Today, the Commission voted to propose amendments regarding login, password, and other account access protocols for filers and other registrants using the Electronic Data Gathering, Analysis, and Retrieval System, commonly known as EDGAR. I am pleased to support these proposed amendments because, if adopted, they would enhance EDGAR’s security and further improve filers’ access to the EDGAR system.
The public and the SEC long have benefitted from the EDGAR electronic disclosure system. Today, EDGAR is a rich and accessible library for investors and filers alike. Unlike streaming platforms and other subscription platforms, EDGAR is available to the public free of charge. I think it’s one of the great innovations of the SEC.
A lot has changed in the three decades since the Commission first required mandatory EDGAR filings in 1993. EDGAR has lived through the rise of the internet, social media, and streaming content. We also have had to learn a great deal about data security and password protection in that time. To keep pace with ever-evolving markets, technology, and business models, we’ve updated EDGAR over the years. Our most recent meaningful update, though, to EDGAR login, password, and other account access protocols was more than a decade ago.
Today’s proposed amendments are an important next step for EDGAR account access protocols. Under current requirements, registrants have one login per company. This is like having a family passing around one shared login and password for a movie streaming app. You know where that can lead. That’s simply not the most secure system—for filers and the Commission alike—when it comes to information relating to financial disclosure. By contrast, today’s actions would further secure login protocols by requiring every person filing something into EDGAR to login with individual credentials and to use multi-factor authentication.
Concurrent to this proposal, the SEC’s EDGAR Business Office soon will roll out a Beta version of a new EDGAR user interface, which will include a set of optional Application Program Interfaces (APIs). These APIs will help enhance how filers, including registrants and their agents, can access EDGAR, retrieve information, and submit bulk filings. These changes would promote efficiency for filers and the Commission alike.
In formulating today’s updates, we benefitted greatly from public input in response to our September 2021 request for information regarding EDGAR.[1] I encourage interested members of the public to share feedback with the Commission.
Taken together, these proposed amendments would benefit the Commission, filers, and investors alike.
I’d like to thank the SEC staff for working on this matter, including:
- Jed Hickman, Rosemary Filou, Dan Chang, Laurita Finch, Margaret Marrero, Jane Patterson, Lidian Pereira, Gina Pearson, Melinda Hobbs, Dan Winter, Deegi Biteng, Freddie Ntim, Sherwin Joseph, Lisa Butler, Tayeb Qureshi, Tina Herring, Pachie Perrow, and Guru Belur in the EDGAR Business Office;
- Jessica Wachter, Missaka Warausawitharana, Charles Woodworth, Wei Liu, Ralph Bien-Aime, and Caroline Schulte in the Division of Economic and Risk Analysis; and
- Bryant Morris, Peggy Kim, and Joe Valerio in the Office of the General Counsel.
[1] See Securities and Exchange Commission, “Potential Technical Changes to EDGAR Filer Access and Filer Account Management Processes” (Sept. 30, 2021), available at https://www.sec.gov/files/rules/other/2021/33-10993.pdf.