Last week, the SEC released its Strategic Plan for FY2022 – FY2026. The plan consists of 10 points under three goals:
- Protect the investing public against fraud, manipulation, and misconduct;
- Develop and implement a robust regulatory framework that keeps pace with evolvingmarkets, business models, and technologies; and
- Support a skilled workforce that is diverse, equitable, and inclusive and is fullyequipped to advance agency objectives.
Climate is mentioned as a component of two points:
1.3 Modernize design, delivery, and content of disclosures so investors, including in particular retail investors, can access consistent, comparable, and material information to make informed investment decisions. The markets have begun to embrace the necessity of providing a greater level of disclosure to investors. From time to time, the SEC must update its disclosure framework to reflect investor demand. Today, investors increasingly seek information related to, among other things, issuers’ climate risks, cybersecurity hygiene policies, and their most important asset: their people. In order to catch up to that reality, the agency should continue to update the disclosure framework to address these areas of investor demand, as well as continue to take concrete steps to modernize the systems that support the disclosure framework, to make public disclosures easier to access and analyze and thus more decision-useful to investors.
3.3 Enhance the agency’s internal control and risk management capabilities, including by the development of a robust and resilient program for dealing with threats to the security, integrity, and availability of the SEC’s systems and sensitive data. Being good stewards of the resources and programs entrusted to the SEC’s care requires a thorough understanding of risks and effective internal controls. Across the agency, the SEC must continually reassess its risks, including in new areas such as climate risk, and document necessary controls. One of the most important areas of focus will be data and information security to optimize controls on systems and data based on risk. This includes understanding and managing the risks associated with the SEC’s vendors and supply chains.
Given the SEC’s emphasis on climate matters in the past 12 months, one might think this is giving the matter short shrift – but I don’t think that is the case. Both of these supporting elements are quite sweeping if you think about it. The first one explicitly brings climate into the SEC’s goal of “updat[ing] the disclosure framework to address [new] areas of investor demand, as well as continue to take concrete steps to modernize the systems that support the disclosure framework.” That is a pretty big deal.
The second goal emphasizes internal data management/security, but also mentions that the SEC sees climate risk as applying to its own activities and supply chain.
Certainly, the Commission’s ability to achieve these goals is burdened with the extreme politicization of not only climate matters, but also the general political environment in Washington throughout FY2026. But until the Commission and Staff have to face that to the extent that their direction must change, it is clear we should expect climate risk to continue being a prime motivator for them.
