19 November 201911 minute read

SEC issues FY2019 enforcement report – highlights and key takeaways

The Division of Enforcement (Division) of the Securities and Exchange Commission (SEC or Commission) published its fiscal year 2019 (FY2019) enforcement report (the Report) on November 6, 2019.  As in previous years, the Report addresses the matters that touch on the Division's five core guiding principles: (1) focusing on retail investors; (2) focusing on individual accountability; (3) keeping up with technological change; (4) imposing remedies that best further enforcement goals; and (5) constantly assessing resource allocation.  The Division also continued to focus resources on two key priority areas in FY2019: (1) retail investor protection and (2) combating cyberthreats.  Report highlights and our key takeaways follow.

The numbers − briefly

In FY2019, the SEC brought 862 enforcement actions, the highest level since 2016.  Through these actions, the SEC obtained judgments and orders totaling more than $1.1 billion in penalties and $3.2 billion in disgorgement, with $1.2 billion returned to harmed investors.  While the amount of penalties was among the lowest in the last five years, disgorgement and money returned to investors was the highest level for the same period.  The increase is due largely to settlement of Ponzi allegations filed against a Florida-based investment company.

As in FY2018, the majority of the SEC's 526 standalone cases in FY2019 concerned investment advisory and investment company issues (36 percent of cases, up from 22 percent last year), followed by securities offerings (21 percent, down slightly from 25 percent last year), and issuer reporting/accounting and auditing (17 percent, compared to 16 percent last year).  Actions against broker-dealers accounted for just 7 percent compared to 13 percent last year; SEC broker-dealer actions have declined as the Commission continues its focus on investment advisers in light of FINRA's mandate to enforce the securities laws and its rules regarding broker-dealers.  Other areas included insider trading (6 percent compared to 10 percent last year), market manipulation (6 percent), Foreign Corrupt Practices Act (3 percent), and public finance (3 percent).

The Division's FY2019 initiatives and areas of focus

Retail – or Main Street – investors

The Division continued to view protection of retail investors, who are often particularly vulnerable to the conduct of bad actors, as a top priority in FY2019.  One particular area of focus was misconduct that occurred in the interactions between investment professionals and retail investors.

The Report highlighted the successes of the Division's Share Class Selection Disclosure Initiative, which it launched in February 2018.  Under the Initiative, 95 investment advisory firms self-reported failures to disclose conflicts associated with the selection of fee-paying mutual fund share classes when a lower- or no-cost share class of the same mutual fund was available.  The Division agreed to recommend standardized settlement terms, and the majority of the actions were brought in March or September 2019.  Over $135 million was returned to affected mutual fund investors, the vast majority of whom were retail investors.

The Division also noted that its Retail Strategy Task Force has undertaken a number of lead-generating initiatives – often using data analytics – and stated that these initiatives have led to swift enforcement actions.  The Task Force's work with the Teachers' Initiative and the Military Service Members' Initiative − which focus enforcement and investor education resources on investment fraud issues impacting teachers, veterans, and active duty military personnel −was also highlighted.

Individual accountability

Holding individuals accountable is a "central pillar" in the Division's program because it allows the Commission to achieve multiple goals: specific and general deterrence, and, where injunctive and other non-monetary remedies are imposed, protection of markets and investors from future misconduct by those same bad actors.  The Report highlights four cases in which directors and officers were charged with securities law violations.  In each of those cases, the company was also charged.

Cyber-related misconduct

In FY2019, members of the Cyber Unit and other Division staff investigated and recommended to the Commission numerous cases involving initial coin offerings (ICOs) and digital assets, and cybersecurity threats to public companies and regulated entities.

According to the Report, the Division's digital asset activities have "matured and expanded."  The Commission filed its first charges for unlawful promotion of ICOs in FY2019 and settled an action against a digital asset trading platform for operating as an unregistered national securities exchange.  The Report also noted that the SEC reached settlements with three issuers of digital assets; the settlements included tailored undertakings providing a path to compliance with registration requirements and rescission for investors.  The Commission's first litigated action against a digital asset issuer solely for violating registration provisions is pending.  These actions are intended to reiterate a clear message that, regardless of labeling, if a product is a security, then issuers, promoters, and transaction platforms must comply with the federal securities laws.

The Commission also brought actions against regulated entities for violations of Regulation Systems Compliance and Integrity.  Regulation SCI is designed to monitor the security and capabilities of the technological infrastructure of the US securities markets.

While the Commission did not bring any enforcement actions against issuers or other market participants related to "business email compromises" in FY2019, the Commission issued a Report of Investigation regarding the risks associated with cyber-related threats of spoofed or manipulated electronic communications and mandated that such risks should be considered when devising and maintaining a system of internal accounting controls.  See DLA Piper's prior alert on the report. In issuing the report, the Commission seemingly put issuers and other market participants on notice that it may pursue actions in the future against those who fail to appropriately consider the risk of cyber intrusions in designing their controls.

Detecting, remedying, and punishing misconduct by issuers and financial institutions

The Report highlighted a number of cases against issuers to demonstrate the focus of Division and the Commission on financial statement integrity, the accuracy of issuer disclosures, and the willingness to punish significant corporate wrongdoing.  The cases noted had penalties ranging from $16 million to $100 million, although, in one case, no monetary penalty was imposed due to the issuer’s extensive cooperation, including self-reporting and remediation.

