17 CFR § 242.1000 - Definitions.

prev | next
§ 242.1000 Definitions.

For purposes of Regulation SCI (§§ 242.1000 through 242.1007), the following definitions shall apply:

Critical SCI systems means any SCI systems of, or operated by or on behalf of, an SCI entity that:

(1) Directly support functionality relating to:

(i) Clearance and settlement systems of clearing agencies;

(ii) Openings, reopenings, and closings on the primary listing market;

(iii) Trading halts;

(iv) Initial public offerings;

(v) The provision of consolidated market data; or

(vi) Exclusively-listed securities; or

(2) Provide functionality to the securities markets for which the availability of alternatives is significantly limited or nonexistent and without which there would be a material impact on fair and orderly markets.

Electronic signature has the meaning set forth in § 240.19b-4(j) of this chapter.

Exempt clearing agency subject to ARP means an entity that has received from the Commission an exemption from registration as a clearing agency under Section 17A of the Act, and whose exemption contains conditions that relate to the Commission's Automation Review Policies (ARP), or any Commission regulation that supersedes or replaces such policies.

Indirect SCI systems means any systems of, or operated by or on behalf of, an SCI entity that, if breached, would be reasonably likely to pose a security threat to SCI systems.

Major SCI event means an SCI event that has had, or the SCI entity reasonably estimates would have:

(1) Any impact on a critical SCI system; or

(2) A significant impact on the SCI entity's operations or on market participants.

Plan processor has the meaning set forth in § 242.600(b)(59).

Responsible SCI personnel means, for a particular SCI system or indirect SCI system impacted by an SCI event, such senior manager(s) of the SCI entity having responsibility for such system, and their designee(s).

SCI alternative trading system or SCI ATS means an alternative trading system, as defined in § 242.300(a), which during at least four of the preceding six calendar months:

(1) Had with respect to NMS stocks:

(i) Five percent (5%) or more in any single NMS stock, and one-quarter percent (0.25%) or more in all NMS stocks, of the average daily dollar volume reported by applicable transaction reporting plans; or

(ii) One percent (1%) or more in all NMS stocks of the average daily dollar volume reported by applicable transaction reporting plans; or

(2) Had with respect to equity securities that are not NMS stocks and for which transactions are reported to a self-regulatory organization, five percent (5%) or more of the average daily dollar volume as calculated by the self-regulatory organization to which such transactions are reported;

(3) Provided, however, that such SCI ATS shall not be required to comply with the requirements of Regulation SCI until six months after satisfying any of paragraphs (1) or (2) of this definition, as applicable, for the first time.

SCI entity means an SCI self-regulatory organization, SCI alternative trading system, plan processor, or exempt clearing agency subject to ARP.

SCI event means an event at an SCI entity that constitutes:

(1) A systems disruption;

(2) A systems compliance issue; or

(3) A systems intrusion.

SCI review means a review, following established procedures and standards, that is performed by objective personnel having appropriate experience to conduct reviews of SCI systems and indirect SCI systems, and which review contains:

(1) A risk assessment with respect to such systems of an SCI entity; and

(2) An assessment of internal control design and effectiveness of its SCI systems and indirect SCI systems to include logical and physical security controls, development processes, and information technology governance, consistent with industry standards.

SCI self-regulatory organization or SCI SRO means any national securities exchange, registered securities association, or registered clearing agency, or the Municipal Securities Rulemaking Board; provided however, that for purposes of this section, the term SCI self-regulatory organization shall not include an exchange that is notice registered with the Commission pursuant to 15 U.S.C. 78f(g) or a limited purpose national securities association registered with the Commission pursuant to 15 U.S.C. 78o-3(k).

SCI systems means all computer, network, electronic, technical, automated, or similar systems of, or operated by or on behalf of, an SCI entity that, with respect to securities, directly support trading, clearance and settlement, order routing, market data, market regulation, or market surveillance.

Senior management means, for purposes of Rule 1003(b), an SCI entity's Chief Executive Officer, Chief Technology Officer, Chief Information Officer, General Counsel, and Chief Compliance Officer, or the equivalent of such employees or officers of an SCI entity.

Systems compliance issue means an event at an SCI entity that has caused any SCI system of such entity to operate in a manner that does not comply with the Act and the rules and regulations thereunder or the entity's rules or governing documents, as applicable.

Systems disruption means an event in an SCI entity's SCI systems that disrupts, or significantly degrades, the normal operation of an SCI system.

Systems intrusion means any unauthorized entry into the SCI systems or indirect SCI systems of an SCI entity.

[79 FR 72436, Dec. 5, 2014, as amended at 80 FR 81454, Dec. 30, 2015; 83 FR 58429, Nov. 19, 2018]