On July 3, SEC Chairman Jay Clayton issued a statement signaling a policy change in SEC settlements and the consideration of applications for waiver of collateral consequences flowing from those settlements, such as the loss of certain significant procedural advantages in (or even outright exemption from) the securities registration process.[1]  In practice, this change could both streamline the process of settling enforcement actions with the SEC and provide additional certainty to settling entities, which, under the current regime, must decide whether to settle a matter before completing and knowing the outcome of negotiations over waivers.
Continue Reading SEC to Allow Settling Parties to Submit Simultaneous Settlement Offers and Applications for Waiver from Disqualifications

On June 5, 2019, the Securities and Exchange Commission (“SEC”) finalized Regulation Best Interest (“Reg BI” or the “Final Rule”) under the Securities Exchange Act of 1934 (“Exchange Act”) to establish a new “best interest” standard of conduct for broker-dealers when making a recommendation of any transaction or investment strategy involving securities to a retail

On May 15, 2019, the U.S. Securities and Exchange Commission (“SEC”) and the U.S. Commodity Futures Trading Commission (“CFTC”) announced that they entered into an Enhanced Multilateral Memorandum of Understanding Concerning Consultation and the Exchange of Information (“Enhanced MMoU”) under the auspices of the International Organization of Securities Commissions (“IOSCO”), along with nine other international financial regulators.[1]  Both the SEC and CFTC are already signatories to IOSCO’s predecessor memorandum of understanding with 121 other signatories.  However, the Enhanced MMoU provides for significant enhancements in cross-border enforcement cooperation—including the ability to compel testimony outside of the United States—that, if widely adopted, could increase the signatory regulators’ abilities to undertake (and coordinate) multilateral cross-border investigations.
Continue Reading SEC and CFTC Chairs Sign Enhanced Multilateral Memorandum of Understanding Expanding Cross-Border Enforcement Cooperation

On April 16, 2019, the U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert addressing all registered broker-dealers and investment advisers’ (together, “Firms”)[1] privacy-related obligations under Regulation S-P (“Reg S-P”).  The Risk Alert set out the most frequent Reg S-P deficiencies OCIE identified during examinations over the past two years, and encouraged registrants to review their written privacy policies and procedures as well as the consistency with which these policies and procedures have been implemented.  The Alert is the latest in a series of recent privacy and cybersecurity guidance documents issued by the SEC, including the February 2018 Commission Statement and Guidance on Public Company Cybersecurity Disclosures and October 2018 Report of Investigation on cyber-related frauds and public company accounting controls.

This Risk Alert is consistent with the SEC’s approach of seeking to influence the conduct of registrants by providing guidance on specific compliance issues, followed by Risk Alerts noting common exam deficiencies, prior to pursuing enforcement actions.  Investment advisers and broker-dealers should  take this as a prompt to review their relevant policies and procedures to ensure they are appropriate and being followed in practice.
Continue Reading SEC Privacy Risk Alert may Foreshadow Upcoming Reg S-P Enforcement Against Broker-Dealers, Investment Advisers

On April 3, 2019, staff of the Securities and Exchange Commission released (1) a framework providing principles for analyzing whether a digital asset constitutes an investment contract, and thus a security, as defined in SEC v. W.J. Howey Co. and (2) a no-action letter permitting TurnKey Jet, Inc., without satisfying registration requirements under the Securities

On February 20, the Securities and Exchange Commission (the “SEC” or “Commission”) issued a cease-and-desist order against Gladius Network LLC (“Gladius”) concerning its 2017 initial coin offering (“ICO”).  The SEC found that the Gladius ICO violated the Securities Act of 1933’s (“Securities Act”) prohibition against the public offer or sale of any securities not made pursuant to either an effective registration statement on file with the SEC or under an exemption from registration.[1]  While this is far from the first time that the SEC has found that a particular ICO token meets the definition of a “security” under the Securities Act,[2] this is notably the first action involving an ICO token issuer that self-reported its potential violation.  Due to this, and Gladius’s cooperation throughout the investigation, the SEC stopped short of imposing any civil monetary penalties among its ordered remedial measures.
Continue Reading SEC Issues First ICO Enforcement Action Against a Self-Reporting Token Issuer

On January 29, 2019, the SEC announced four settlements with publicly-traded companies for failure to maintain adequate internal control over financial reporting.

