I know were out of time but could you address the question with you would take a fresh look in terms of fbi regulations about other parts of market coverage . Thank you for your letter which i read last night and i agree with you that we need to look at those other important venues in our equity market system to see if they should be reporting on the same basis and as you raised in your letter, whether the public has enough information about which entities are subject . Important we get the information out because responsible entities can vote and move to areas that have this minimum protection in place. Rounds. Good morning. Some of my colleagues have raised the issue of cyberattack, the Electronic System filing corporate disclosures. This incident occurred before your nomination and confirmation but i would like to hear your thoughts on what this incident might suggest about broader posture regarding cybersecurity. It is difficult for any one agency to protect against these intrusions and the level of expertise necessary would help a number of different agencies and departments. The attack that took place, do you feel you have adequate resources to protect yourself in the future and does there need to be more crosscutting interagency effort to prevent these serious intrusions in the future . This is an area, data point to describe to people. Other people in my position or similar positions and other agencies feel the same way i do, this is a risk to our agencies, more resources going forward, private actors and Capital Markets devote Information Technology and cybersecurity as part of that. Single actors dwarf the amount we have available to spend in this area. We are a bit out of step. If you take a look, the system that will remain in place, it has been modified, customized, a little more vulnerable than other large systems that basically have a number of patches, in agencies hands. Another system coming on board, the cad system, comprehensive audit trail, compatible or operational at the same time. A huge amount of information at some location, investors, personal information and so forth, on the system itself, to say time out to make darn sure the new systems coming on board, and time to have second or third opinions, to protect this valuable data, if you were patches, the thoughts in the process implementing the system in the future. Two responses. It has been clear to me we dont want to be taking data from the s we need it and protect it. With respect to whether it is a timeout i dont think a fulltime out on the cat makes sense, that already exists. Whether we need that data it can rank that data, doing not 01 off, nope unintended, we should be doing the Critical Thinking you are asking me to do and how we bring it online and how we sequence what we do. Do we have the resources in process today . That vetting process is a prerequisite. It is time determine at a. I understand certain Federal Reserve capital regulations may be inadvertently causing liquidity concerns that the sec regulates, the securities and Exchange Commission with interested parties on a solution to make this a priority. Liquidity and options, in the listed option. Not just important for the martin all our markets so yes, theres a liquidity issue, it can affect cash equities markets. An important issue. Thank you, sir. Thank you for being here. In one of your first speeches you noted there has been, quote, the total number of us listed Public Companies over the last two decades and you said this decline was, quote, a serious issue for the markets in the country and wanted to to encourage more companies to go public so ordinary investors, 401 k as you called them could get opportunities to invest in emerging companies, you used this rationale for arguing we should review or reduce the disclosure burdens on Public Companies. I want to understand your thinking on this, you compare the number of companies today with the number of companies in 1996, 1997 for your comparison point, the height of the dot. Com boom and there was a sharp increase in the number of Companies Leading to the 1997 years and a lot of those companies failed over the next few years leaving mister and mrs. 401 k losing a lot of money. In 199697 is your target years for comparison, those were the ideal Market Conditions for ordinary investors. I am happy to pick any period over a 5 to 7 year period. You wont come up with the same conclusion. The trend has been i dont think so, lets talk about the trend. To recreate the bubble that wiped out billions of dollars of investor value 20 years ago. Lets look at the trends since the dot. Com bubble popped, there has been a slight decline in the number of Public Companies since then. Most evidence shows that is primarily, mergers, and acquisitions, and soon give a speech supporting stronger trust out lets look at the ipos since that is your focus. You want to get more investors involved in emerging companies, more Companies Going public. In 1996, the peak of the dot. Com bubble, 624 ipos with total of 36 billion. And half of that number, the average volume was higher, and ipo raise 96 billion, nearly triple the total debt volume in 1996, people are investing more money in ipos than i did at the height of the dot. Com boom. If your primary focus is on investors, not on the bankers and those who make money on these ipos, why do you care if there are fewer ipos so long as ipos overall are attracting investor dollars. The growth curve, i believe those ipos used to happen here and if you invest in a portfolio of companies down here, as they go up the growth curve, you as a Retail Investor better off than getting on up here where companies