Notice2022-11535
Self-Regulatory Organizations; National Securities Clearing Corporation; Notice of a Proposed Rule Change To Require Applicants and Members To Maintain or Upgrade Their Network or Communications Technology
Primary source
Metadata and text below are from the Federal Register, a public-domain U.S. government work. Always verify the official published version before relying on it for any legal matter.
Published
May 31, 2022
Issuing agencies
Securities and Exchange Commission
Full Text
<html>
<head>
<title>Federal Register, Volume 87 Issue 104 (Tuesday, May 31, 2022)</title>
</head>
<body><pre>
[Federal Register Volume 87, Number 104 (Tuesday, May 31, 2022)]
[Notices]
[Pages 32485-32489]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2022-11535]
-----------------------------------------------------------------------
SECURITIES AND EXCHANGE COMMISSION
[Release No. 34- 94977; File No. SR-NSCC-2022-004]
Self-Regulatory Organizations; National Securities Clearing
Corporation; Notice of a Proposed Rule Change To Require Applicants and
Members To Maintain or Upgrade Their Network or Communications
Technology
May 24, 2022.
Pursuant to Section 19(b)(1) of the Securities Exchange Act of 1934
(``Act'') \1\ and Rule 19b-4 thereunder,\2\ notice is hereby given that
on May 11, 2022, National Securities Clearing Corporation (``NSCC'')
filed with the Securities and Exchange Commission (``Commission'') the
proposed rule change as described in Items I, II and III below, which
Items have been prepared by the clearing agency. The Commission is
publishing this notice to solicit comments on the proposed rule change
from interested persons.
---------------------------------------------------------------------------
\1\ 15 U.S.C. 78s(b)(1).
\2\ 17 CFR 240.19b-4.
---------------------------------------------------------------------------
[[Page 32486]]
I. Clearing Agency's Statement of the Terms of Substance of the
Proposed Rule Change
The proposed rule change of NSCC consists of modifications to
NSCC's Rules & Procedures (``Rules'') \3\ to revise certain provisions
in the Rules relating to the requirement of applicants for NSCC
membership, Members, Limited Members and Sponsored Members,\4\
(collectively, ``Participants'') of NSCC, to require that each
Participant upgrade its network technology, and communications
technology or protocols to meet standards that NSCC shall publish from
time to time, as described in greater detail below.
---------------------------------------------------------------------------
\3\ Capitalized terms not defined herein are defined in the
Rules, available at https://dtcc.com/~/media/Files/Downloads/legal/
rules/nscc_rules.pdf.
\4\ Sponsored Members are a future program and will be the
subject of a separate proposed rule change.
---------------------------------------------------------------------------
II. Clearing Agency's Statement of the Purpose of, and Statutory Basis
for, the Proposed Rule Change
In its filing with the Commission, the clearing agency included
statements concerning the purpose of and basis for the proposed rule
change and discussed any comments it received on the proposed rule
change. The text of these statements may be examined at the places
specified in Item IV below. The clearing agency has prepared summaries,
set forth in sections A, B, and C below, of the most significant
aspects of such statements.
(A) Clearing Agency's Statement of the Purpose of, and Statutory Basis
for, the Proposed Rule Change
1. Purpose
NSCC is proposing to adopt a requirement that each Participant
provide documentation demonstrating that the Participant's network
technology, and communication technology or protocols meet the
standards that NSCC is currently requiring. The determination to
require changes or upgrades is incorporated into NSCC's procedures and
includes an evaluation of the external threat landscape, threats to
NSCC's technology infrastructure and information assets, industry
cybersecurity priorities, a review of the root causes of incidents, and
an evaluation of the current state of the network infrastructure as
expressed using third party assessments. For existing Members, Limited
Members, and Sponsored Members, a new requirement is being proposed to
require such Participants to upgrade their network technology, and
communication technology or protocols within the timeframe published by
NSCC. The proposed changes are described in greater detail below.
