On April 24, 2018, Altaba, formerly known as Yahoo, entered into a settlement with the Securities and Exchange Commission (the “SEC”), pursuant to which Altaba agreed to pay $35 million to resolve allegations that Yahoo violated federal securities laws in connection with the disclosure of the 2014 data breach of its user database.  The case represents the first time a public company has been charged by the SEC for failing to adequately disclose a cyber breach, an area that is expected to face continued heightened scrutiny as enforcement authorities and the public are increasingly focused on the actions taken by companies in response to such incidents.  Altaba’s settlement with the SEC, coming on the heels of its agreement to pay $80 million to civil class action plaintiffs alleging similar disclosure violations, underscores the increasing potential legal exposure for companies based on failing to properly disclose cybersecurity risks and incidents.

Please click here to read the full alert memorandum.

On Wednesday, the Supreme Court resolved a question that had created significant uncertainty concerning the scope of the anti-retaliation protections provided by Section 922 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”).

In Digital Realty Trust, Inc. v. Somers, the U.S. Supreme Court unanimously rejected the expansive interpretation of Dodd-Frank’s anti-retaliatory protections established by relevant Securities and Exchange Commission (“SEC”) regulations and previously accepted by the Second and Ninth Circuits. In so doing, the Court held that employees who report potential securities law violations internally but not to the SEC fall outside the definition of a “whistleblower” under Dodd-Frank and accordingly do not benefit from its anti-retaliation protections. Instead, the Court held that the plain text and purpose of Dodd-Frank make clear that its anti-retaliatory protections – and not just Dodd-Frank’s whistleblower bounty incentives – apply only to whistleblowers who report securities law violations to the SEC.

The decision provides an additional incentive for whistleblowers to report to the SEC, and limits some remedies that might otherwise be available to whistleblowers who face retaliation. However, the decision should not generally cause companies to change their whistleblower policies and practices.

Please click here to read the full alert memorandum.

The U.S. Securities and Exchange Commission (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released its 2018 National Exam Program Examination Priorities.  The 2018 priorities highlight areas of emphasis for OCIE, including cryptocurrencies, cybersecurity, anti-money laundering, and issues affecting retail investors (especially seniors and those saving for retirement).  While the core areas of focus and many of the priorities for 2018 are similar to those from 2017, there is a clear shift in emphasis that we attribute to the change in leadership at the SEC.  Some specific changes also likely stem from OCIE’s 2017 examination findings, recent market developments, and trends in enforcement.  Continue Reading Lessons for Broker-Dealers and Investment Advisers from the SEC Office of Compliance Inspections and Examinations 2018 Priorities

On January 12, 2018, the Supreme Court granted a writ of certiorari in Raymond J. Lucia Cos., Inc. v. SEC, No. 17 130,[1] a case raising a key constitutional issue relating to the manner in which the U.S. Securities and Exchange Commission’s (SEC or Commission) appoints its administrative law judges (ALJs).  The Court will decide “[w]hether administrative law judges of the [SEC] are Officers of the United States within the meaning of the Appointments Clause.”  The answer to this question matters because if SEC ALJs are “officers,” then they should have been appointed by the Commission itself instead of hired through traditional government channels—and the Commission only exercised its ALJ appointment authority in late-2017.  Although the question is limited to SEC ALJs, any decision could also impact ALJs at other agencies government-wide. Continue Reading Supreme Court Grants Certiorari on the Constitutionality of SEC ALJ Appointments– What This Means for the Securities Industry

More than six months have passed since the Supreme Court held, in Kokesh v. SEC, 137 S. Ct. 1635 (2017), that the Securities and Exchange Commission’s (SEC or Commission) disgorgement power constitutes a penalty subject to a five-year statute of limitations.  As expected, the Supreme Court’s holding on the penal nature of SEC disgorgement has spurred  defendants to seek to broaden its application to other contexts.  Most fundamentally, this includes whether the SEC has the statutory authority to seek disgorgement at all.  To date, courts have mostly turned aside these challenges.  At the same time, however, litigants have grown more creative in their attacks, evidenced by a class action suit seeking reimbursement of nearly $15 billion from the SEC of certain historical disgorgement payments.[1]

Below, we look back at how the lower courts have handled post-Kokesh challenges to the SEC’s disgorgement power and other so-called equitable remedies to date.  Continue Reading Kokesh v. SEC: Half a Year On

On December 5, 2017, a Magistrate Judge in the United States District Court for the Southern District of Florida held in SEC v. Herrera that the “oral download” of external counsel’s interview notes to the Securities and Exchange Commission waived protection from disclosure under the attorney work product doctrine.  As a result of the decision, issued in an SEC enforcement action, counsel was ordered to disclose to certain former employees of its client those interview notes that were orally downloaded to the SEC.  Herrera highlights issues that internal and external lawyers should carefully consider when conducting internal investigations and particularly when providing downloads to the government of material that may be privileged or subject to work product protection.

Click here, to continue reading.

Following the 2016 election, it has been widely assumed that the SEC’s Division of Enforcement would no longer pursue the “broken windows” policy implemented under then-SEC Chair Mary Jo White.  Under that approach, the Division of Enforcement intentionally pursued smaller, non-fraud cases in an attempt to improve the overall compliance culture within the securities industry.  Pronouncements this fall by the Co-Directors of the Division of Enforcement, Stephanie Avakian and Steven Peikin, on their face confirm that assumption, suggesting an end to “broken windows” as a broad-based strategy focused on street-wide sweeps for strict liability and other non-scienter conduct.  However, signs persist that the Enforcement Division will continue to pursue some varieties of non-scienter cases, particularly where there exists, even indirectly, the potential for harm to retail investors.

Continue Reading Is the SEC’s Broken Windows Initiative Over? The Picture Is Somewhat Mixed.

On October 26, the SEC staff provided, in three related no-action letters, a 30-month grace period during which it will not pursue enforcement actions against U.S. broker-dealers and their client money managers subject to European Union regulations, including investment advisers, for accepting or making direct and separate (i.e., hard dollar) payments for research.  This grace period temporarily relieves a regulatory conflict concerning how market participants provide and pay for research between current U.S. securities laws and the European Union’s new Markets in Finance Instruments Directive (MiFID II) rules, which will take effect on January 3, 2018. Continue Reading The SEC’s Temporary Enforcement Grace Period to Mitigate Legal Status and Operational Implementation Issues Over the EU’s New Research Regulation