[Federal Register Volume 86, Number 196 (Thursday, October 14, 2021)]
[Notices]
[Pages 57229-57234]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-22438]


-----------------------------------------------------------------------

SECURITIES AND EXCHANGE COMMISSION

[Release No. 34-93278; File No. SR-NSCC-2021-007]


Self-Regulatory Organizations; National Securities Clearing 
Corporation; Order Approving the Proposed Rule Change Relating to 
Confidential Information, Market Disruption Events, and Other Changes

October 8, 2021.

I. Introduction

    On June 25, 2021, National Securities Clearing Corporation 
(``NSCC'') filed with the Securities and Exchange Commission 
(``Commission'') proposed rule change SR-NSCC-2021-007 (the ``Proposed 
Rule Change'') pursuant to Section 19(b)(1) of the Securities Exchange 
Act of 1934 (``Act'') \1\ and Rule 19b-4 thereunder \2\ to amend NSCC's

[[Page 57230]]

rules relating to confidentiality requirements, Market Disruption 
Events, and procedures for disconnecting a participant from NSCC's 
network, among other changes.\3\ The Proposed Rule Change was published 
for comment in the Federal Register on July 13, 2021.\4\ The Commission 
received comments that it has considered with respect to the Proposed 
Rule Change.\5\ For the reasons discussed below, the Commission is 
approving the Proposed Rule Change.
---------------------------------------------------------------------------

    \1\ 15 U.S.C. 78s(b)(1).
    \2\ 17 CFR 240.19b-4.
    \3\ See Notice of Filing, infra note 4, at 86 FR 36815.
    \4\ See Securities Exchange Act Release No. 92334 (June 25, 
2021), 86 FR 36815 (July 13, 2021) (File No. SR-NSCC-2021-007) 
(``Notice of Filing'').
    \5\ Specifically, the Commission received comments on a proposed 
rule change filed by NSCC's affiliate, the Depository Trust Company, 
regarding parallel changes to DTC's Rules. See Securities Exchange 
Act Release No. 92342 (June 25, 2021), 86 FR 36833 (July 13, 2021) 
(File No. SR-DTC-2021-011). The comment letters are available on the 
Commission's website at https://www.sec.gov/comments/sr-dtc-2021-011/srdtc2021011.htm. Because the comments address issues that also 
appear in this Proposed Rule Change, the Commission has considered 
it in connection with NSCC's proposal as well. Several comments 
generally supported the Proposed Rule Change, and the Commission 
considers the additional comments in its analysis at Section III 
infra.
---------------------------------------------------------------------------

II. Description of the Proposed Rule Change

    Pursuant to the Proposed Rule Change, NSCC is proposing three main 
changes to its Rules & Procedures (``Rules''): \6\ (1) Standardizing 
the confidentiality requirement applicable to NSCC with respect to its 
participants' information and adding confidentiality requirement 
applicable to participants with respect to NSCC's information, (2) 
updating its Market Disruption and Force Majeure Rule (``Force Majeure 
Rule'') to authorize two additional officers to determine that a Market 
Disruption Event has occurred, and (3) adding a new rule setting forth 
the procedures under which NSCC would be able to disconnect a 
participant from its network in certain circumstances (``Systems 
Disconnect Rule''). The Commission provides relevant background and 
describes each of these proposed changes in greater detail below.
---------------------------------------------------------------------------

    \6\ Capitalized terms not defined herein are defined in the 
Rules, available at https://dtcc.com/~/media/Files/Downloads/legal/
rules/nscc_rules.pdf.
---------------------------------------------------------------------------

A. Background

    NSCC provides clearance, settlement, risk management, central 
counterparty services, and a guarantee of completion for virtually all 
broker-to-broker trades involving equity securities, corporate and 
municipal debt securities, American depository receipts, exchange 
traded funds, and unit investment trusts. In light of NSCC's critical 
role in the marketplace, NSCC was designated a Systemically Important 
Financial Market Utility (``SIFMU'') under Title VIII of the Dodd-Frank 
Wall Street Reform and Consumer Protection Act of 2010.\7\ Due to 
NSCC's unique position in the marketplace, a failure or a disruption to 
NSCC could, among other things, significantly disrupt settlement of 
securities transactions cleared by NSCC and increase the risk of 
substantial liquidity problems spreading among financial institutions 
or markets, and thereby threaten the stability of the financial system 
in the United States.\8\
---------------------------------------------------------------------------

