Reg SCI - Overview

The Financial Information Forum is launching a Reg SCI Best Practices Working Group to assist Reg SCI entities with Reg SCI compliance, as well as to educate and assist member firms that are not yet Reg SCI entities (Broker-Dealers, ATSs, Service Bureaus) with gaining a better understanding of Reg SCI best practices for incorporation within their firm.  In addition to a focus on Reg SCI rule requirements, the working group will also explore internal cybersecurity and data protection best practices.  Some of the topics that the working group will focus upon include:

  • Feedback from peer firms who have previously underwent SEC sweeps for Reg SCI compliance.
  • Updates on additional requirements and possible extension to non-ATS broker-dealers.
  • Procedures and dates related to Reg SCI and BCP Industry Testing, including updates on schedules and milestones.
  • Updates on testing procedures and requirements.
  • Reviews and discussion of Reg SCI requirements and certification procedures.
  • Provide dialogue on industry best practices regarding specific components of Reg SCI.
    • Systems Development Lifecycle
    • Change of Management Procedures
    • Vendor Management
  • Working group discussions of best practices related to cybersecurity and data protection.
  • Review and respond to potential upcoming regulatory initiatives that focus on cybersecurity and data protection.

FIF is also reviewing potential overlap and impact of Reg SCI testing requirements with the efforts of our members to address their respective Business Continuity Planning (BCP) initiatives and will similarly provide assistance as needed.

For further information regarding SIFMA and Reg SCI, please see:


Please see FIF Initiative Tracking for a full list of initiatives that this committee follows and the representative meeting agendas below. Please note current meeting materials are available to members only.