jul 18, 2018. Publicly Released: Jul 18, 2018.
Jun 26, 2018
-
Bank Secrecy Act:
Further Actions Needed to Address Domestic and International Derisking ConcernsGAO-18-642T: Published: Jun 26, 2018. Publicly Released: Jun 26, 2018.
Mar 22, 2018
-
Financial Technology:
Additional Steps by Regulators Could Better Protect Consumers and Aid Regulatory OversightGAO-18-254: Published: Mar 22, 2018. Publicly Released: Mar 22, 2018. -
Climate-Related Risks:
SEC Has Taken Steps to Clarify Disclosure RequirementsGAO-18-188: Published: Feb 20, 2018. Publicly Released: Mar 22, 2018.
Mar 16, 2018
-
Community Reinvestment Act:
Options for Treasury to Consider to Encourage Services and Small-Dollar Loans When Reviewing FrameworkGAO-18-244: Published: Feb 14, 2018. Publicly Released: Mar 16, 2018.
Mar 15, 2018
-
Commercial Real Estate Lending:
Banks Potentially Face Increased Risk; Regulators Generally Are Assessing Banks' Risk Management PracticesGAO-18-245: Published: Mar 15, 2018. Publicly Released: Mar 15, 2018.
Feb 27, 2018
-
Analyzing Regulatory Burden:
Policies and Analyses under the Regulatory Flexibility Act and Retrospective Reviews Could Be ImprovedGAO-18-404T: Published: Feb 27, 2018. Publicly Released: Feb 27, 2018. -
Community Banks and Credit Unions:
Regulators Could Take Additional Steps to Address Compliance BurdensGAO-18-213: Published: Feb 13, 2018. Publicly Released: Feb 27, 2018.
Looking for more? Browse all our products here
Explore our Key Issues on Financial Markets and Institutions
Explore our other Key Issues here