    \7\ 12 U.S.C. 5465(e)(1); Financial Stability Oversight Counsel 
2012 Annual Report, Appendix A (``FSOC 2012 Report''), available at 
http://www.treasury.gov/initiatives/fsoc/Documents/2012%20Annual%20Report.pdf.
    \8\ See FSOC 2012 Report, supra note 7.
---------------------------------------------------------------------------

    NSCC participants connect to NSCC's systems, either directly 
through the Securely Managed and Reliable Technology (``SMART'') 
network or through a third party service provider or service bureau.\9\ 
NSCC's parent company, The Depository Trust & Clearing Corporation 
(``DTCC'') manages the SMART network, which connects a nationwide 
complex of networks, processing centers, and control facilities.\10\
---------------------------------------------------------------------------

    \9\ See Securities Exchange Act Release No. 87696 (December 9, 
2019), 84 FR 68243 (December 13, 2019) (File No. SR-NSCC-2019-003) 
(describing the DTCC SMART network).
    \10\ DTCC provides a set of core business processes for NSCC and 
DTCC's other subsidiaries, including the technology systems and 
networks, that provide connectivity between NSCC and its 
participants and that provide NSCC with the ability to provide its 
services as required under the Rules. Most corporate functions are 
established and managed on an enterprise-wide basis pursuant to 
intercompany agreements under which it is generally DTCC that 
provides services to NSCC and DTCC's other subsidiaries.
---------------------------------------------------------------------------

B. Proposed Changes

1. Confidentiality Requirements
    Confidentiality Requirements Applicable to NSCC: NSCC collects 
confidential information from its participants to assess whether each 
participant meets NSCC's membership requirements either to gain or 
continue access to NSCC's clearance and settlement services.\11\ In 
turn, NSCC is required to maintain the confidentiality of any 
information furnished by its participants. Currently, NSCC's Rules 
obligate NSCC to hold participants' information in the same degree of 
confidence as may be required by law or the rules and regulations 
(hereinafter collectively, ``regulations'') of the appropriate 
regulatory body having jurisdiction over the participant.\12\
---------------------------------------------------------------------------

    \11\ See Rule 2A, supra note 6 (establishing NSCC's right to 
require applicants to furnish information to become Members or 
Limited Members of NSCC); and Rule 15, supra note 4 (establishing 
NSCC's right to require participants to furnish information relating 
to assurances of financial responsibility and operational 
capability).
    \12\ See Section 1.C. of Rule 2A and Section 3 of Rule 15, supra 
note 6.
---------------------------------------------------------------------------

    NSCC states that its current Rules create ambiguity because NSCC's 
obligations depend on each participant's regulatory requirements, which 
could lead to unequal treatment of participants and conflicts of law 
with NSCC's regulatory requirements or with respect to a participant 
who is subject to multiple jurisdictions' regulations.\13\ NSCC also 
states that applying different standards creates operational burdens 
because NSCC must track the regulations applicable to each of its 
participants and must maintain the confidentiality of each 
participant's information to the same degree as required by the 
applicable regulations.\14\
---------------------------------------------------------------------------

    \13\ See Notice of Filing, supra note 4, at 36816.
    \14\ See id.
---------------------------------------------------------------------------

    In order to clarify its confidentiality requirements and to enhance 
its operational efficiency, NSCC proposes to revise its Rules to 
establish a standard, which will require NSCC to hold participant 
confidential information to the same degree as NSCC's regulatory 
requirements that relate to the confidentiality of records, and to 
remove the references to each participant's particular regulatory 
obligations. NSCC represents that the proposed change would provide 
participants with similar protections because NSCC believes its 
regulatory requirements are comparable to the regulations applicable to 
its participants and, therefore, would not result in changes to NSCC's 
current practices or the protection offered to its participants' 
confidential information.\15\
---------------------------------------------------------------------------

    \15\ See id.
---------------------------------------------------------------------------

    Confidentiality Requirements Applicable to Participants: NSCC's 
Rules do not include obligations for its participants to protect 
confidential information furnished by NSCC or its affiliates.\16\ 
However, NSCC states that, in connection with the development of cyber 
and information security programs pursuant to applicable participant 
regulatory requirements, NSCC and DTCC have received an increasing 
number of requests from

