SEC gets Year 2000 warning

In reporting to Congress on the Year 2000 problem, the Securities and Exchange Commission has failed to single out the computer systems that may be critical to the continued functioning of U.S. stock markets in the next millennium, according to a General Accounting Office report released this month.

The systems, maintained by stock markets and the securities industry, are important because they supply the agency with crucial data the SEC uses to assess financial markets and to determine policy.

The GAO report, prepared for Rep. John Dingell (D-Mich.) of the House Commerce Committee, also recommended that the SEC report more often to Congress on Year 2000 issues. The agency's last report to Congress was in June 1997; the next report is expected this summer.

"[The] SEC's [June 1997] report identified the number of internal systems [the] SEC considered critical to its operations, but [it] did not provide similar information on market participants' systems considered critical to the continued functioning of the U.S. securities markets," the GAO report stated. "[The] SEC's June 1997 report also did not indicate time frames that market participants are following for completing the various phases necessary to address the Year 2000 problem."

Agency officials have estimated the cost of fixing the SEC's internal Year 2000 problem at $4.5 million. Billions more dollars for Year 2000 are expected to be spent by organizations that the SEC regulates, including publicly traded companies, brokers and stock markets. Each year, those organizations pass along millions of bits of electronic information to SEC systems.

David Copenhafer, Year 2000 project manager for the SEC, said the agency already is well-prepared to weed through non-Year 2000-compliant data. He said the agency's central system for receiving electronic filings from public companies is already Year 2000-compliant. The system, Electronic Data Gathering, Analysis and Retrieval (EDGAR), accepts only documents with "headers" in which dates are written with four-digit years, such as "1998" instead of "98," he said. Filers are notified within a matter of minutes if they have submitted non-Year 2000-compliant information.

But other entities besides public companies submit information to the SEC. The stock exchanges on which public companies are traded use systems besides EDGAR to submit daily information, such as trading volume, to the SEC. Copenhafer said his agency is working with the exchanges to make sure that the information shared with the SEC is Year 2000-compliant.

But even if the systems submitting the information are Year 2000-compliant, the information could be corrupt. The daily information submitted by the exchanges is compiled from data that comes from myriad other institutions and companies, and that data may come from systems that are not compliant, according to Copenhafer. However, he downplayed the notion that Year 2000-compliant data in SEC systems could be corrupted by data from non-Year 2000-compliant systems much in the way that a computer virus can spread throughout a system. "That's not really the case," he said.

But Congress remains concerned about corruption of data that is already Year 2000-compliant. "That is a concern, too, and that's one of the issues that has been and will continue to be addressed," said one staff member at the House Commerce Committee.

"I agree with GAO's recommendations, and I respectfully request that you implement them and report in June on your progress in doing so," Dingell wrote this month in a letter to SEC chairman Arthur Levitt.

"This is a matter of highest priority. To function properly, the U.S. securities industry and capital markets require timely and accurate flows of electronic information within vast networks of computerized systems. These systems are vulnerable to serious errors or malfunctions as a result of the impending date turnover."

Dingell's letter comes only days after federal Year 2000 czar John Koskinen said he may seek legislation that would give agencies a stronger arm in overseeing the millennium bug among their constituents and third-party service contractors, such as insurance companies and financial institutions [FCW, March 16]. Copenhafer said the SEC has no plans to seek such special legislation.