mature and not growing as much. That is your point of view but have you looked at the data on this, fewer but bigger ipos is better for investors. The Ipo Companies have more revenue, they tend to perform better in the long run, more ipos and more failures which looks to me like a positive outcome on his 401 k . Different people have different perspectives on this. It is a concern to me on that growth curve, private money and those investors have done very well and in many cases relatively much better what the data shows us is the ipos now are performing better for investors and less likely to wipe investors out. Let me state my concern, you are using the decline to argue there is something wrong in the market and rules and regulations making a too hard for companies to go public but the data show investors putting more money into ipos now than ever before and those Ipo Companies are doing better for investors because they are more stable before they come to market. The disclosure and Registration Requirements may make life a whole lot more profitable for a handful of bankers and corporate attorneys who want more ipos in the system but there is no evidence it will make life better for investors. It is investors, not bankers and lawyers, you are supposed to be watching out for at the sec. Thank you, mister chairman. Commissioner, for being here. You say materiality is the core of the system of disclosure. Companies should disclose more. I agree. I want to talk about the risk of Climate Change and Severe Weather. In the last 35 years the average number of inflationadjusted, 1 billion Severe Weather events was 5. 5 per year. In the last 5 years it has doubled. I know in 2010 the sec provided some guidance about Climate Disclosure but not much additionally has happened. I want you to talk about how you view Climate Change and materiality, it is becoming increasingly clear we cannot ignore these Severe Weather events and the impact they have on publicly traded companies. I do believe, there are a number of industries where if there are patterns, changes in weather events in this type of thing, those developments do have impacts on companies that should be disclosed. Weather events, recurrence of them, are we experiencing increased losses, trends and increased loss, something investors should know about. Regulatory responses to those events, regulatory responses to those events going to affect the companies, those companies should discuss them. I believe it. Do you think the sec is doing enough to require this disclosure . We have issued guidance around this. We have guidance in a number of areas. I cant say every day but on a fairly regular basis discuss with the division of Corporation Finance whether our guidance in this area or the cybersecurity area or other areas should be updated or otherwise changed. I understand your in conversation, with your current thinking about this. My current thinking is guidance is good but we should continue to look at it. I agree with you there are industries that need to pay close attention to these trendss. Let me give you a specific example, valero energys 10k filing for 2016 state some scientists have concluded the increasing concentrations of Greenhouse Gas emissions in the atmosphere may produce Climate Change with a significant physical effect like increase frequency and severity of storms and floods and other climate events. If any such effects were to occur it is uncertain if they would have an adverse effect on our Financial Condition and operations. At the end of august 2017, Hurricane Harvey, one of the strongest atlantic storms in history, shuttered 20 of the Oil Refinery Industry including five refineries owned by bolero. They usually produce 1. 1 Million Barrels a day which is a third of the total capacity. The week after the hurricane boleros refineries were not back online. Doesnt seem Hurricane Harvey had a material adverse effect on boleros Financial Condition . I dont know the numbers but it would not surprise me an event of that type would have an adverse affect on a companys Financial Condition. Do you think that the sec is doing enough to require disclosure from some of these companies . It seems to me part of the problem is politics, people dont want, not for you but these companies, they dont want to way into something that is the subject of some controversy. The other problem is institutionally the sec measures risks that can be measured, customarily measured and this is a relatively new risk scientists are essentially stipulating to and the system in the sec and elsewhere in the Financial Services industry everywhere is not equipped to evaluate this, what we do is book it at 0. We assume it doesnt exist because it is difficult to assess. When you assess political risk, regulatory risk, other risks that may be material you have a way to get at that but climate risk in a financial context is new. I would just ask, 2010 is a long time ago when it comes to our thinking about climate. A long time ago when it comes to the fiscal impact of republican, private sector, when it comes to Severe Weather. I dont think the 2000 and guidance suffices and i encourage you to maintain an open mind in this space and devote staff time to articulating how we are going to quantify the adverse impacts of Climate Change on the industry. I will, thank you. Good morning, mister clayton, thank you for being here. I have a concern about the fact the sec staff today do not have to abide by the same stringent security protocols uses of the cash database are required to abide by. The gao has identified a few weaknesses related to the sec cybersecurity protocol. Can you give us an update