[[Page 57231]]

participants for confidential information, such as information 
regarding DTCC's network operations, data security practices, and legal 
settlements.\17\ Additionally, NSCC states that participants may 
request NSCC or DTCC to disclose confidential information regarding its 
cyber threat indicators, sources of cyber threat information, or other 
information and actions taken following a cyber incident relating to a 
participant, NSCC, or DTCC.\18\
---------------------------------------------------------------------------

    \16\ NSCC states that, historically, it has generally not 
provided, nor been requested to provide, information that contains 
confidential or proprietary information of NSCC or its affiliates to 
its participants except for information necessary for participants 
to connect to DTCC Systems, which is typically protected under 
intellectual property laws. See id.
    \17\ See Notice of Filing, supra note 4, at 36817. See also, 
supra discussion in Section II.A (Background) relating to DTCC 
Systems.
    \18\ See Notice of Filing, supra note 4, at 36817.
---------------------------------------------------------------------------

    To facilitate information sharing by NSCC while protecting the 
confidentiality of proprietary and confidential information NSCC shares 
with its participants, NSCC proposes to add participant confidentiality 
requirements to its Rules. The new provisions will require participants 
to maintain the confidentiality of information furnished by NSCC 
through proper safeguards to prevent disclosure of such confidential 
information, except as necessary to perform its obligations under 
NSCC's Rules or as otherwise required by applicable law. NSCC proposes 
that participants be required to maintain the confidentiality of this 
information to the same extent and using the same means the participant 
uses to protect its own confidential information, but no less than a 
reasonable standard of care. NSCC's proposal will also entitle NSCC or 
DTCC to seek any temporary or permanent injunctive or other equitable 
relief in addition to any monetary damages under the Rules if a 
participant breaches its confidentiality requirements. Additionally, 
NSCC's proposal will entitle NSCC to impose other disciplinary 
proceedings or restrictions on access to services for a participant's 
failure to comply with its confidentiality requirements, consistent 
with the existing tools available to NSCC regarding a participant's 
failure to comply with its Rules.
2. Market Disruption Event
    NSCC's Rules contain provisions that identify the events or 
circumstances that NSCC would consider to be a Market Disruption Event, 
including, for example, events that lead to the suspension or 
limitation of trading or banking in the markets in which NSCC operates, 
or the unavailability or failure of any material payment, bank 
transfer, wire or securities settlement systems.\19\ Upon the 
declaration of a Market Disruption Event, NSCC's Rules provide NSCC 
with tools to address such an event, such as suspending any or all 
services and taking, or requiring participants to take, any actions 
NSCC considers appropriate to facilitate the continuation of NSCC's 
services.\20\
---------------------------------------------------------------------------

    \19\ See Rule 60, supra note 6. See also Securities Exchange Act 
Release Nos. 83955 (August 27, 2018), 83 FR 44340 (August 30, 2018) 
(File No. SR-NSCC-2017-805); 83974 (August 28, 2018), 83 FR 44988 
(September 4, 2018) (File No. SR-NSCC-2017-017).
    \20\ See Rule 60, supra note 6.
---------------------------------------------------------------------------

    Currently, NSCC's Board of Directors may declare a Market 
Disruption Event and may take any actions authorized by NSCC's Rules to 
address the event.\21\ However, NSCC's Rules also authorize certain 
officers to make an interim declaration of a Market Disruption Event, 
to allow NSCC to prevent delays in addressing a Market Disruption Event 
if the Board of Directors is unable to convene.\22\ In the event of 
such an interim declaration, the Board of Directors must ratify, 
modify, or rescind the officer's determination as soon as 
practicable.\23\ Currently, the officers authorized to make such 
determination are the Chief Executive Officer, Chief Financial Officer, 
Group Chief Risk Officer, and General Counsel.\24\
---------------------------------------------------------------------------

    \21\ See Section 2 of Rule 60, id.
    \22\ See id.
    \23\ See id.
    \24\ See id.
---------------------------------------------------------------------------