(i) Background of the Requirement
Currently, NSCC does not require, either as part of its application
for membership or as an ongoing membership requirement, any level or
version for network technology, such as a web browser or other
technology, or any level or version of communications technology or
protocols, such as email encryption, secure messaging, or file
transfers, that are being used to connect to or communicate with NSCC.
In the current environment, NSCC maintains multiple network and
communications methods and protocols, some either obsolete or many
years older than the current standard in order to support Participants
using these older technologies, which leaves communications between
NSCC and its Participants vulnerable to interception or the
introduction of unknown entries, and requires NSCC to expend additional
resources, both in personnel and equipment, to maintain older
communications channels. In addition, Participant's use of older
technology delays the implementation by NSCC to upgrade its internal
systems, which, by doing so, risks losing connectivity with a number of
Participants. Given NSCC's critical role in the marketplace, this is a
risk that needs to be addressed.
NSCC believes that it should require current network technology,
and current communication technology and protocol standards for
Participants connecting to its network. For example, The National
Institute of Standards and Technology or NIST \5\ Special Publication
800-52 revision 2, specifies servers that support government-only
applications shall be configured to use TLS \6\ 1.2 and should be
configured to use TLS 1.3 as well. These servers should not be
configured to use TLS 1.1 and shall not use TLS 1.0, SSL 3.0, or SSL
2.0.\7\ The internet Engineer Task Force (``IETF'') \8\ formally
deprecated TLS versions 1.0 and 1.1 in March of 2021, stating, ``These
versions lack support for current and recommended cryptographic
algorithms and mechanisms, and various government and industry profiles
of applications using TLS now mandate avoiding these old TLS versions.
. . . Removing support for older versions from implementations reduces
the attack surface, reduces opportunity for misconfiguration, and
streamlines library and product maintenance.'' \9\ TLS 1.0 (published
in 1999) does not support many modern, strong cipher (encryption)
suites and TLS 1.1 (published in 2006) is a security improvement over
TLS 1.0 but still does not support certain stronger cipher or
encryption suites.\10\ Another communications technology, File Transfer
Protocol (``FTP'') is considered an insecure protocol, because it
transfers user authentication data (username and password) and file
data as plain-text (not encrypted) over the network. This makes it
highly vulnerable to sniffing attacks that allow an attacker to collect
usernames and passwords from the network and inject malware into
downloads via FTP. Following the guidance from NIST and other standards
organizations, the proposed change would require the use of TLS 1.2,
Secure FTP (``SFTP''), along with other modern technology and
communication standards and protocols to communication with
Participants.
---------------------------------------------------------------------------
\5\ The National Institute of Standards and Technology
(``NIST'') is part of the U.S. Department of Commerce.
\6\ Transport Layer Security (``TLS''), the successor of the
now-deprecated Secure Sockets Layer (``SSL''), is a cryptographic
protocol designed to provide communications security over a computer
network.
\7\ A government-only application is an application where the
intended users are exclusively government employees or contractors
working on behalf of the government. The full NIST publication is
available at <a href="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf">https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf</a>.
\8\ The internet Engineering Task Force (``IETF'') is an open
standards organization, which develops and promotes voluntary
internet standards, in particular the technical standards that
comprise the internet protocol suite (TCP/IP).
\9\ <a href="https://datatracker.ietf.org/doc/rfc8996/">https://datatracker.ietf.org/doc/rfc8996/</a>
\10\ Id.