None of the companies was charged with making false or inaccurate statements, either about its ICFR or otherwise; indeed, each had repeatedly disclosed material weaknesses in ICFR over many years.

These cases are

On December 20, 2018, the U.S. Securities and Exchange Commission (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released its 2019 Examination Priorities.  The six themes for this year’s priorities are:  retail investors (including seniors and those saving for retirement), compliance and risk in registrants responsible for critical market infrastructure (clearing agencies, transfer agents, national securities exchanges and Regulation SCI entities), oversight of the Financial Industry Regulatory Authority and Municipal Securities Rulemaking Board, digital assets, cybersecurity and anti-money laundering.  The only new theme for 2019 compared to 2018 is digital assets, which we take to imply a plan to more closely—and substantively—regulate investment advisers and broker-dealers involved with this asset class.  The 2019 priorities also more explicitly than the 2018 priorities describe specific practices that OCIE found concerning in examinations of those entities, many of which involved failure to adequately safeguard client assets and the adequacy of disclosures of conflicts of interest.  We expect to see a corresponding focus in Enforcement Division investigations and cases on these issues as a result.
Continue Reading Lessons from the SEC Office of Compliance Inspections and Examinations’ 2019 Priorities

On November 16, 2018, the U.S. Securities and Exchange Commission (“SEC”) Division of Corporation Finance (“Corp. Fin.”), Division of Investment Management, and Division of Trading and Markets issued a joint public statement on “Digital Asset Securities Issuance and Trading.”  The public statement is the latest in the Divisions’—and the Commission’s—steady efforts to publicly outline and develop its analysis on the application of the federal securities laws to initial coin offerings (“ICOs”) and certain digital tokens.  These efforts have combined a series of enforcement proceedings with public statements by Chairman Jay Clayton and staff, including a more detailed statement of the SEC’s analytical approach in Corp. Fin. Director William Hinman’s speech on digital assets in June 2018.
Continue Reading SEC Divisions’ Issue Public Statement on Digital Assets and ICOs, Echoing Recent Enforcement Actions

On November 8, the Securities and Exchange Commission (“SEC”) imposed a cease-and-desist order against Zachary Coburn for causing his former company, EtherDelta, to operate as an unregistered securities exchange in violation of Section 5 of the Securities Exchange Act of 1934 (“Exchange Act”).  Notably, EtherDelta, a trading platform specializing in digital assets known as Ether and ERC20 tokens,[1] was not operated like a traditional exchange with centralized operations, as there was no ongoing, active management of the platform’s order taking and execution functions. Instead, EtherDelta was “decentralized,” in that it connected buyers and sellers through a pre-established smart contract protocol upon which all operational decisions were carried out.

In the SEC’s view, EtherDelta met Exchange Act Rule 3b-16(a)’s definition of an exchange notwithstanding the lack of ongoing centralized management of order taking and execution.  Robert Cohen, the Chief of the SEC’s Cyber Unit within the Division of Enforcement stated after the order’s release, “The focus is not on the label you put on something . . . The focus is on the function . . . whether it’s decentralized or not, whether it’s on a smart contract or not, what matters is it’s an exchange.” This functional approach echoes prior SEC guidance and enforcement actions in the digital asset securities markets in emphasizing that the Commission will look to the substance and not the form of a market participants’ operations in evaluating their effective compliance with U.S. securities laws.
Continue Reading SEC Brings First Enforcement Action Against a Digital Assets Trading Platform for Failure to Register as a Securities Exchange