    NSCC proposes to add two additional officers of NSCC, the Chief 
Information Officer and the Head of Clearing Agency Services, to the 
list of authorized officers that could make such an interim 
determination if the Board of Directors is unable to convene. NSCC 
states these two officers, like the other officers currently provided 
in the Rules, maintain senior executive level positions at NSCC, 
oversee divisions of NSCC, and hold positions at NSCC that would 
provide them a necessary global view into NSCC's operations and systems 
to enable them to determine the existence of a Market Disruption 
Event.\25\ NSCC states adding these two additional officers would 
facilitate NSCC's ability to implement its emergency procedures in the 
event of a Market Disruption Event.\26\
---------------------------------------------------------------------------

    \25\ See Notice of Filing, supra note 4, at 36817.
    \26\ See id.
---------------------------------------------------------------------------

3. Systems Disconnect Rule
    As mentioned above in Section II.A (Background), NSCC's 
participants connect to NSCC's systems, either through the DTCC-managed 
SMART network or through other electronic means, such as through a 
third party service provider or service bureau. NSCC's Rules do not 
address NSCC's ability to disconnect a participant whose network 
connection risks harming NSCC's systems. NSCC's proposal will establish 
procedures under which NSCC would be able to disconnect a participant 
from its network due to the risk of an imminent threat to NSCC, 
participants, or other market participants.\27\
---------------------------------------------------------------------------

    \27\ See Notice of Filing, supra note 4, at 36817.
---------------------------------------------------------------------------

    NSCC's proposal will address NSCC's authority to take certain 
actions upon the occurrence, and during the pendency, of a Major Event. 
A ``Major Event'' will be defined as the happening of one or more 
``Systems Disruptions'' reasonably likely to have a significant impact 
on NSCC's operations, including ``DTCC Systems,'' \28\ that affect the 
business, operations, safeguarding of securities or funds, or physical 
functions of NSCC, its participants, or other market participants. 
``Systems Disruption'' will, in turn, be defined as the unavailability, 
failure, malfunction, overload, or restriction (whether partial or 
total) of a DTCC Systems Participant's systems that disrupts or 
degrades the normal operation of such DTCC Systems Participant's 
systems; or anything that impacts or alters the normal communication or 
the files that are received, or information transmitted, to or from the 
DTCC Systems.
---------------------------------------------------------------------------

    \28\ ``DTCC Systems'' will be defined as the systems, equipment 
and technology networks of DTCC, NSCC and/or their Affiliates, 
whether owned, leased, or licensed, software, devices, IP addresses 
or other addresses or accounts used in connection with providing the 
services set forth in the Rules, or used to transact business or to 
manage the connection with NSCC.
---------------------------------------------------------------------------

    NSCC's proposal would also provide governance procedures applicable 
to NSCC's determination whether, and how, to implement the provisions 
of the Systems Disconnect Rule. The same officers with delegated 
authority under the Force Majeure Rule may make a determination that a 
Major Event has occurred. As discussed in Section II.B.2 (Market 
Disruption Event) above, NSCC states these officers maintain senior 
executive level positions at NSCC, oversee divisions of NSCC, and hold 
positions at NSCC that would provide them a necessary global view into 
NSCC's operations and systems to enable them to determine the existence 
of a Market Disruption Event, which would also enable them to determine 
the existence of a Major Event.
    However, the proposed process for declaring a Major Event, by 
contrast, would start with a designated officer, whereas, for a Market 
Disruption Event, the officer would make an interim determination only 
if the Board of Directors were unable to timely convene. NSCC states it 
designed the

[[Page 57232]]

process in this way to improve its ability to respond quickly, 
efficiently, and effectively to a Major Event that arises abruptly.\29\ 
Following this determination, any management committee including all of 
the officers authorized to determine a Major Event would convene, and 
NSCC would convene a Board of Directors meeting as soon as practicable 
thereafter, and in any event within five Business Days following such 
determination, to ratify, modify, or rescind the Officer Major Event 
Action.\30\
---------------------------------------------------------------------------

    \29\ See Notice of Filing, supra note 4, at 36818.
    \30\ See id.
---------------------------------------------------------------------------