---------------------------------------------------------------------------
(ii) Proposed Rule Changes
To implement the proposed changes, NSCC would revise Rule 2A,
Section 1C to add the requirement that applicants for membership must
confirm their network technology, and communications technology and
protocols to be at the levels specified by NSCC, as part of their
application. Rule 2B, Section 2A would be amended to add the
requirement that each Member, Limited Member, or Sponsored Member
maintain or upgrade their network technology, or communications
technology or protocols on the systems that connect to NSCC to the
version being required and within the time periods as provided through
the Important Notice mechanism on NSCC's website. Rule 7, Section 6
would be changed to provide that NSCC may require self-regulatory
organizations, derivatives clearing organizations, and organizations
who act either directly or through a subsidiary or affiliated
organization and communicate with NSCC maintain or upgrade their
[[Page 32487]]
network technology, or communications technology or protocols on the
systems that connect to NSCC to the version being required and within
the time periods in the same manner as Members, Limited Members or
Sponsored Members. Addendum P, Section 3 of the Rules would be updated
to provide that a Member, Limited Member or Sponsored Member who fails
to perform the upgrade to their network technology, or communications
technology or protocols and in the required timeframe would be subject
to a monetary fine as specified in the Rules.
(iii) Implementation Timeframe and Notification Requirements
In order to provide Members, Limited Members, or Sponsored Members
adequate time to complete a required network technology, or
communications technology or protocol upgrade, the time for a Member,
Limited Member, or Sponsored Member to complete a required upgrade
shall be set forth in the form of a notice posted on NSCC's website
pursuant to Section 7 of Rule 45, with the timeline determined for the
due date of any upgrade. NSCC maintains a security policy and control
standards that include a review of industry, vendor and U.S. Government
best practice guidelines and timelines for security reviews which are
used to determine whether an upgrade may be required. Due dates for an
upgrade shall be published on the website based on NSCC's reasonable
estimates of the complexity or potential cost of an upgrade, an
estimate of potential licensing fees, an estimate of the resources that
may be needed to support an upgrade, or the urgency to remediate
published vulnerabilities.
Applicants for membership shall be required to test connectivity to
NSCC using the current network technology or communications technology
or protocols with their application for membership upon the effective
date of the proposal.
2. Statutory Basis
NSCC believes that the proposal is consistent with the requirements
of the Act \11\ and the rules and regulations thereunder applicable to
a registered clearing agency. In particular, NSCC believes that the
proposed rule changes is consistent with Section 17A(b)(3)(F) of the
Act,\12\ and Rules 17Ad-22(e)(17)(i) and (ii), (21), and (23),\13\
promulgated under the Act as discussed below.
---------------------------------------------------------------------------
\11\ 15 U.S.C. 78a et seq.
\12\ 15 U.S.C. 78q-1(b)(3)(F).
\13\ 17 CFR 240.17Ad-22(e)(17), (e)(21), (e)(23).
---------------------------------------------------------------------------
Section 17A(b)(3)(F)
Section 17A(b)(3)(F) of the Act \14\ requires, in part, that the
Rules be designed to promote the prompt and accurate clearance and
settlement of securities transactions, to assure the safeguarding of
securities and funds which are in the custody or control of NSCC or for
which it is responsible and to remove impediments to and perfect the
mechanism of a national system for the prompt and accurate clearance
and settlement of securities transactions.
---------------------------------------------------------------------------
\14\ 15 U.S.C. 78q-1(b)(3)(F).
---------------------------------------------------------------------------
NSCC believes that the proposed rule change requiring Participants
to meet NSCC's standards for network technology, or communications
technology or protocols is consistent with this provision of the Act.
By conditioning an entity's application to NSCC on its use of NSCC's
current network technology and communications technology or protocols,
NSCC should be better enabled to reduce the cyber risks of
electronically connecting to entities by reducing the risks of
communication interception. Accordingly, the proposed requirement would
allow NSCC to reduce both NSCC's and its Participant's exposure to
interception or the introduction of malware while communicating between
the entities. Intercepting communications or the introduction of
malware or altered data could potentially compromise NSCC's ability to
promptly and accurately settle securities transactions and safeguard
securities funds. The proposal is designed to mitigate those risks and
thereby promote the prompt and accurate clearance and settlement of
securities transactions, to assure the safeguarding of securities and
funds which are in the custody or control of NSCC or for which it is
responsible and to remove impediments to and perfect the mechanism of a
national system for the prompt and accurate clearance and settlement of
securities transactions. Providing a clear and consistent standard at
the current level of network and communication security and technology
would allow Participants to better understand their obligations with
respect to such technology and communication requirements and providing
a uniform obligation for Participants with respect to such
requirements. As such, NSCC believes the proposed rule change is
consistent with Section 17A(b)(3)(F) of the Act.\15\
---------------------------------------------------------------------------
\15\ Id.
