SEC Withdraws 14 Proposed Rules - Industry Welcomes Strategic Reset

In a sweeping regulatory shift, the Securities and Exchange Commission (SEC) withdrew 14 proposed rules on June 12, 2025, marking a significant realignment of the agency’s priorities. The withdrawn proposals spanned cybersecurity, ESG disclosures, predictive analytics, outsourcing, and shareholder proposal reform, many of which had drawn strong pushback from industry participants over the past two years.

The decision to withdraw the rules comes shortly after the appointment of SEC Chair Paul Atkins, who has emphasized a more measured, principles-based approach to rulemaking. Many interpret this move as a deliberate “spring cleaning” of the regulatory slate to allow for fresh consideration of policy priorities.

What Was Withdrawn?

Among the key proposals withdrawn were:

• Custody Rule overhaul (Safeguarding Advisory Client Assets)
• Predictive Data Analytics Conflicts Rule
• Cybersecurity Risk Management Rules (for advisers and broker-dealers)
• Outsourcing by Investment Advisers
• ESG Disclosure Enhancements
• Regulation Best Execution and Order Competition Rules
• Shareholder Proposal Resubmission Limits

Industry Reaction: Cautious Relief and Refocused Attention

The response from financial firms, trade associations, and compliance professionals has been broadly supportive:

• RIAs and private fund advisers have welcomed the opportunity to shift focus back to maintaining and enhancing existing compliance programs, particularly in light of the operational burden these rules would have imposed.
• Several compliance officers have noted that this regulatory shift allows firms to conduct a thoughtful review or "spring cleaning “of current policies and procedures, reinforcing what works while staying agile for future requirements.
• Many are now preparing for what’s ahead: rules still in development, such as those tied to the FinCEN AML rule, Reg S-P amendments, and digital asset frameworks, remain very much in play.

Rational Rulemaking Ahead

Chair Atkins’ move is widely seen as a strategic clearing of the deck, removing unfinalized proposals in order to apply a more “rational approach” to future rulemaking. It also signals an increased openness to industry engagement in shaping practical, principles-based regulatory frameworks.

What Should Firms Still Be Doing?

Despite the withdrawals, we, like many other in the industry, continue to recommend adopting and implementing core best practices that were at the heart of several proposals:

• Cybersecurity programs with documented risk assessments, incident response planning, and employee training.
• Third-party oversight, including due diligence and monitoring of outsourced service providers.
• Governance practices that support transparency and risk mitigation.

While the SEC’s withdrawal of these 14 proposals represents a dramatic regulatory shift, it’s not a signal to pause compliance vigilance. Firms would be well-served to use this time to reinforce their existing programs, monitor developments from FinCEN and other agencies, and be prepared to comment constructively on any re-proposals that emerge.