    In addition, the proposed rule will require participants to notify 
NSCC immediately upon becoming aware of a Major Event, and, likewise, 
will require NSCC to notify its participants promptly of any action 
NSCC takes or intends to take with respect to a Major Event.\31\ 
Finally, the proposal will address certain miscellaneous related 
matters including: (i) A limitation of liability for any failure or 
delay in performance, in whole or in part of NSCC's obligations under 
the Rules, arising out of or related to a Major Event, (ii) a statement 
that NSCC's power to take any action pursuant to the Systems Disconnect 
Rule also includes the power to repeal, rescind, revoke, amend or vary 
such action, (iii) a statement that NSCC's powers pursuant to the 
Systems Disconnect Rule shall be in addition to, and not in derogation 
of, authority granted elsewhere in the Rules to take action as 
specified therein, (iv) a requirement that participants shall keep any 
confidential information provided to them by NSCC in connection with a 
Major Event confidential, and (v) a statement that in the event of any 
conflict between the provisions of the Systems Disconnect Rule and any 
other Rules or Procedures, the provisions of the Systems Disconnect 
Rule would prevail.
---------------------------------------------------------------------------

    \31\ See id.
---------------------------------------------------------------------------

III. Discussion and Commission Findings

    Section 19(b)(2)(C) of the Act \32\ directs the Commission to 
approve a proposed rule change of a self-regulatory organization if it 
finds that such proposed rule change is consistent with the 
requirements of the Act and the rules and regulations thereunder 
applicable to such organization. After careful consideration, the 
Commission finds that the Proposed Rule Change is consistent with the 
requirements of the Act and the rules and regulations applicable to 
NSCC. In particular, the Commission finds that the Proposed Rule Change 
is consistent with Section 17A(b)(3)(F) \33\ of the Act and Rules 17Ad-
22(e)(1),\34\ (e)(2),\35\ and (e)(17)(i) \36\ thereunder.
---------------------------------------------------------------------------

    \32\ 15 U.S.C. 78s(b)(2)(C).
    \33\ 15 U.S.C. 78q-1(b)(3)(F).
    \34\ 17 CFR 240.17Ad-22(e)(1).
    \35\ 17 CFR 240.17Ad-22(e)(2).
    \36\ 17 CFR 240.17Ad-22(e)(17)(i).
---------------------------------------------------------------------------

A. Consistency With Section 17A(b)(3)(F) of the Act

    Section 17A(b)(3)(F) \37\ of the Exchange Act requires, in part, 
that the rules of a clearing agency, such as NSCC, be designed, in 
part, to promote the prompt and accurate clearance and settlement of 
securities transactions and to assure the safeguarding of securities 
and funds which are in the custody or control of the clearing agency or 
for which it is responsible. The Commission finds that the Proposed 
Rule Change is consistent with Section 17A(b)(3)(F) of the Act \38\ for 
the reasons discussed below.
---------------------------------------------------------------------------

    \37\ 15 U.S.C. 78q-1(b)(3)(F).
    \38\ Id.
---------------------------------------------------------------------------