---------------------------------------------------------------------------
17Ad 22(e)(21)(iv)
In addition, the proposed rule change is designed to be consistent
with Rule 17Ad 22(e)(21)(iv) promulgated under the Act. Rule 17Ad-
22(e)(21)(iv) requires NSCC to, inter alia, establish, implement,
maintain and enforce written policies and procedures reasonably
designed to be efficient and effective in meeting the requirements of
its Participants and the markets it serves with regard to the use of
network technology and communication technologies or protocols. The
proposed rule change would enhance NSCC's security through the use of
current network technology, or communication technology or protocols,
and would allow NSCC to reduce its and its Participants' exposure to
interception or the introduction of malware while communicating between
the entities. This would eliminate the current use of multiple
generations of network technology and communications technology and
protocols, including ones that NIST no longer permits for use on
government systems due to their insecurity. The proposed rule would
require, after appropriate notice to Participants, future network
technology and communication or protocol upgrades as technology and
threats evolve to maintain secure connectivity.
Therefore, by reviewing and updating the efficiency and
effectiveness of its Participants' use of network technology and
communication technology or protocols and procedures, NSCC believes the
proposed change is consistent with the requirements of Rule 17Ad-
22(e)(21)(iv), promulgated under the Act.
Rule 17Ad-22(e)(17)(i)
NSCC believes the proposed change is designed to reduce the
following risks: (1) The risk of the communications between NSCC and
its Participants being intercepted or introducing malware or other
unknown harmful elements into NSCC's network that could cause harm to
NSCC; (2) the risk that a cyberattack or other unknown harmful elements
could be introduced from a Participant that could cause harm to other
Participants.\16\
---------------------------------------------------------------------------
\16\ 17 CFR 240.17Ad-22(e)(17).
---------------------------------------------------------------------------
In addition, the proposed rule change is designed to be consistent
with Rule 17Ad-22(e)(17)(i) promulgated under the Act,\17\ which
requires NSCC to establish, implement, maintain and enforce written
policies and procedures reasonably designed to manage the covered
clearing agency's operational risks by identifying plausible sources of
[[Page 32488]]
operational risk, both internal and external, and mitigating their
impact through the use of appropriate systems, policies, procedures,
and controls.
---------------------------------------------------------------------------
\17\ 17 CFR 240.17Ad-22(e)(17)(i).
---------------------------------------------------------------------------
The use of old, obsolete, or insecure network technology or
communications technologies or protocols, including communications
between NSCC and its Participants that are unencrypted, allowing for
potential interception or making the communication highly vulnerable to
sniffing attacks that allow an attacker to collect usernames and
passwords from the network and inject malware, are examples of
plausible sources of operational risks that NSCC seeks to reduce. By
requiring all Participants, after appropriate notice, to upgrade their
network technology or communications technology or protocols to current
standards, NSCC seeks to enhance the security of its systems and the
communications between it and its Participants.
Because the proposed changes would help identify and manage such
operational risks, NSCC believes that it is consistent with the
requirements of Rule 17Ad-22(e)(17)(i), promulgated under the Act.\18\
---------------------------------------------------------------------------
\18\ Id.
---------------------------------------------------------------------------
Rule 17Ad 22(e)(17)(ii)
In addition, the proposed rule change is designed to be consistent
with Rule 17Ad-22(e)(17)(ii) promulgated under the Act, which requires
NSCC to establish, implement, maintain and enforce written policies and
procedures reasonably designed ensure that systems have a high degree
of security, resiliency, operational reliability, and adequate,
scalable capacity.\19\
---------------------------------------------------------------------------
\19\ 17 CFR 240.17Ad-22(e)(17)(ii).
