As publicly reported late last week, the Securities and Exchange Commission’s Division of Enforcement (SEC) sent voluntary requests for information to a range of public companies and investment firms seeking voluntary disclosure of information related to last year’s SolarWinds cyberattack. Specifically, the SEC is seeking information related to whether the companies and firms were exposed to the SolarWinds cyberattack and any remedial measures the companies and firms implemented in response.
SolarWinds, an IT, network, and systems software developer, disclosed in a filing with the SEC in December 2020 that a cyberattack had infiltrated its Orion monitoring product, which could allow the attacker to compromise the server on which the Orion product runs. SolarWinds disclosed that it believed that nearly 18,000 Orion customers downloaded the product containing the vulnerability and that it had notified all 33,000 users of the product that a cyberattack had taken place. The SolarWinds cyberattack was unprecedented in its scope and sophistication—including compromising nine U.S. federal agencies—leading the United States and other governments to blame the attack on an outside nation state actor.
Continue reading “SEC “Sweep” of Public Companies’ & Registrants’ Responses to the SolarWinds Cyberbreach”
On Friday June 4, 2021, Securities and Exchange Commission Chair Gary Gensler removed the head of the Public Company Accounting Oversight Board (PCAOB), an independent agency created by the Sarbanes-Oxley Act of 2002 that is charged with setting standards and overseeing audits of public companies and broker-dealers. The move is part of a broader overhaul of the PCAOB announced by the SEC that includes soliciting nominations for all five of the PCAOB’s board positions, including board positions currently filled by members whose terms have not yet expired.
The removed chair of the PCAOB, William Duhnke III, was appointed by former President Trump and had held the position since January 2018. In 2020, President Trump called for the PCAOB to be folded into the SEC by 2022, losing its independent watchdog status. In a recent lawsuit filed against Duhnke, the PCAOB’s former chief risk officer alleged that Duhnke shared President Trump’s sentiment and called the PCAOB a “frivolous organization” that should be combined with the SEC.
Continue reading “Chair Gensler Overhauls PCAOB”
Responding to a “concern” from Chief Compliance Officers (CCOs) to the purported increase in enforcement actions holding compliance personnel personally liable, the New York City Bar Association recently released a framework of nonbinding factors it believes the SEC should consider when making CCO charging decisions. The report, titled “Framework for Chief Compliance Officer Liability in the Financial Sector” (Framework), is available here. According to the Framework, it claims that the risk of facing a career-ending enforcement action has deterred qualified individuals from assuming or remaining in the all-important CCO role.
Continue reading “NYC Bar Association Proposes a CCO Enforcement Framework”
On May 3, 2021, the Securities Exchange Commission (“SEC”) announced charges against Under Armour Inc. (“Under Armour”) for “misleading investors as to the bases of its revenue growth and failing to disclose known uncertainties concerning its future revenue prospects.” Under Armour agreed to settle the case, paying a $9 million fine. The settlement stems from allegations that Under Armour violated Sections 17(a)(2) and (3) of the Securities Act of 1933, which do not require proof of scienter, as well as reporting provisions of the federal securities laws, by failing to tell investors that it pulled forward orders to meet its quarterly targets in order to appear healthier.
Continue reading “SEC Pierces Under Armour With Accounting Misstatement Settlement”
In Faegre Drinker’s “Enforcement Highlights” second podcast, Jim Lundy moderates a panel with fellow SEC and Regulatory Enforcement partner Mike MacPhail and Capital Markets Team Co-Leader Beth Diffley to discuss Gary Gensler’s recent confirmation as Chair and the anticipated impact on the SEC and its future.
Continue reading “Biden’s SEC and ESG, Issuers, & Enforcement: A Podcast”
It’s estimated there are more than 400 SPACs in the market looking for M&A targets. Some of these SPACs come with celebrity endorsements, and there’s even a rap video, thanks to Cassius Cuvée and Mags Lionne. Clearly, this movement can’t be ignored. This article gives a generalized summary of the typical structure, as well as some high-level questions you should be asking as a participant to, amongst other issues, manage litigation and SEC enforcement exposure.
Continue reading “SPAC Attack! SPAC IPOs Are Booming”
As we await the impact of the Biden Administration on the direction of the SEC, we have been given a glimpse of what is to come in a speech last month by the newly confirmed commissioner, Caroline Crenshaw. Specifically, Commissioner Crenshaw’s speech focused on “individual culpability” and penalties in the SEC’s enforcement program. Strikingly, the Commissioner decried the SEC’s past stance on penalties: “It is clear to me that the Commission has historically placed too much emphasis on factors beyond the actual misconduct when imposing corporate penalties – including whether the corporation’s shareholders benefited from the misconduct, or whether they will be harmed by the assessment of a penalty. This approach is fundamentally flawed.” Commissioner Crenshaw then stated that she thinks the SEC should revisit its approach to corporate penalties. It remains to be seen how Crenshaw’s remarks will be observed at Enforcement with respect to corporate penalties, let alone the application of her observations about the focus on “factors beyond the actual misconduct” could also be extended to individuals who are similarly facing substantial penalties for factors beyond their misconduct.
Continue reading “Speech by New Commissioner Provides Insight into Biden Administration SEC”
The Division of Examination’s (former OCIE) annual announcement of its exam priorities is always noteworthy, as it provides helpful insight into this division’s thinking and can serve as a roadmap for regulated entities to focus their compliance and supervision planning. The announcement of these priorities is even more important following a change in the presidential administration and the changes at the Commission that inevitably follow. Not surprisingly, the recently announced Division of Examination priorities for 2021 (summarized below) align with the Biden Administration’s policy priorities and key trends in the financial landscape.
Climate-Related Risks – Examinations will carefully consider environmental, social and governance (ESG) issues, including climate change. In the same way that the Division of Examinations previously focused on entities’ plans and disclosures related to the challenges posed by the COVID-19 pandemic, the Division announced that it will scrutinize business continuity plans to ensure that they “account for the growing physical and other relevant risks associated with climate change.” The Division will be looking for “maturation and improvements to these plans” to ensure that “registrants are considering effective practices to help improve responses to large-scale events.” The announcement of this examination focus also coincides with the Division of Enforcement’s announcement of the creation of a Climate and ESG Task Force. Continue reading “SEC Exams for 2021 to Focus on Climate and ESG, Reg BI, Crypto, & More”