On September 17, 2020, the SEC announced the imposition of a cease-and-desist order against private equity firm Welsh, Carson, Anderson & Stowe (Welsh Carson), an SEC-registered investment manager, in connection with alleged violations of reporting obligations under Section 13(d) of the Securities Exchange Act of 1934 (Exchange Act). The SEC alleged that Welsh Carson had failed to timely amend a Schedule 13D report – commonly known as a beneficial ownership statement – after its investment position changed from an intent to acquire and restructure a company to an intent to liquidate its entire position in the company. In connection with the entry of the SEC’s cease-and-desist order, Welsh Carson agreed to pay a civil penalty of $100,000.
Recently, the U.S. Securities and Exchange Commission (the “SEC”) charged a dually registered firm and its Chief Compliance Officer (“CCO”) with multiple violations of the Investment Advisers Act of 1940 (“Advisers Act”). The charges included allegations against the CCO that she altered documents in an attempt to mislead SEC examination staff and failures to comply with enhanced policies and procedures adopted as a result of a prior examination by FINRA. The SEC charged the firm with willfully violating Section 206(4) of the Advisers Act and Rule 206(4)-7 thereunder, which require, in part, that registered investment advisors “[a]dopt and implement written policies and procedures reasonably designed to prevent violation” of the Advisers Act and its rules. The CCO was charged with willfully aiding and abetting the firm’s violations. The firm and the CCO were fined $1.7 million and $45,000, respectively, and the CCO was barred from the industry.
On September 10, 2020, the CFTC announced the issuance of new, public, guidance to its enforcement staff on evaluating the adequacy of corporate compliance programs. The new guidance provides enforcement staff a framework with which to assess participants’ compliance programs, and is intended to ensure consistency and transparency in such reviews.
The latest publication continues the Commission’s efforts to increase transparency in the enforcement process. In May, the CFTC formally issued guidance regarding Enforcement’s decisions to recommend the imposition of civil monetary penalties, and last year the Division issued its first public Enforcement Manual. More details on these previous issuances from the CFTC can be found here and here.
On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting the recent uptick in “credential stuffing” cyber-attacks against SEC-registered investment advisors and broker dealers.
Credential stuffing is an automated cyber-attack on Internet-based user accounts and firm networks. Attackers obtain usernames and passwords from the dark web and then employ automated scripts utilizing the compromised information to attempt to log in and gain unauthorized access to other customer accounts and firm networks. Credential stuffing has proven to be a more effective way for hackers to gain access to accounts and firm systems than traditional brute force password attacks have been. If the credential stuffing attack is successful, attackers can gain access to and control over customer assets and confidential information.
While the U.S. Supreme Court’s decision in Liu v. SEC limited the SEC’s disgorgement power, it also left open certain complicated issues that are now subject to interpretation.1 As we previously summarized, in an 8–1 vote, the Court held that disgorgement is a permissible equitable remedy for securities fraud under § 78u(d)(5), provided the amount does not exceed a wrongdoer’s net profits and the money is returned to harmed investors.2
What’s New: The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) recently issued a Risk Alert titled “Select COVID-19 Compliance Risks and Considerations for Broker-Dealers and Investment Advisers” on August 12, 2020. This Risk Alert addressed the following topics:
From mid-March to mid-May, the SEC received more than 4,000 tips, complaints, and referrals. This, according to one of the SEC Co-Directors of the Division of Enforcement, represented a 35% increase over the same period last year. Additionally, as recently confirmed by the Director of the SEC’s New York regional office, the SEC is actively monitoring these tips, complaints, and referrals because it knows that doing so sends an important deterrence message to market participants. While the SEC has many sophisticated market monitoring and other fraud detection tools, tips and complaints provide the Enforcement Staff with valuable leads, which often develop into investigations and enforcement actions in matters that would otherwise may have remained hidden. Undoubtedly, many of these tips and complaints are either directly related to the COVID-19 pandemic or are indirectly related to the resulting economic turbulence. It is foreseeable that this significant uptick in tips and complaints will lead to a significant increase in the number of investigations and enforcement actions.
As we described several weeks ago, the SEC across the agency is going to be vigilant in its efforts to regulate, examine and enforce the federal securities laws regarding coronavirus/COVID-19. More recently, the SEC Division of Enforcement (“SEC Enforcement”) has stepped to the forefront of these efforts.