---------------------------------------------------------------------------
The use of unencrypted network technology and communications
technology or protocols can allow a third party to intercept messages,
insert malware, or change the message content, often without the
knowledge of either the sender or recipient of the messages or files.
Requiring Participants to upgrade their network technology and
communications technology or protocols to more modern and secure
methods, may eliminate many of the earlier threats.
Therefore, by requiring Participants to upgrade their network
technology or communications technology or protocols, NSCC believes
that the proposed change is consistent with the requirements of Rule
17Ad-22(e)(17)(ii), promulgated under the Act.\20\
---------------------------------------------------------------------------
\20\ Id.
---------------------------------------------------------------------------
Rule 17Ad-22(e)(22)
In addition, the proposed rule change is designed to be consistent
with Rule 17Ad-22(e)(22) promulgated under the Act, which requires NSCC
to use, or at a minimum accommodate, relevant internationally accepted
communication procedures and standards in order to facilitate efficient
payment, clearing, and settlement.\21\
---------------------------------------------------------------------------
\21\ 17 CFR 240.17Ad-22(e)(22).
---------------------------------------------------------------------------
The requirement to use industry approved communications technology
or protocols, including those that NIST specifies as acceptable for use
in government systems is a cornerstone of the changes being proposed by
NSCC. The use of older, obsolete, or insecure network technology or
communications technology or protocols, including those specified to
not be used by the IETF \22\ represents a risk to efficient payment,
clearing and settlement.
---------------------------------------------------------------------------
\22\ <a href="https://datatracker.ietf.org/doc/rfc8996/">https://datatracker.ietf.org/doc/rfc8996/</a>.
---------------------------------------------------------------------------
Therefore, by requiring Participants to upgrade their network
technology or communications technology or protocols, NSCC believes
that the proposed change is consistent with the requirements of Rule
17Ad-22(e)(22), promulgated under the Act.\23\
---------------------------------------------------------------------------
\23\ 17 CFR 240.17Ad-22(e)(22).
---------------------------------------------------------------------------
Rule 17Ad-22(e)(23)
The proposed rule change is also designed to be consistent with
Rule 17Ad 22(e)(23)(i), (ii) and (iv) promulgated under the Act, which
requires NSCC to publicly disclose all relevant rules and material
procedures, provide sufficient information to enable Participants to
identify and evaluate the risks, fees, potential monetary fines, and
other material costs they incur by participating in the covered
clearing agency, and to provide a comprehensive public disclosure that
describes NSCC's material rules, policies, and procedures regarding
NSCC's legal, governance, risk management and operating framework.\24\
---------------------------------------------------------------------------
\24\ 17 CFR 240.17Ad-23(e)(i), (ii), and (iv).
---------------------------------------------------------------------------
Network technology, or communications technology or protocols that
are being updated would be posted on the NSCC website and Participants
may subscribe to receive updates to such information as it occurs. This
allows current or prospective Participants the ability to understand
the risks and potential costs they may incur as a Participant,
including the potential costs to upgrade its network technology or
communications technology or protocols to the standards published by
NSCC.
Therefore, by providing Participants with public and readily
available access to the required network technology, or communications
technology or protocols, NSCC believes that the proposed change is
consistent with the requirements of Rule 17Ad-22(e)(23)(i)(ii) and
(iv), promulgated under the Act.\25\
---------------------------------------------------------------------------
\25\ Id.