    As described above in Section II.B.1 (Confidentiality 
Requirements), NSCC proposes to revise its Rules to establish a 
standard relating to NSCC's obligation to maintain the confidentiality 
of information it collects from participants to assess each 
participant's compliance with NSCC's membership requirements. The 
Commission believes such a uniform standard will help NSCC meet its 
obligations and will help each participant better understand NSCC's 
obligations for maintaining the confidential information it shares with 
NSCC, which, in turn, may facilitate the sharing of such information 
and improve NSCC's ability to evaluate its participants' eligibility to 
access NSCC's clearance and settlement services.
    Also, as described above in Section II.B.1 (Confidentiality 
Requirements), NSCC proposes to add participant confidentiality 
requirements to its Rules to ensure participants maintain the 
confidentiality of information NSCC shares, which participants may then 
use to determine whether to participate in NSCC's clearance and 
settlement services by understanding NSCC system requirements and NSCC 
system safeguards. The Commission believes participant confidentiality 
requirements will help each participant better understand its rights 
and obligations for maintaining the confidential information NSCC 
shares, which, in turn, may facilitate participant compliance. 
Therefore, the Commission believes the proposed changes to NSCC and 
participant confidentiality requirements are consistent with promoting 
the prompt and accurate clearance and settlement of securities 
transactions by NSCC.
    As described above in Section II.B.2 (Market Disruption Event) and 
Section II.B.3 (Systems Disconnect Rule), risks, threats, and potential 
vulnerabilities due to a Market Disruption Event or a Major Event could 
impede NSCC's ability to provide its clearance and settlement services. 
NSCC proposes to add two officers authorized to make an interim 
determination that a Market Disruption Event has occurred if the Board 
of Directors is unable to timely convene. The Commission believes the 
proposed change will improve NSCC's ability to respond quickly to a 
Market Disruption Event, which could help NSCC mitigate the impact of 
such event on NSCC, its participants, and the broader market.
    Additionally, as described above in Section II.B.3 (Systems 
Disconnect Rule), NSCC proposes to add the Systems Disconnect Rule, 
which will set forth the procedures under which NSCC would be 
authorized, upon the occurrence of a Major Event (as defined in the 
proposed rules), to take certain actions, including disconnecting a 
participant from NSCC's systems, suspending data transmissions between 
NSCC and the participant, and requiring the participant to take other 
actions necessary to protect NSCC and its participants. The Commission 
believes the proposed Systems Disconnect Rule will enable NSCC to 
respond quickly to a potential cyber threat or other network 
disruption, which could help NSCC prevent the spread of a participant's 
systems disruptions to NSCC, its participants, and other market 
participants that could otherwise cause losses to NSCC or its 
participants.
    One commenter suggests certain revisions to the definition of Major 
Event so that certain terms in the Systems Disconnect Rule are 
consistent with the definition of Market Disruption Event in the Force 
Majeure Rule.\39\ The Commission disagrees. Consistency between the 
Systems Disconnect Rule and Force Majeure Rule is not necessary because 
NSCC designed the Systems Disconnect Rule for a different purpose. 
Although both rules relate to events that, if left unaddressed, could 
affect NSCC's ability to provide clearance and settlement services, the 
Force Majeure Rule is designed to cover events caused by external 
forces that impact NSCC and its participants, whereas the Systems 
Disconnect Rule is designed only to

[[Page 57233]]

cover disruptions to participant's computer systems or network that 
could flow through to NSCC systems. Therefore, differences between the 
two rules do not raise consistency concerns, because of their different 
purposes.\40\
---------------------------------------------------------------------------

    \39\ See letter from Anonymous, dated July 28, 2021, supra note 
5.
    \40\ The commenter also suggests adding language to the end of 
the Major Event definition to indicate that, to avoid doubt, a Major 
Event would not include disruptions due to normal market forces. The 
Commission does not believe that such additional language is 
necessary because, as discussed above in Section II.B.3 (Systems 
Disconnect Rule), a Major Event is limited to one or more ``Systems 
Disruption(s)'' (as defined in the proposed rule), which is properly 
limited to disruptions to participant systems or its network 
connection.
---------------------------------------------------------------------------

    Therefore, for the reasons described above, the Commission believes 
the proposed changes relating to a Market Disruption Event or a Major 
Event will help promote the prompt and accurate clearance and 
settlement of securities transactions and with assuring NSCC safeguards 
securities and funds that are in its custody or control or for which it 
is responsible. Accordingly, the Commission finds that the 
implementation of the Proposed Rule Change is consistent with Section 
17A(b)(3)(F) of the Act.\41\
---------------------------------------------------------------------------

    \41\ 15 U.S.C. 78q-1(b)(3)(F).
---------------------------------------------------------------------------

B. Consistency With Rule 17Ad-22(e)(1)

    Rule 17Ad-22(e)(1) under the Exchange Act requires that a covered 
clearing agency establish, implement, maintain and enforce written 
policies and procedures reasonably designed to provide for a well-
founded, clear, transparent and enforceable legal basis for each aspect 
of its activities in all relevant jurisdictions.\42\ The Commission 
finds that the Proposed Rule Change is consistent with Rule 17Ad-
22(e)(1) of the Exchange Act \43\ for the reasons discussed below.
---------------------------------------------------------------------------

    \42\ 17 CFR 240.17Ad-22(e)(1).
    \43\ Id.
---------------------------------------------------------------------------

    As described above in Sections II.B.1 (Confidentiality 
Requirements) and II.B.2 (Market Disruption Event), NSCC proposes to 
establish a consistent standard for its obligation to maintain the 
confidentiality of information it collects from its participants and to 
establish participant confidentiality requirements. The Commission 
believes a consistent standard for NSCC's confidentiality requirements 
will provide for clear and transparent standard rules for participants, 
rather than maintaining potentially different confidentiality standards 
for participants based on the various, unrelated regulatory bodies 
governing those participants. Additionally, the Commission believes 
that imposing specific legal standards applicable to both NSCC and its 
participants to follow will provide for a well-founded legal basis for 
the sharing and maintaining of confidential information between NSCC 
and its participants.\44\
---------------------------------------------------------------------------

