2018 SEC Enforcement Cases: A Year In Review
The Securities and Exchange Commission's ("SEC's") Division of Enforcement released its Annual Report (the "Report") last month, which discusses enforcement cases for its fiscal year of 2018 (which for the SEC concludes on September 30th). According to the Report, the SEC conducted over 3,150 examinations in FY 2018, resulting in 821 enforcement actions and disgorgements and monetary penalties of roughly $3.95 billion.1 Both the number of enforcement actions total disgorgements/penalties represented increases from FY 2017 when the SEC initiated 754 enforcement actions resulting in disgorgements and monetary penalties of roughly $3.8 billion.2 Enforcement actions also resulted in "nearly 550 bars and suspensions of wrongdoers in FY 2018."3
Moreover, in an effort to further modernize regulatory oversight, the Report also reiterated the importance of new initiative promulgated by the SEC including: (1) a Cyber Unit in the Division of Enforcement which enhances the SEC's ability to detect and investigate cyber threats and fraud, and (2) the Retail Strategy Task Force - a group within the Division of Enforcement, that develops data-driven, analytical strategies for identifying adverse practices in the securities markets.4
However, the Report also notes limitations the SEC faces. Specifically, the Report states:
The Supreme Court's 2017 decision in Kokesh v. SEC,5 in which the Court held that Commission claims for disgorgement are subject to a five-year statute of limitations, continues to have a significant effect on the Commission's efforts to obtain disgorgement. With respect to matters that have already been filed, the Division of Enforcement estimates that the Court's ruling in Kokesh may cause the Commission to forgo up to approximately $900 million in disgorgement.
These actions undertaken by the SEC exemplify the agency's commitment to enforcement matters. Further, the limitations imposed upon the SEC as part of the Kokesh decision could reasonably lead one to believe that the SEC will bring an increased number of enforcement actions in the near future to prevent being barred by statute of limitations laws.
Notable Enforcement Actions of 2018
The enforcement actions in 2018 were spread out over a broad spectrum of misconduct. The following chart shows the number of cases by category:
However, certain enforcement actions stood out due to their nature and/or the potential impact that such enforcement actions might have on the financial services industry. The following is a sampling of some of the more notable enforcement matters during the SEC's past fiscal year:
1. Fees and Expenses
Clearly, the number of enforcement actions attributable indicates that this was an area highly scrutinized during FY 2018. Several enforcement cases were brought for such matters as miscalculation of fees, flawed valuations and/or failure to disclose material conflicts as applicable to fees. The SEC also released a Risk Alert in FY 2018 providing an overview of frequent advisory fee and expense compliance issues.
In the Matter of William Jordan, Admin. Proc. File No. 3-18541 (June 14, 2018).7 The SEC alleged, among other things, that Mr. Jordan overstated the value of the assets in several of his 16 affiliated private investment funds, and then used those inflated values and unrealized "profits" on other investments to overpay management fees and bonuses to himself and his entities.8 The complaint further alleges that the private funds were never audited. The SEC's complaint charged Mr. Jordan with violations of the antifraud provisions of the federal securities laws, and specifically Section 17(a) of the Securities Act of 1933, Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder, and Sections 206(1) and (2) of the Investment Advisers Act of 1940.9 Without admitting or denying the SEC's findings, Mr. Jordan entered into an Offer of Settlement whereby he agreed to be permanent barred from association with any adviser or broker-dealer.10 He will also be subject to disgorgement, prejudgment interest and civil penalties that are to be determined by a federal district court.11
Risk Management Tip: Disclosures concerning fees are paramount in allowing clients to make informed decisions as to whether to engage an adviser. Consequently, the fees actually assessed by the adviser should mirror those disclosed in fund documents, promotional collateral, advisory contracts and Form ADV. With the SEC's increased focus on the disclosures and assessment of advisory fees, it is critical that firms review their current practices to ensure they are in alignment with all applicable regulations.
2. Cyber-Related Misconduct
As mentioned above, the SEC has placed an increased focus on cyber-related infractions, thus necessitating the implementation of their Cyber Unit division. Several enforcement matters were brought in this area, but the following is unique in that it is the first of its kind:
In the Matter of Voya Financial Advisors, Inc. IA Rel. No. 5048 (September 26, 2018).12 The SEC alleged violations of SEC rules relating to the protection of customer information and the prevention of identity theft. Specifically, the SEC charged Voya Financial Advisors Inc. ("VFA") with violating the Safeguards Rule (Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a and the Identity Theft Red Flags Rule (Rule 201 of Regulation S-ID (17 C.F.R. § 248.201)), which are designed to protect confidential customer information and protect customers from the risk of identity theft.13 This was the first SEC enforcement action charging violations of the Identity Theft Red Flags Rule.14 The SEC stated that VFA failed to adopt written policies and procedures reasonably designed to protect customer records and information, as well as failing to develop and implement a written Identity Theft Prevention Program. This allowed a cyber-scam to be perpetrated where the personal information of thousands of VFA's customers was compromised. While the SEC recognized remedial actions undertaken by VFA following the breach (including the retention of an unaffiliated compliance consultant), the SEC's settlement still sought a civil penalty of $1 million.
