In 2018, the Securities and Exchange Commission’s enforcement program, according to the two directors of the Division of Enforcement, was “a great success” based on the metrics that the Division feels should be used to measure its performance. The Division eschews quantitative performance metrics, such as the number of enforcement actions filed or penalties assessed. Even so, the quantity of cases filed in FY2018 rebounded from FY2017 and approached historic numbers. Controlling for certain types of cases that skew the numbers, the SEC filed 490 so-called “stand alone” actions in FY2018, compared to 446, 464, and 449 for the prior fiscal years. The total amount of disgorgement and penalties also rebounded in FY 2018 to approximately $3.95 billion, an increase of approximately $150 million from FY2017, but a decrease from FY2015 ($4.2 billion) and FY2016 ($4.08 billion).
Whether the Enforcement Division can continue its upward trajectory in 2019 remains in doubt. At the time the Division published its 2018 annual report late last year, the staff likely did not anticipate that a federal budget impasse would cause most of them to be furloughed for more than a month in 2019. Investigations and enforcement litigation ground to a halt during the shutdown and, as a result, the Division will likely bring fewer cases and collect fewer penalties than it did prior years.
The Shift from Broken Windows to Protecting Main Street Investors
Despite an anticipated lower number of cases, the SEC’s areas of concern and focus for 2019 and beyond are clear from the types of cases filed in 2018. Indeed, judging from the number of cases the SEC brought in 2018, the Commission has no reluctance to aggressively pursue enforcement matters. Early in his tenure as SEC Chairman, Jay Clayton announced as a priority the protection of the interests of Main Street or retail investors, and the Enforcement Division’s cases reflect this priority. To this end, the Enforcement Division created the Retail Strategy Strike Force that specifically focused on issues affecting retail investors, such as disclosures concerning fees and expenses charged by investment advisers and undisclosed conflicts of interest. Some commentators have noted that this appears to be a shift away from Chairman Clayton’s predecessor’s focus on a so-called “broken windows” approach pursuant to which the SEC pursued non-fraud and often smaller violations with the hope of improving overall compliance culture. The ultimate impact of such a shift in philosophy—if indeed it is a real shift—will mostly be reflected on the margins; the core SEC enforcement program looks very similar regardless of who is at the helm.
Equally important to the Enforcement Division’s protection of Main Street investors was its focus on cyber-related misconduct, a relatively new enforcement area for the SEC. Cyber enforcement actions in 2018 involved not only fraudulent or unregistered initial coin offerings but also actions against public companies for failing to disclose the risk of cyber-attacks. The Division created another strike force—the Cyber Unit and Microcap Fraud Task Force—which contributed to the 20 standalone cyber cases filed in FY2018 and to the 225 investigations that are reportedly pending within the Division.
Investment Adviser Actions
In keeping with the theme of protecting “Main Street” investors, the SEC has remained vigilant in the investment adviser space. Indeed, fully 22 percent of the SEC’s enforcement cases last year involved investment advisory issues. Most of those cases followed a similar pattern as prior years.
- In December, the SEC settled matters with several different advisers for variations on a similar and by now familiar theme: allocation of certain fees and expenses in a manner that the SEC alleged was inconsistent with prior representations to investors;
- In July and August, the SEC settled two unrelated matters alleging failures to disclose conflicts of interest between the adviser and the fund investors; and
- The SEC brought a number of cases alleging misrepresentations and fraud in connection with a variety of topics including performance, valuation, and asset ownership issues.
Of particular note, in 2018 the SEC launched the Share Class Selection Disclosure Initiative, a voluntary program for advisers to self-report disclosure failures relating to marketing and distribution fees paid by advisory clients—so-called “12b-1 fees”—for certain mutual fund share classes. The SEC has brought more than 15 enforcement matters in the last five years alleging failures to accurately disclose practices of selecting a more expensive mutual fund share class when a lower-cost share class for the same fund was available. As a result of the initiative, in 2019, we can expect to see the announcement of settled matters for those who self-reported.
Cybersecurity and ICOs
Throughout 2018, the SEC focused its attention on cybersecurity, highlighting its critical role in the operation of the financial markets and emphasizing the risks to investors stemming from inadequate internal controls and insufficient disclosures. This heightened consideration of cyber concerns became prevalent when the SEC issued a statement and guidance on the subject in February 2018. The guidance explained that public companies must implement and maintain policies and procedures related to cybersecurity, as well as adhere to the disclosure requirements under federal law.
The release of the SEC’s guidance signaled the multiple enforcement actions that were to follow. In 2018, the SEC had a number of firsts in the realm of cyber-related and initial coin offering misconduct, including the following noteworthy actions:
In its first cybersecurity enforcement action against a public company, the SEC found that a company violated several securities laws when it failed to disclose one of the largest data breaches of personal information in history. The company did not disclose the breach until it was revealed during an acquisition of the company’s business more than two years later, despite learning of it within days of the intrusion.
- The SEC also issued an investigative report based on its assessment of nine public companies that confronted cybersecurity incidents. Although the SEC did not charge the companies, it stressed that public companies must adjust their internal accounting controls to counter the growing threat of cyber frauds.
