Yesterday, the SEC announced proposed amendments to Rules 10 and 11 of Regulation S-T and Form ID. The amendments relate to potential technical changes to EDGAR, which the SEC is collectively referring to as “EDGAR Next.” The proposal was informed by public input and feedback provided in response to the SEC’s September 2021 request for information. As Liz noted when she blogged about that request, EDGAR changes seemed necessary to put an end to “fake SEC filings” and to make the filing process more reliable. This is the SEC’s response to those issues.
As explained in the 146-page proposing release, if adopted, the amendments would require EDGAR filers to identify and authorize two to twenty individuals to serve as account administrators, responsible for managing a filer’s EDGAR accounts through a dashboard on the EDGAR Filer Management website. The role of the account admins is distinguished from the role of tech admins and users with more limited access but permitted in larger numbers. The release also describes the proposed mechanics of delegating administrator and user roles. These mechanics are intricate enough that the release has four org charts/diagrams describing the authorization of the different roles and a table setting out the functions of each role — including account admins, users, tech admins, delegated admins and delegated users.
Maybe most importantly, each individual would need to use individual account credentials (obtained through Login.gov, a secure sign-in service of the General Services Administration) and multi-factor authentication to access the account and make filings, which will go along way in helping the SEC Staff and registrants identify any individuals making potentially problematic filings. EDGAR Next would also offer filers “optional Application Programming Interfaces (‘APIs’) for machine-to-machine communication with EDGAR, including submission of filings and retrieval of related information.” Think custom software used by companies and financial printers/filing agents, for example, to schedule filings and make bulk submissions.
The proposal will be subject to a 60-day comment period following publication in the Federal Register. In addition to seeking comments on the proposed release, the SEC is encouraging testers to provide feedback on technical functionality. The press release also announced that the SEC plans to open to the public a beta software environment for filer testing and feedback in just a few days, on September 18, 2023. The EDGAR Next—Filer Access and Account Management page on SEC.gov has information about signing up for beta testing and lots more information about the proposal and related technical changes.
In his supporting statement, Chair Gensler highlights that the most recent meaningful update to EDGAR account access protocols was over a decade ago and equates the current process of having one login per company to “having a family passing around one shared login and password for a movie-streaming app.” He touts that these actions “would further secure login protocols by requiring every person filing something into EDGAR to login with individual credentials and to use multi-factor authentication.”
– Meredith Ervine