CLOSE X
RSS Feed LinkedIn Instagram Twitter Facebook
Search:
FMG Law Blog Line

Archive for the ‘Financial Services and Securities Litigation’ Category

Loss of SEC Commissioners Piwowar and Stein May Wreak Havoc on SEC’s Proposed Fiduciary Regulations

Posted on: June 1st, 2018

By: Ted Peters

On May 7, 2018, Republican SEC Commissioner Michael Piwowar announced that he will resign effective July 7, 2018.  Piwowar’s five-year term expires on June 5, but SEC commissioners are permitted to remain in office for up to 18 months following the end of their term.  Democratic Commissioner Kara Stein’s term expired in 2017 and she too is expected to leave the Commission this year.

Piwowar was admittedly a harsh critic of the U.S. Department of Labor’s fiduciary rule (calling it a “terrible, horrible, no good, very bad” rule), which has since been struck down by the Fifth Circuit Court of Appeal.  He also expressed significant misgivings with the Commission’s April 18, 2018 proposals which attempt to establish standards of conduct for financial advisors.  Despite such concerns, Piwowar wholeheartedly voted in favor of putting the proposals out for public comment lest anyone criticize the SEC for failing to take action.  Stein, however, voted against the proposals, finding them too weak and suggesting they be called “Regulation Status Quo.”

Regardless of their personal views, the loss of Commissioners Piwowar and Stein will undoubtedly put further pressure on the SEC as the agency takes comments on the proposals. On the other hand, the SEC might have an easier go in reaching a compromise with the decision being left to just three commissioners.  In theory, the White House and Senate could quickly take action to replace Piwowar and Stein, as it is customary for the Senate to consider commissioners in pairs (Republican and Democrat).  In the meantime, between the departures of Piwowar and Stein, the SEC will operate with four commissioners including two Democrats, which could lead to deadlocked votes, something for which the SEC is well known.

If you have questions or would like more information, please contact Ted Peters at [email protected].

“Senior Safe Act” Encourages Reporting of Senior Investor Fraud

Posted on: May 25th, 2018

By: Ted Peters

On May 22, 2018, the Senior Safe Act, authored by U.S. Senators Susan Collins (R-ME) and Claire McCaskill (D-MO), passed in the House of Representatives as part of a bipartisan banking reform package after previously being passed by the Senate (67-31) in March.  The Act seeks to curb financial exploitation of senior investors by establishing a safe harbor in which advisors and their firms can report abuses without fear of liability for violation of privacy laws.

The Act extends legal immunity to banks, credit unions, investment advisors, broker-dealers, insurance companies and insurance agencies for reporting suspected exploitation or fraud, provided that they have established controls and procedures that will help employees and advisors identify and report suspected abuses, and provided further that they make the report in good faith and with reasonable care.

The Act has been broadly endorsed by the securities industry and has received bipartisan support.  Says FSI (Financial Services Institute) President and CEO, Dale Brown, “We applaud the House for taking a significant step toward the prevention of elder financial abuse by passing the Senior Safe Act… Financial advisors and financial firms are often the first to detect possible financial abuse, so it is critical that they have proper training to identify potential abuse as well as the ability to report it without fear of violating privacy laws.”

President Trump is expected to sign the Act into law as he tweeted that he would do so.

If you have questions or would like more information, please contact Ted Peters at [email protected].

Lessons Learned from the SEC’s Order in the Yahoo! Data Breach Enforcement Action

Posted on: May 22nd, 2018

By: Jennifer Lee

On April 24, 2018, the SEC issued an order in the enforcement action against Altaba Inc., formerly Yahoo! Inc., and imposed a $35 million fine relating to the 2014 data breach which affected more than 500 million Yahoo! user accounts.

SEC’s Findings

The SEC found that Yahoo! violated federal securities laws by failing to disclose the 2014 data breach for almost two years. The SEC focused on the fact that despite its knowledge of the data breach, Yahoo!’s annual and quarterly reports made no mention of the data breach as a risk factor. Instead, the reports represented that the company only faced the risk of potential future data breaches that may expose its users’ personally identifiable information which may lead to litigation, loss of revenue, and damage to its reputation.

In addition, Yahoo! management’s analysis of the company’s financial condition also omitted changes to revenue that were expected to result from the public disclosure of the 2014 data breach.

Lastly, the stock purchase agreement between Yahoo! and Verizon entered into on July 23, 2016 and filed with the SEC on July 25, 2016 was misleading because it contained affirmative representations denying the existence of any significant data breaches.

The data breach was not disclosed until September 2016 in a press release filed as an attachment to a Form 8-K. After the public announcement of the data breach, Yahoo!’s stock price decrease by 3%, resulting in a $1.3 billion drop in its market cap.