    \44\ One commenter suggests adding an exception for negligence 
or fraud to the limitation of liability clause in the proposed 
Systems Disconnect Rule, which the commenter states is customary 
contractual language. See letter from Anonymous, dated July 28, 
2021, supra note 5. The Commission notes NSCC has already included 
similar language in its Rules, which would be applicable to this 
aspect of the proposal. See Section 2 of Rule 58, supra note 6 
(providing for NSCC liability to its participants for ``gross 
negligence, willful misconduct, or violations of Federal securities 
laws for which there is a private right of action'' notwithstanding 
any other provision in the Rules).
---------------------------------------------------------------------------

    Accordingly, the Commission finds that the implementation of the 
Proposed Rule Change is consistent with Rule 17Ad-22(e)(1) of the 
Exchange Act.\45\
---------------------------------------------------------------------------

    \45\ 17 CFR 240.17Ad-22(e)(1).
---------------------------------------------------------------------------

C. Consistency With Rule 17Ad-22(e)(2)

    Rule 17Ad-22(e)(2) under the Exchange Act requires, in part, that a 
covered clearing agency establish, implement, maintain and enforce 
written policies and procedures reasonably designed to provide for 
governance arrangements that are clear and transparent and that specify 
clear and direct lines of responsibility.\46\ The Commission finds that 
the Proposed Rule Change is consistent with Rule 17Ad-22(e)(2) of the 
Exchange Act \47\ for the reasons discussed below.
---------------------------------------------------------------------------

    \46\ 17 CFR 240.17Ad-22(e)(2).
    \47\ Id.
---------------------------------------------------------------------------

    The Commission believes NSCC's proposal, as described above in 
Section II.B.2 (Market Disruption Event), to add two officers 
authorized to make an interim determination of a Market Disruption 
Event if the Board of Directors is unable to convene in a timely manner 
provides for governance arrangements that are clear and transparent and 
that provide clear and direct lines of responsibility. Likewise, the 
Commission believes NSCC's proposal to identify the officers authorized 
to make an interim determination of a Major Event, which will then be 
ratified, modified, or rescinded by the management committee and the 
Board of Directors will provide for clear and transparent governance 
procedures and will specify clear and direct lines of responsibility. 
Accordingly, the Commission finds that the implementation of the 
Proposed Rule Change is consistent with Rule 17Ad-22(e)(2) of the 
Exchange Act.\48\
---------------------------------------------------------------------------

    \48\ Id.
---------------------------------------------------------------------------

D. Consistency With Rule 17Ad-22(e)(17)(i)

    Rule 17Ad-22(e)(17)(i) under the Exchange Act requires that a 
covered clearing agency establish, implement, maintain and enforce 
written policies and procedures reasonably designed to manage the 
covered clearing agency's operational risks by identifying the 
plausible sources of operational risk, both internal and external, and 
mitigating their impact through the use of appropriate systems, 
policies, procedures, and controls.\49\ The Commission finds that the 
Proposed Rule Change is consistent with Rule 17Ad-22(e)(17)(i) of the 
Exchange Act \50\ for the reasons discussed below.
---------------------------------------------------------------------------

    \49\ 17 CFR 240.17Ad-22(e)(17)(i).
    \50\ Id.
---------------------------------------------------------------------------

    The Commission believes NSCC's proposal, as described above in 
Section II.B.2 (Market Disruption Event), to add two officers 
authorized to make an interim determination of a Market Disruption 
Event could help NSCC mitigate the impact of a Market Disruption Event 
by ensuring NSCC can respond quickly to such event if the Board of 
Directors were unable to convene in a timely manner. Likewise, the 
Commission believes the proposed Systems Disconnect Rule, as described 
in Section II.B.3 above, provides a rules-based process that will 
enable NSCC to identify potential cyber threats or other network 
disruptions, which could help NSCC prevent the spread of a 
participant's systems disruptions to NSCC, its participants, and other 
market participants that could otherwise cause losses to NSCC or its 
participants.
    One commenter suggests revising the definition of Major Event to be 
consistent with the definition of Market Disruption Event in the Force 
Majeure Rule.\51\ The commenter further argues the impact to NSCC 
covered by the definition of Major Event should be limited to ``DTCC 
Systems'' (as defined in the proposed rule) to ensure the scope of the 
proposed rule is limited to technical systems.\52\ The Commission 
disagrees. As noted above, the purposes of both the Force Majeure Rule 
and the Systems Disconnect Rule are different. The Force Majeure Rule 
is designed to cover events external to NSCC and its participants that 
materially impact, or are likely to materially impact, NSCC's ability 
to provide its clearance and settlement services. The Systems

