SEC Reg SCI Systems Compliance
United States
1974
Consumer Protection
Key Obligations
- Design, implement, and maintain robust policies for system capacity, integrity, and security
- Conduct annual reviews and risk assessments of systems and controls
- Promptly report systems disruptions, compliance issues, and intrusions to the SEC
- Notify affected participants of material systems issues and remediation steps
- Maintain detailed books and records related to system performance and compliance
- Undergo independent third-party reviews every three years
Stay ahead of risk with Signzy
Explore tools that help you onboard, monitor, and verify with confidence
One Touch KYC
Launch global KYC flows with built-in document OCR, liveness checks, deepfake detection, and AML, all through a single, customizable dashboard.
AML Screening
Screen users against Politically Exposed Persons (PEP), watchlists, sanctions lists, adverse media, and more through one-time screening and advanced monitoring.
Business Verification
Verify businesses with reliable documents OCR, EIN checks, UBO data, sanctions screening, global registry checks, and more.
Related Regulations
FAQ
What is the purpose of SEC Reg SCI?
To ensure the stability, security, and resilience of the technology systems underpinning the U.S. securities markets.
Who must comply with Reg SCI?
Reg SCI applies to major market infrastructure entities like national securities exchanges, clearinghouses, and certain ATSs.
How often are Reg SCI reviews required?
Entities must conduct annual internal reviews and a third-party independent review at least every three years.
What happens if a firm violates Reg SCI?
Violations can result in SEC enforcement actions, including fines and mandated corrective measures.