With respect to financial institutions and intermediaries, the Division cited its charges against certain large financial institutions for conduct that undermined market integrity in connection with the pre-release of American Depository Receipts (ADRs).  The Commission alleged that the ADRs were improperly provided to brokers in thousands of pre-release transactions when neither the broker nor its customers had possession of the foreign shares needed to support the newly issued ADRs, thereby artificially inflating the total number of a foreign issuer’s tradeable securities.  Over the last two fiscal years, the Commission has brought actions against 13 firms and 4 individuals concerning these practices.

Finally, the critical role of gatekeepers continues to be a focus.  The Division noted two significant cases against auditors and audit firms as well as an investigation that led to settled actions against both the issuer and the senior auditors on the engagement.

In addition, the Division touted its growing "complex analytic tools and capabilities," including proprietary technology that allows staff to analyze large quantities of trading and communications data and identify suspicious activity.  For example, in one highlighted case involving an alleged hack into the SEC's EDGAR system to obtain non-public data, the Division notes that it brought charges based on a statistical analysis as to the odds of making certain trades, which was then combined with an analysis of IP addresses involved in various communications.

Continuing areas of focus

The Division continues to coordinate with law enforcement where civil sanctions may be inadequate to deter certain types of violations, particularly those cases involving recidivists, microcap fraudsters, insider traders, Ponzi schemers, and others who act with a high degree of scienter.  The Report notes that in more than 400 SEC investigations, law enforcement offices and other regulators requested and obtained access to materials in SEC investigative files.

The Division also has focused on accelerating the pace of investigations because it views cases as having the greatest impact when they are filed close in time to the conduct.  In FY2019, it took about 24 months on average after a case was opened for an enforcement action to be filed, a slight improvement over prior years. Financial fraud and issuer disclosure cases took longer (37 months), and the Division is taking steps (not specified) to improve that metric.  A respondent's extensive cooperation of course improves the speed.  The Report notes that the Division recognizes the value in providing greater transparency into how the Commission considers and weighs cooperation credit and to that end has included such information in public orders.  The Division anticipates that the Commission will continue to do so going forward, indicating a willingness to reward cooperation where appropriate.

The Report also notes the great success of the whistleblower program; since its 2011 inception, the Commission has ordered more than $2 billion in financial remedies as a result of whistleblower cases and awarded those whistleblowers about $387 million.  In FY2019, the SEC received thousands of whistleblower tips and a record number of whistleblower claims.  The Report notes that the Division is working to streamline and substantially accelerate the evaluation of claims for whistleblower awards and expects that these improvements will lead to an even greater number of whistleblower claims in the coming year.

Continuing impact of the Kokesh decision

In Kokesh v. Securities and Exchange Commission, the Supreme Court concluded that the longstanding disgorgement remedy of the SEC was a penalty subject to the five-year statute of limitations under 28 U.S.C. §2462, as covered in a previous DLA Piper client alert.  The Division estimated that the Kokesh ruling has prohibited the Commission from seeking approximately $1.1 billion in disgorgement, although the Report does not state whether that applies to just FY2019 or the sum total of disgorgement the Commission has forgone since Kokesh was decided in June 2017.

The Division also notes that Kokesh has forced it to allocate its resources to cases which hold the most promise for returning funds to investors.  In light of this, it seems likely that the Division will continue to push those under investigation to come to resolution quickly in order to obtain the maximum disgorgement allowable under Kokesh.

Looking forward to FY2020

In addition to the Division's usual investigations related to insider trading, regulated entity and associated person misconduct, FCPA violations, and financial statement issues, we expect that FY2020 will include the following developments:

Kokesh, or more broadly disgorgement, will continue to impact the Division:  With the Supreme Court’s grant of certiorari in Liu v. SEC (see DLA Piper's client alert on the topic here), the Division faces continued uncertainty regarding whether disgorgement is a viable remedy in District Court actions.  Even in administrative actions where disgorgement is expressly permitted by statute, we anticipate that those subject to disgorgement claims will continue to push for limits on disgorgement based on more precise measures of the actual amount of ill-gotten gains as opposed to broad brush estimates that have often been the norm.

Protection of retail investors will remain a prime Division objective:  We anticipate that the Division will continue to devote significant resources to protecting retail investors.  The Division will continue to focus on undisclosed conflicts of interest, inadequately disclosed or improperly charged fees, protection of the personal information of investors, and Ponzi schemes among the many areas where retail investors are at risk.

Broker-dealers, investment advisers and public companies will face increased Division scrutiny of their compliance with laws and regulations designed to protect against cyber-threats:  In addition to the Division's Report of Investigation on cyber-related frauds against public companies, FY2019 saw two alerts from the Office of Compliance, Inspections and Examinations related to potential cyber-threats and related regulatory requirements for broker-dealers and investment advisers.  We anticipate that the Division will pursue enforcement actions against entities who have not paid attention to these messages.

The Division will continue to expand its use of technological tools to respond rapidly to potential securities law violations: FY2019 saw the Division's use of technological tools to respond rapidly to potential insider trading leading to the initiation of enforcement actions in a matter of months rather than a matter of years.  We anticipate that the Division's use of these tools will continue to expand in FY2020 in cases involving potential insider trading and market manipulation.

The Division will bring more cases: With the agency's hiring freeze lifted (see p. 22 of the Report), the Division has been able to hire more staff. With more staff, we expect more cases.

To find out more regarding the Division's likely priorities in FY2020 or the matters highlighted within the report, contact any of the authors.

Print