Exchange Act Form 10-K

OMB Control No: 3235-0063	ICR Reference No: 202507-3235-019
Status: Received in OIRA	Previous ICR Reference No: 202312-3235-012
Agency/Subagency: SEC	Agency Tracking No: CF
Title: Exchange Act Form 10-K
Type of Information Collection: Revision of a currently approved collection	Common Form ICR:  No
Type of Review Request: Regular	Date Submitted to OIRA: 08/01/2025

	Requested	Previously Approved
Expiration Date	36 Months From Approved	12/31/2026
Responses	8,292	8,292
Time Burden (Hours)	14,051,001	13,988,811
Cost Burden (Dollars)	1,848,032,519	1,835,594,519

---

Abstract: Form 10-K is filed by issuers of securities to satisfy their annual report obligations pursuant to Sections 13 and 15(d) of the Exchange Act.

---

Authorizing Statute(s): US Code: 15 USC 77g, 77s(a) Name of Law: Securities Act of 1933    US Code: 15 USC 78c(b), 78l, 78m, 78o, 78w(a) Name of Law: Securities Exchange Act of 1934

Citations for New Statutory Requirements: None

---

Associated Rulemaking Information
RIN:	Stage of Rulemaking:	Federal Register Citation:	Date:
3235-AM89	Final or interim final rulemaking	88 FR 51896	08/04/2023

---

Federal Register Notices & Comments

Did the Agency receive public comments on this ICR? No

---

Number of Information Collection (IC) in this ICR: 1

IC Title Form No. Form Name Exchange Act Form 10-K SEC 1673 Form 10-K

---

ICR Summary of Burden

	Total Request	Previously Approved	Change Due to New Statute	Change Due to Agency Discretion	Change Due to Adjustment in Estimate	Change Due to Potential Violation of the PRA
Annual Number of Responses	8,292	8,292	0	0	0	0
Annual Time Burden (Hours)	14,051,001	13,988,811	0	62,190	0	0
Annual Cost Burden (Dollars)	1,848,032,519	1,835,594,519	0	12,438,000	0	0

Burden increases because of Program Change due to Agency Discretion: Yes

Burden Increase Due to: Changing Regulations

Burden decreases because of Program Change due to Agency Discretion: No

Burden Reduction Due to:

Short Statement: The final rules require annual disclosure of a registrant’s processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats, as well as description of whether any risks from cybersecurity threats, including as a result of previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the registrant. The final rules also require a description of the board of directors’ oversight of risks from cybersecurity threats, and a description of management’s role in assessing and managing the registrant’s material risks from cybersecurity threats. The Commission estimates that the final rules will result in an increase in the paperwork burden of affected entities. For purposes of the PRA, the Commission estimates that for Form 10-K the final rules will result in an increase of 62,190 burden hours and $12,438,000 for the services of outside professionals.

---

Annual Cost to Federal Government: $131,724,880

Does this IC contain surveys, censuses, or employ statistical methods? No

Does this ICR request any personally identifiable information (see OMB Circular No. A-130 for an explanation of this term)? Please consult with your agency's privacy program when making this determination.     Yes

Does this ICR include a form that requires a Privacy Act Statement (see 5 U.S.C. §552a(e)(3))? Please consult with your agency's privacy program when making this determination.     No

Is this ICR related to the Affordable Care Act [Pub. L. 111-148 & 111-152]? No

Is this ICR related to the Dodd-Frank Wall Street Reform and Consumer Protection Act, [Pub. L. 111-203]? No

Is this ICR related to the American Recovery and Reinvestment Act of 2009 (ARRA)? No

Is this ICR related to the Pandemic Response? No

Agency Contact: Nabeel Cheema 202 551-3430 cheeman@sec.gov

---

Common Form ICR:  No

---

On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
		(a) It is necessary for the proper performance of agency functions;
		(b) It avoids unnecessary duplication;
		(c) It reduces burden on small entities;
		(d) It uses plain, coherent, and unambiguous language that is understandable to respondents;
		(e) Its implementation will be consistent and compatible with current reporting and recordkeeping practices;
		(f) It indicates the retention periods for recordkeeping requirements;
		(g) It informs respondents of the information called for under 5 CFR 1320.8 (b)(3) about:
			(i) Why the information is being collected;
			(ii) Use of information;
			(iii) Burden estimate;
			(iv) Nature of response (voluntary, required for a benefit, or mandatory);
			(v) Nature and extent of confidentiality; and
			(vi) Need to display currently valid OMB control number;
		(h) It was developed by an office that has planned and allocated resources for the efficient and effective management and use of the information to be collected.
		(i) It uses effective and efficient statistical survey methodology (if applicable); and
		(j) It makes appropriate use of information technology.
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
Certification Date: 08/01/2025

---