The SEC recently adopted a new rule related to Cybersecurity disclosure.
Their release reported that the enforcement dates would rely on the rule’s publication in the Federal Register. Upon recent publication on August 4th, the enforcement dates are now set and Firms should continue to prepare.
- The Final Rules are effective September 5th, 2023.
- Item 106 of Regulation S-K and Item 16K of Form 20-F must be provided with annual reports for fiscal years ending on or after December 15th, 2023.
- For incident disclosure requirements in Item 1.05 of Form 8-K and Form 6-K, all registrants not considered “smaller reporting companies” must be compliant by December 18th, 2023.
- Smaller reporting companies must be compliant by June 15th, 2024.
- All registrants must tag disclosures required under the final rules in Inline XBRL beginning one year after the initial compliance date for any issuer for the related disclosure requirement.
- For Item 106 and Item 16K, responsive disclosures in Inline XBRL for fiscal years on or after December 15th, 2024.
- For Item 1.05, responsive disclosures in Inline XBRL for fiscal years on or after December 18th, 2024.
As always, Vigilant is prepared to provide compliance support in response to this new rule adoption.
With compliance dates slightly over four months away, it is vital that Firms take the necessary steps to amend their procedures.
For any required assistance you may have with preparing these disclosures, please reach out to us directly.