---------------------------------------------------------------------------
(B) Clearing Agency's Statement on Burden on Competition
NSCC does not believe the proposed change to require Participants
to have, or to upgrade their network technology or communications
technology or protocols would have any impact, or impose any burden on
competition not necessary or appropriate in furtherance of the purposes
of the Act.\26\ Although the addition of the requirement to upgrade to
current network technology or communications technology or protocols
would be adding obligations on Participants with respect to how they
communicate with NSCC, such obligations would be reasonable because the
requirements to protect client and customer data would allow NSCC to
reduce both its and its Participant's exposure to interception or the
introduction of malware while communicating between the entities.
---------------------------------------------------------------------------
\26\ 15 U.S.C. 78q-1(b)(3)(I).
---------------------------------------------------------------------------
NSCC believes that the proposed change described herein is
necessary in furtherance of the purposes of Section 17A(b)(3)(F) of the
Act,\27\ and Rules 17Ad-22(e)(17), (e)(21), (e)(22), and (e)(23).\28\
The proposed changes to require Participants to upgrade their network
technology, and communications technology or protocols, will (i) allow
NSCC to protect it and its Participants and would promote the prompt
and accurate clearance and settlement of securities consistent with the
requirements of Section 17A(b)(3)(F) of the Act,\29\ (ii) identify
potential operational risks from the use of obsolete and insecure
network technology and communications technology or protocols
consistent with Rule 17Ad 22(e)(17)(i),\30\ (iii) through the
requirement of the use of current network technology and communications
technology or protocols, ensure that systems have a high degree of
security, resiliency, operational reliability, and adequate, scalable
capacity, consistent with Rule 17Ad 22(e)(17)(ii),\31\ and (iv) through
the use of requiring relevant
[[Page 32489]]
internationally accepted communication procedures and standards,
facilitate efficient payment, clearing, and settlement, consistent with
Rules 17Ad-22(e)(22).\32\
---------------------------------------------------------------------------
\27\ 15 U.S.C. 78q-1(b)(3)(F).
\28\ 17 CFR 240.17Ad-22(e)(1), (e)(17), (e)(21), (e)(22) and
(e)(23).
\29\ Id.
\30\ 17Ad 22(e)(17)(i).
\31\ 17Ad 22(e)(17)(ii).
\32\ Id.
---------------------------------------------------------------------------
NSCC believes that the proposed change described herein is
appropriate in furtherance of the Act because the NIST standards and
frameworks provides a common language and systematic methodology for
managing cybersecurity risk. The IETF, initially supported by the U.S.
Government,\33\ develops the internet and other technical standards
used in communications between devices, and together, these are two of
the leading providers of standards used by organizations to protect
data and interoperability. NSCC maintains policies to review current
risks and standards, incorporating input from industry, vendors, and
the U.S. Government to determine best practice guidelines and timelines
for security reviews.
---------------------------------------------------------------------------
\33\ <a href="https://www.internetsociety.org/internet/history-of-the-internet/ietf-internet-society/">https://www.internetsociety.org/internet/history-of-the-internet/ietf-internet-society/</a>.
---------------------------------------------------------------------------
Therefore, NSCC does not believe that the proposed changes would
impose any burden on competition that is not necessary or appropriate
in furtherance of the Act.\34\
---------------------------------------------------------------------------
\34\ 15 U.S.C. 78q-1(b)(3)(I).
---------------------------------------------------------------------------
(C) Clearing Agency's Statement on Comments on the Proposed Rule Change
Received From Members, Participants, or Others
NSCC has not received or solicited any written comments relating to
this proposal. If any written comments are received, they will be
publicly filed as an Exhibit 2 to this filing, as required by Form 19b-
4 and the General Instructions thereto.
Persons submitting comments are cautioned that, according to
Section IV (Solicitation of Comments) of the Exhibit 1A in the General
Instructions to Form 19b-4, the SEC does not edit personal identifying
information from comment submissions. Commenters should submit only
information that they wish to make available publicly, including their
name, email address, and any other identifying information.
