Enforcement

Subscribe to Enforcement via RSS

Last month, Representative Maxine Waters, Chair of the House Financial Services Committee, introduced a discussion draft of the “Bad Actor Disqualification Act of 2019” (the “Proposed Act”).  Similar to proposed legislation Rep. Waters introduced in 2015 and 2017, the effect of the Proposed Act, if passed, would be to dramatically increase the burdens on institutions

In the past year, members of the U.S. Congress and Senate on both sides of the aisle have proposed data privacy bills that would impose nationwide standards on companies who collect and/or share consumers’ personal information. Currently, all 50 states have separate, but often overlapping, data privacy regimes—each subjecting companies to various combinations of recordkeeping standards, data sharing restrictions, and data breach reporting requirements—creating a patchwork of state laws that can generate substantial uncertainty for corporations.
Continue Reading Legislators Propose Differing Approaches to Federalizing Corporate Responsibility for Data Breaches

On June 5, 2019, the Securities and Exchange Commission (“SEC”) finalized Regulation Best Interest (“Reg BI” or the “Final Rule”) under the Securities Exchange Act of 1934 (“Exchange Act”) to establish a new “best interest” standard of conduct for broker-dealers when making a recommendation of any transaction or investment strategy involving securities to a retail

On May 6, 2019, the Financial Industry Regulatory Authority (“FINRA”) issued Regulatory Notice 19-18, addressing members’[1] anti-money laundering (“AML”) compliance programs.  This notice focused extensively on members’ monitoring for suspicious activities and subsequent suspicious activity report (“SAR”) filing obligations, providing 97 examples of “money laundering red flags” to securities industry market participants.  Where applicable to a members’ business operations, FINRA encouraged broker-dealers to take a “risk-based approach” to AML compliance and incorporate these red flags into their AML programs, even though the organization noted that merely doing so will not satisfy all obligations.  Where any red flags are detected, FINRA encouraged firms to consider whether “additional investigation, customer due diligence measures or a SAR filing may be warranted.”
Continue Reading FINRA Publishes AML Red Flags to Help Broker-Dealers Satisfy Suspicious Activity Monitoring and Reporting Requirements

On April 16, 2019, the U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert addressing all registered broker-dealers and investment advisers’ (together, “Firms”)[1] privacy-related obligations under Regulation S-P (“Reg S-P”).  The Risk Alert set out the most frequent Reg S-P deficiencies OCIE identified during examinations over the past two years, and encouraged registrants to review their written privacy policies and procedures as well as the consistency with which these policies and procedures have been implemented.  The Alert is the latest in a series of recent privacy and cybersecurity guidance documents issued by the SEC, including the February 2018 Commission Statement and Guidance on Public Company Cybersecurity Disclosures and October 2018 Report of Investigation on cyber-related frauds and public company accounting controls.

This Risk Alert is consistent with the SEC’s approach of seeking to influence the conduct of registrants by providing guidance on specific compliance issues, followed by Risk Alerts noting common exam deficiencies, prior to pursuing enforcement actions.  Investment advisers and broker-dealers should  take this as a prompt to review their relevant policies and procedures to ensure they are appropriate and being followed in practice.
Continue Reading SEC Privacy Risk Alert may Foreshadow Upcoming Reg S-P Enforcement Against Broker-Dealers, Investment Advisers

On May 13, 2019, the Supreme Court issued its opinion in Cochise Consultancy, Inc. v. United States ex rel. Hunt with respect to the applicable statute of limitations in a FCA action in which the Government has declined to intervene.  The FCA sets forth two limitation periods applicable to FCA actions and provides that an action must be brought within the longer of either (i) within 6 years after the date on which the violation occurred; or (ii) within three years of the date when facts material to the right of action are known or reasonably should have been known by a relevant official of the United States.  In no event may an action be brought more than 10 years after the date on which the violation was committed.  The issues in Cochise Consultancy were whether the second, alternative, limitations period applies to an action in which the government has intervened and whether, if so, the relevant official includes the private relator.  These issues are important because, if the longer period applies, a relator can bring an action long after (and more than 3 years after) she learned of the FCA violation.
Continue Reading Supreme Court Rules in Favor of Longer Time Limits for Non-intervened FCA Actions

On May 8, 2019, the Division of Enforcement of the Commodity Futures Trading Commission released an Enforcement Manual – the first public document of its kind from the Division.

Though the Manual does not reveal any significant shifts in policy, it will undoubtedly serve as an important resource for individuals and entities dealing with CFTC

On May 7, 2019, the Department of Justice issued formal guidance to DOJ’s False Claims Act litigators on the circumstances in which DOJ will grant credit for cooperation during FCA investigations.

The guidance explains the factors that DOJ considers in determining whether to award cooperation credit in FCA investigations and the types of credit available.

On May 2, 2019, the United States District Court for the Southern District of New York issued an important decision delineating the boundaries between conducting a proper internal investigation and acting as an arm of the government.

For the government, the consequences of “outsourcing” an investigation to a company and its counsel could be exclusion

In recent weeks two enforcement actions by the UK Financial Conduct Authority (“FCA”) against regulated firms have highlighted the regulator’s continued scrutiny of transaction reporting.  In the decisions, the FCA has reiterated the importance of complete, accurate and timely transaction reporting to assist in its objective of protecting and enhancing the integrity of the UK’s financial system.  The significant penalties imposed in each case, £27.6 million and £34.3 million respectively, demonstrate the serious consequences for firms that fail to meet their transaction reporting requirements.
Continue Reading FCA Continues Focus on Transaction Reporting Breaches