Risk Management Tip: This matter is the first instance of the SEC enforcing the Identity Theft Red Flags Rule. While the SEC perhaps did not clearly provide guidance as to what qualifies as "reasonable policies and procedures" under the rule, the staff did articulate that VFA did not reasonably tailor them to the firm. Consequently, advisers and broker-dealers should proactively review their policies to ensure that they are customized and applicable to the firm and develop training plans accordingly as necessitated by new protocols and firm activities.
3. Individual Accountability
The SEC's Report also discussed the importance of individual accountability in operating an effective enforcement program. In FY 2018, 72% of the SEC's "stand-alone" actions (which represented roughly 350 enforcement actions) involved charges against one or more individuals.15 Perhaps the most prominent of such enforcement actions was against Elon Musk, the CEO of Tesla Inc.:
SEC v. Elon Musk, US District Court of Southern District of New York, Civ Action No. 1:18-cv- 8865. The SEC's complaint alleged that Mr. Musk made a series of false and misleading statements in violation of Section 10(b) of the Exchange Act and Rule 10b-5 thereunder.
Specifically, the SEC alleged that Musk tweeted that he could take Tesla, Inc. ("Tesla") private at $420 per share - a substantial premium to its trading price at the time - that funding for the transaction had been secured, and that the only remaining uncertainty was a shareholder vote.16
However, the SEC alleged that Mr. Musk knew that the potential transaction was uncertain, subject to numerous contingencies, and perhaps most notably, specific deal terms (including price) had not been discussed with any potential financing partners, thus making his statements about the possible transaction fraudulent, as they lacked an adequate basis in fact.17 Tesla's stock price jumped as a result of the tweets by over six percent (6%), and led to significant market disruption. In addition, the SEC charged Tesla itself with failing to have required disclosure controls and procedures in place relating to and governing Mr. Musk's tweets.18 Without admitting or denying the SEC's findings, Mr. Musk entered into an Offer of Settlement whereby he agreed to pay a $20 million fine and step down as Tesla chairman within for a period of at least three years. Tesla must also put in place a system for monitoring Mr. Musk's statements to the public about the company, whether on Twitter, blog posts or any other medium. Tesla will also have to pay a separate $20 million fine and appoint two independent directors to the board.19
Risk Management Tip: While this was a matter that grabbed national headlines, the fact pattern is universal as it boils down to individual accountability in following and enforcing a firm's compliance program. It is important to remember that owners and other high-ranking individuals are liable for their actions as is the firm itself. It's important to have clear policies and procedures in place that describe the firm's compliance program, which mandates that compliance must be followed by all persons, regardless of title.
These cases highlight the SEC's position to enforce regulations in all situations for institutions of all sizes. With new dedicated units within the Division of Enforcement, and stricter limitations placed upon the SEC by the US Supreme Court, it is reasonable to expect that SEC enforcement matters will take on greater targeted focus with enforcement matters progressing at a more rapid pace. The SEC has stressed its focus on protecting retail investors and seeking to bring financial professionals into a more uniform fiduciary standard.20 With this in mind, its recommended firms perform a robust review as to the adequacy and efficiency of the firms' internal controls in order to help mitigate potential enforcement risks moving forward in 2019.
Author: Robert R. Boeche II, Esq., Senior Associate; Editor: Michelle L. Jacko, Esq., Managing Partner, Jacko Law Group, PC. JLG works extensively with investment advisers, broker-dealers, investment companies, private equity and hedge funds, banks and corporate clients on securities and corporate counsel matters.
The information contained in this article may contain information that is confidential and/or protected by the attorney-client privilege and attorney work product doctrine. This email is not intended for transmission to, or receipt by, any unauthorized persons. Inadvertent disclosure of the contents of this article to unintended recipients is not intended to and does not constitute a waiver of attorney-client privilege or attorney work product protections.
The Risk Management Tip is published solely based off the interests and relationship between the clients and friends of the Jacko Law Group P.C. ("JLG") and in no way be construed as legal advice. The opinions shared in the publication reflect those of the authors, and not necessarily the views of JLG. For more specific information or recent industry developments or particular situations, you should seek legal opinion or counsel.
You hereby are notified that any review, dissemination or copying of this message and its attachments, if any, is strictly prohibited. These materials may be considered ATTORNEY ADVERTISING in some jurisdictions.
5 137 S. Ct. 1635 (2017).
6 See https://www.sec.gov/files/enforcement-annual-report-2018.pdf. Information provided as of November 2, 2018.
7 For more information, see https://www.sec.gov/litigation/admin/2018/ia-4941.pdf.
12 For more information, see https://www.sec.gov/litigation/admin/2018/34-84288.pdf.
16 For more information, see https://www.sec.gov/news/press-release/2018-226.
20 The SEC introduced its "Regulation Best Interest" proposal which is designed to update fiduciary duties governing broker-dealers and investment adviser.