- The SEC announced settlements with two companies that had raised funds through ICOs, which allegedly were neither registered nor exempt from registration under federal securities laws. These cases marked the first time that the SEC had imposed civil penalties solely for registration violations of Section 5 in connection with ICOs.
- The SEC announced it settled charges against professional boxer Floyd Mayweather Jr. and music producer and actor Khaled Khaled, known as DJ Khaled, for promoting ICOs without properly disclosing their financial ties to the ICO issuers. These cases mark the first time the SEC had charged individuals with “touting” violations involving ICOs and signal the SEC may bring enforcement actions against other celebrities or non-celebrities who have made similar ICO endorsements.
The SEC’s whistleblower program continues to be a steady contributor to the Enforcement Division’s success. The FY2018 statistics reported from the SEC’s Office of Whistleblower underscores the importance of whistleblowers to the Enforcement Division. In the last year, the OWB received 5,282 tips (more than 20 per business day). The assistance received from the whistleblowers led to over $1.7 billion in ordered sanctions. And whistleblowers were well-rewarded: the SEC issued whistleblower awards to 13 individuals totaling over $168 million, an amount greater than all previous years combined. The top 10 whistleblower awards all exceeded $5 million, with the largest over $50 million.
The OWB’s 5,282 whistleblower tips in the FY2018 were the most it has ever received in a single year and approximately 18 percent more than in 2017. The OWB noted that there was an increase of tips received in the months following the Supreme Court’s ruling in Digital Realty Trust, which held that a person must report a securities law violation to the SEC to qualify as a whistleblower protected against employment retaliation under the Dodd-Frank Act. Digital Realty invalidated the SEC’s rule interpreting Dodd-Frank’s whistleblower protections to apply regardless of whether a report was made to the SEC, a different government agency, or internally to an employer, thereby encouraging rapacious whistleblowers to report their tips directly to the SEC.
In 2019, private litigation involving whistleblower retaliation claims will also remain in the headlines. For example, the 9th Circuit will decide whether to overturn a jury verdict awarding $11 million to a life sciences company’s former general counsel in his retaliation lawsuit arising from whistleblowing on potential Foreign Corrupt Practices Act violations.
A continuing mainstay of the SEC enforcement program involves insider trading. Roughly 10 percent of the cases brought in 2018 involved insider trading allegations, and that percentage does not tend to increase or decrease dramatically from year to year. Without a landmark Supreme Court insider trading case on calendar for 2019, one of the more interesting developments this year may come from proposed legislation regarding so-called “10b5-1 plans.”
Rule 10b5-1 under the Securities Exchange Act of 1934 allows company executives and major investors to set up a written trading plan to sell a predetermined number of shares at a prearranged time. Rule 10b5-1 was enacted by the SEC to protect company executives from misplaced insider trading accusations arising from innocuous trades that merely appear improper because of coincidentally advantageous timing, and have become commonplace in the C-suite. Some corporate insiders, however, purportedly have manipulated Rule 10b5-1 plans to enable and disguise insider trading. A new bipartisan bill, the Promoting Transparent Standards for Corporate Insiders Act, proposes to curb this manipulation by directing the SEC to carry out a yearlong study of these plans and determine whether certain restrictions should be put in place to prevent their abuse such as limiting the ability to adopt plans at certain times, limiting the number of plans that may be adopted, limiting the ability to modify or cancel plans, and require certain filing and over sight of plans. The bill has bipartisan support and any resulting changes to Rule 10b5-1 would have a major impact given the wide-spread adoption of such plans.
Supreme Court Defeats
The relative success of the SEC’s enforcement program arose mostly from settled cases that are resolved at the time they are filed. When the Division is forced to litigate and has to defend some of its novel theories in court, its faces many more challenges. The Supreme Court has been a particularly inhospitable forum for the SEC, now having disagreed with the SEC’s position in a series of significant cases: Gabelli v. SEC (2013) (imposing five-year statute of limitations on civil penalty claims); Kokesh v. SEC (2017) (imposing five-year statute of limitations on disgorgement claims); Digital Realty Trust, Inc. v. Somers (2018) (rejecting SEC’s definition of “whistleblower”); and, most recently Lucia v. SEC (2018) (declaring unconstitutional the method by which the SEC selected its administrative law judges). In 2019, the court will issue an opinion in Lorenzo v. SEC, a case that involves the question of who is a “maker” of a statement for securities fraud liability purposes under Section 11 of the Securities Act of 1933. Justice Brett Kavanaugh participated in the underlying appeal and is recused from Lorenzo, but he issued a scathing dissent criticizing the SEC’s position. His recusal could result in a 4-4 split if the Justices vote along party lines.
The Enforcement Division will likely remain focused on retail investors and cyber misconduct in 2019, while still paying attention to traditional enforcement areas, such as accounting and disclosure fraud, insider trading and offering frauds. Cases will also focus on punishing individuals who caused their firms or companies to violate the securities laws. Unless it is hurt by the month-long government shutdown, the Division’s quantitative performance metrics also will likely improve.
Nicolas Morgan and Thomas A. Zaccaro are partners at Paul Hastings LLP in Los Angeles. Morgan previously served as senior trial counsel in the SEC’s Enforcement Division. Zaccaro previously served as the chief trial counsel of the SEC’s Pacific Regional Office.