All prospective commenters should follow the SEC's instructions on
how to submit comments, available at <a href="https://www.sec.gov/regulatory-actions/how-to-submit-comments">https://www.sec.gov/regulatory-actions/how-to-submit-comments</a>. General questions regarding the rule
filing process or logistical questions regarding this filing should be
directed to the Main Office of the SEC's Division of Trading and
Markets at <a href="/cdn-cgi/l/email-protection#94e0e6f5f0fdfaf3f5faf0f9f5e6fff1e0e7d4e7f1f7baf3fbe2"><span class="__cf_email__" data-cfemail="27535546434e49404649434a46554c4253546754424409404851">[email protected]</span></a> or 202-551-5777.
NSCC reserves the right not to respond to any comments received.
III. Date of Effectiveness of the Proposed Rule Change, and Timing for
Commission Action
Within 45 days of the date of publication of this notice in the
Federal Register or within such longer period up to 90 days (i) as the
Commission may designate if it finds such longer period to be
appropriate and publishes its reasons for so finding or (ii) as to
which the self-regulatory organization consents, the Commission will:
(A) By order approve or disapprove such proposed rule change, or
(B) institute proceedings to determine whether the proposed rule
change should be disapproved.
IV. Solicitation of Comments
Interested persons are invited to submit written data, views and
arguments concerning the foregoing, including whether the proposed rule
change is consistent with the Act. Comments may be submitted by any of
the following methods:
Electronic Comments
<bullet> Use the Commission's internet comment form (<a href="http://www.sec.gov/rules/sro.shtml">http://www.sec.gov/rules/sro.shtml</a>); or
<bullet> Send an email to <a href="/cdn-cgi/l/email-protection#7e0c0b121b531d1113131b100a0d3e0d1b1d50191108"><span class="__cf_email__" data-cfemail="b3c1c6dfd69ed0dcdeded6ddc7c0f3c0d6d09dd4dcc5">[email protected]</span></a>. Please include
File Number SR-NSCC-2022-004 on the subject line.
Paper Comments
<bullet> Send paper comments in triplicate to Secretary, Securities
and Exchange Commission, 100 F Street NE, Washington, DC 20549.
All submissions should refer to File Number SR-NSCC-2022-004. This file
number should be included on the subject line if email is used. To help
the Commission process and review your comments more efficiently,
please use only one method. The Commission will post all comments on
the Commission's internet website (<a href="http://www.sec.gov/rules/sro.shtml">http://www.sec.gov/rules/sro.shtml</a>).
Copies of the submission, all subsequent amendments, all written
statements with respect to the proposed rule change that are filed with
the Commission, and all written communications relating to the proposed
rule change between the Commission and any person, other than those
that may be withheld from the public in accordance with the provisions
of 5 U.S.C. 552, will be available for website viewing and printing in
the Commission's Public Reference Room, 100 F Street NE, Washington, DC
20549 on official business days between the hours of 10:00 a.m. and
3:00 p.m. Copies of the filing also will be available for inspection
and copying at the principal office of NSCC and on DTCC's website
(<a href="http://dtcc.com/legal/sec-rule-filings.aspx">http://dtcc.com/legal/sec-rule-filings.aspx</a>). All comments received
will be posted without change. Persons submitting comments are
cautioned that we do not redact or edit personal identifying
information from comment submissions. You should submit only
information that you wish to make available publicly. All submissions
should refer to File Number SR-NSCC-2022-004 and should be submitted on
or before June 21, 2022.
For the Commission, by the Division of Trading and Markets,
pursuant to delegated authority.\35\
---------------------------------------------------------------------------
\35\ 17 CFR 200.30-3(a)(12).
---------------------------------------------------------------------------
J. Matthew DeLesDernier,
Assistant Secretary.
[FR Doc. 2022-11535 Filed 5-27-22; 8:45 am]
BILLING CODE 8011-01-P
</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>Indexed from Federal Register on May 31, 2022.
This is legal information, not legal advice. Laws vary by jurisdiction and change frequently. Always verify current law with official sources and consult a licensed attorney in your jurisdiction for advice on your specific situation.