Lessons Learned

Disclosures regarding cybersecurity risk factors that discuss potential incidents are misleading if they do not discuss known incidents that have already occurred. The SEC found that the omission of the 2014 data breach in the risk factor disclosures were misleading because it suggested that a significant data breach had not yet occurred, which in turn implied that any negative effects that may result from future breaches are merely speculative.

Companies should perform regular assessments of cybersecurity threats and their likely impact on the business to determine whether such issues should be disclosed as a risk factor. Regulation S-K item 303 requires companies to include trends or uncertainties reasonably likely to have a material impact on their business. Item 503(c) requires companies to disclose the most significant risk factors that make the company speculative or risky. Because cybersecurity incidents have the potential to and often do, in fact, lead to a significant depreciation in a company’s stock price and market cap, failing to perform regular assessments of cybersecurity threats and their likely impact on the business will inevitably lead companies to run afoul of Regulation S-K.

Be mindful of other state, federal, and international regulations that govern disclosure of data breaches and other cybersecurity incidents. Currently, data breach notification obligations in the United States consist of a patchwork of individual state statutes. In addition, the EU’s General Data Protection Regulation, which takes effect on May 25, 2018, contains a whole new set of rules regarding the disclosure of data breaches and other cybersecurity incidents. Companies that operate on a national or international level must be aware of their disclosure obligations under these regulatory structures and how they may affect companies’ disclosure obligations under federal securities laws.

If you have any questions or would like more information, please contact Jennifer Lee at [email protected].

 

DOL Fiduciary Rule Suffers a Slow Death

Posted on: May 15th, 2018

By: Ted Peters

In 2016, the U.S. Department of Labor (“DOL”) promulgated a set of rules and regulations now infamously referred to as the “Fiduciary Rule.”  After multiple criticism and legal challenges, the Fifth Circuit Court of Appeal struck down the Fiduciary Rule effective May 7, 2018.  Surprising many, the DOL elected not to challenge the Fifth Circuit ruling.  Even more surprising, however, was the bulletin issued by the DOL on the effective date of the court’s order.

The court’s ruling, which was not opposed by the DOL, left many unanswered questions.  Enter the DOL’s field bulletin.  Rather than admitting the total defeat of the Fiduciary Rule, however, the DOL seeks to maintain the status quo.  Specifically, the DOL announced that pending further guidance, advisors will not be penalized for either complying with the Fiduciary Rule, or ignoring it in favor of pre-existing standards.  Unfortunately, this announcement leaves the single most important question unanswered – what is the standard to which advisors will be held?  With the U.S. Securities and Exchange Commission working on its own set of rules, and the wait-and-see approach embraced by the DOL notwithstanding, only time will tell.

If you have questions or would like more information, please contact Ted Peters at [email protected].

FINRA Increases Penalties For Brokers’ Bad Behavior

Posted on: May 8th, 2018

By:  Ted Peters

In further response to mounting pressure for securities regulators to exert greater control over problem brokers, the Financial Industry Regulatory Authority (“FINRA”) released Regulatory Notice 18-17 on May 2, 2018.  FINRA has long maintained a “rulebook” of sorts to guide adjudicators in disciplinary proceedings when addressing the propriety and scope of sanctions that might issue.  Akin to sentencing guidelines, the Sanction Guidelines “provide both general principles that apply to the overall process of determining sanctions for every case and specific recommendations of a range of sanctions for particular rule violations.”

The stated goal of the guidelines  is “to assist FINRA’s adjudicators in determining the appropriate sanctions in disciplinary proceedings and to provide consistency in the imposition of sanctions.”  Such sanctions can include fines, suspensions or industry bars.

This most recent Notice trumpets FINRA’s revisions to the guidelines to instruct adjudicators “to consider customer-initiated arbitrations that result in adverse arbitration awards or settlements when assessing sanctions.”  More specifically, FINRA adjudicators are now expressly instructed to consider imposing more serious sanctions when there is a discernible “pattern” considering a respondent’s disciplinary history, and history or arbitration awards.

“By enabling adjudicators to consider arbitration settlements and adverse arbitration awards, in addition to the traditionally considered final disciplinary actions, the Sanction Guidelines will allow adjudicators to take such settlements and awards into account in appropriate cases when determining whether a pattern of harm to investors or market integrity, or disregard of regulatory requirements exists.”

The Sanction Guidelines apply only to enforcement actions, not FINRA arbitrations.  The revisions go into effect on June 1, 2018.

If you have questions or would like more information, please contact Ted Peters at [email protected]mglaw.com.