The Latest on SEC Chairman Jay Clayton’s appearance before the Senate Banking Committee (all times local):
The chairman of the Securities and Exchange Commission refused to comment Tuesday when asked if executives at Equifax engaged in insider trading when they sold shares after the company learned of a massive data breach but before it disclosed the hack to the public.
Jay Clayton told Sen. John Kennedy, R-La., that he couldn’t comment on an issue that might come before the agency. Three Equifax executives sold shares worth a combined $1.8 million days after the company discovered the breach. Equifax says the executive were unaware of the breach prior to the stock sales.
Kennedy and other senators on a senate banking panel also questioned Clayton about the SEC’s own data breach, which the agency disclosed last week. Clayton said he became aware of the breach in August, months after becoming chairman, but couldn’t say when the hack occurred or when an investigation into the breach would be completed.
His comments led one senator to wonder how the SEC could hold companies accountable when the agency itself isn’t forthcoming about cybersecurity problems.
U.S. senators from both parties grilled Securities and Exchange Commission Chairman Jay Clayton Tuesday on the agency’s handling of a 2016 data breach that Clayton disclosed only last week. The hack focused on the agency’s system for handling corporations’ public documents, known as EDGAR.
“I was disturbed to learn that the SEC suffered a cyber-breach of its EDGAR system in 2016, but did not notify the public, or even all of its Commissioners, until it was discovered during your recent review,” Senate Banking Committee Chairman Mike Crapo, Republican from Idaho, said.
Clayton said the hack “concerns me deeply” and said that he has ordered an investigation by the agency’s Inspector General.
Sen. Sherrod Brown, D-Ohio, acknowledged that the breach occurred before Clayton took office in May. But he criticized the SEC chairman for not revealing it more quickly.
“The disclosure, or lack thereof, is all yours,” Brown said. “How can you expect companies to do the right thing when your agency has not?”
Securities and Exchange Commission Chairman Jay Clayton says that senior executives at Equifax should be forced to return recent bonuses if the company’s delay in disclosing a data breach is found to be improper.
Sen. Sherrod Brown, Democrat from Ohio, slammed Equifax for a six-week delay in disclosing the massive security breach, which exposed personal information for 143 million Americans. Several executives sold Equifax shares during that six-week period.
Clayton said the bonuses should be recovered if the delay is found to be improper. The company argued that revealing the information wasn’t “material” to investors.
Jay Clayton, the chairman of the Securities and Exchange Commission, is likely to face tough questions from a Senate banking panel, after the agency acknowledged that it also was a victim to a hack.
Two major issues in the SEC breach are the potential any information obtained was used for insider trading and whether the SEC knew about the security breach for months and only recently decided to disclose it.
Clayton has been at the head of the SEC since May, and is not likely to face calls for his removal since the breach happened a year ago. But he may be questioned about whether the SEC — the federal government’s main arm for enforcing rules and regulations on Wall Street — is up to the task of keeping data secure.
This story has been corrected to show that the number of Americans affected by the security breach at Equifax was 143 million, not 134 million.