how you are addressing those concerns . Also the other safeguards around the nms plan as well. I want to make this clear. With respect to the cat, we are not going to take the data unless we needed and with respect to your specific question about whether our security protocols for individuals are not as stringent as they should be i dont have an answer to that right now. Do you agree with that conclusion . You are new on the job. They should be. Do you have a position yet . Do you know whether they are, the gaos conclusion . I dont have a position on that now but i think we should be mindful of any guidance. You are working on it today and will you come back to this committee on it when you get more information . Yes. The same concern, under the jobs act companies and revenues hundred Million Dollars file ipo in secondary officers, they would not be related to the public until 15 days, under your leadership this has been extended to companies of all sizes. Can you describe advantages over confidential filing how to improve our more complicated ipo process . The confidential filing process greatly aids companies when they are transitioning to Public Companies. We Want Companies to transition to Public Companies, they are better companies. When they have public of the Financial Statements when you go through the process of sec disclosure they become better companies. Letting the world see all of your financials and strategies and risks long before you go public causes some companies to pull back from that. I am very comfortable, it is a great idea that we allow companies to confidentially submit that information so it can be reviewed the we can comment and tell them where they need to improve and with plenty of time for investors to assess that information make it public before the ipo. It is a smart move that does not listen Investor Protection and increases the number of opportunities investors have. One last question. The conflict minerals rule, can you give us an update how you are looking at that . There was a Court Determination that part of the rule was an issue with it, the rules on the books issued no action guidance in how to comply, we are reviewing the rule, the no action guidance in light of the court case. That is where it stands. Thank you, mister chairman. Senator van holland. Thank you for your testimony. I want to pick up on the questions senator brown asked about materiality. You indicated you are the triggering event for disclosure was a Material Change in circumstances of the company. Generally. You dont want to get into the equifax situation but you would agree not talking about any company, if in fact there was a Material Change it would be wrong pause for executives of that company to then knowingly trade stock before they made any disclosure. Yes. I want to get to what materiality means. I dont believe the sec has definition in the context of cybersecurity. The general definition of materiality does apply in the cyber context. I dont mean the concept doesnt apply but there is no standard definition how to apply the concept of materiality to a cyberbreach. The sec doesnt say cyberbreach would result in disclosure of x amount of information about customers leading to a significant change, the sec doesnt have that. Disclosure of this many people, we dont have that. You know it when you see it, is that the idea . Does the sec bring these materiality cases for failure violation of disclosure . We do. Let me ask you, if you agree it is wrong for people to knowingly trade on information that had not been disclosed, would you agree once a company has decided something is material, that their executives should not be trading that start . Between the time it is material and the time they filed a disclosure to the public in a four day period . I will be very what you are asking is a control issue. Should there be a control in place to assure when a decision is made at a company there has been a material event and there will be disclosure, the company has in place a control to prevent that is what i am suggesting. It is a very good question and a fair question. Whether that is an area with insidertrading or control failure is something. It seems to me there should be a presumption that once the company decided theres a Material Change and before they disclose that to the public there should be a rule that executives dont trade that stock. Does that make sense in terms of protecting the markets . I dont want to comment on a specific company. Those companies have insidertrading policies was having a thoughtful insidertrading policy controlling the suggestion is an important part of corporate hygiene. On the house side, we are working on it but there is a whole question about when you determine materiality. We are talking about that. It seems like a nobrainer that once the company has determined there has been a Material Change and before they notify the public which they have more ways to do, you would require them not to sell stock. Why isnt that obvious . I like the concept. When i was in the private sector i put the concept in insidertrading policies, general counsel would be somebody executives had to clear all trades with, those are the so there is a study done in september 2015 by harvard law school, joshua minutes and others have done studies that showed what they called the 8k trading gap, executives have made money during this four day period, whatever time he lapses between a decision on Material Change that has been made and disclosure. Do you agree it is wrong for executives to make money during that period based on information about materiality . Shouldnt there be a general rule that once the