[[Page 57234]]

Disconnect Rule, by contrast, is designed to cover a participant's 
systems or network disruption, which through its connection to NSCC, is 
reasonably likely to have a significant impact on NSCC's systems. The 
differences between the rules' purposes support the need for differing 
standards.\53\ Furthermore, the Commission notes the reference to 
``including DTCC Systems'' in the proposed definition of Major Event 
takes into account how NSCC's operations, i.e., its clearance and 
settlement services, work, in that they utilize DTCC Systems. 
Consequently, the commenter's proposed revisions are not necessary.\54\
---------------------------------------------------------------------------

    \51\ Specifically, the commenter suggests deleting reference to 
``reasonably'' and by replacing ``significant'' with ``material'' 
when describing the likelihood and level of impact to NSCC. See 
letter from Anonymous, dated July 28, 2021, supra note 5.
    \52\ See id.
    \53\ The Commission also disagrees with the commenter's 
suggestion to remove the references to ``reasonably'' with respect 
to the likelihood of an event impacting NSCC's operations. The 
Commission believes that NSCC's assessment of the likelihood of such 
an impact should be reasonable before taking actions like 
disconnecting a participant from its systems. In addition, the 
Commission notes that NSCC's references to ``reasonably likely'' and 
``significant impact'' in the proposed definition of Major Event are 
consistent with the Commission's definition of a ``Major SCI Event'' 
under Regulation SCI. 17 CFR 242.1000. Likewise, the Commission 
notes that references in the proposed rule text to ``reasonable 
basis'' and ``appropriate'' is consistent with the obligations 
related to a Major SCI Event under Regulation SCI. 17 CFR 242.1002.
    \54\ Another commenter expressed concern that the proposed 
Systems Disconnect Rule could be used to benefit the trading 
activity of certain participants at the detriment of disconnected 
participants. See letter from Jarrod Knudson, dated June 27, 2021, 
supra note 5. The Commission disagrees because the proposed rule, by 
its terms, would only apply when certain Systems Disruptions occur 
at a participant that could impact NSCC's operations.
---------------------------------------------------------------------------

    Accordingly, the Commission finds that the implementation of the 
Proposed Rule Change is consistent with Rule 17Ad-22(e)(17)(i) of the 
Exchange Act.\55\
---------------------------------------------------------------------------

    \55\ 17 CFR 240.17Ad-22(e)(17)(i).
---------------------------------------------------------------------------

IV. Conclusion

    On the basis of the foregoing, the Commission finds that the 
Proposed Rule Change is consistent with the requirements of the Act and 
in particular with the requirements of Section 17A of the Act \56\ and 
the rules and regulations promulgated thereunder.
---------------------------------------------------------------------------

    \56\ 15 U.S.C. 78q-1.
---------------------------------------------------------------------------

    It is therefore ordered, pursuant to Section 19(b)(2) of the Act 
\57\ that Proposed Rule Change SR-NSCC-2021-007, be, and hereby is, 
approved.\58\
---------------------------------------------------------------------------

    \57\ 15 U.S.C. 78s(b)(2).
    \58\ In approving the Proposed Rule Change, the Commission 
considered the proposals' impact on efficiency, competition, and 
capital formation. 15 U.S.C. 78c(f).

    For the Commission, by the Division of Trading and Markets, 
pursuant to delegated authority.\59\
---------------------------------------------------------------------------

    \59\ 17 CFR 200.30-3(a)(12).
---------------------------------------------------------------------------

J. Matthew DeLesDernier,
Assistant Secretary.
[FR Doc. 2021-22438 Filed 10-13-21; 8:45 am]
BILLING CODE 8011-01-P


