CLOSE X
RSS Feed LinkedIn Instagram Twitter Facebook
Search:
FMG Law Blog Line

Posts Tagged ‘SEC’

SEC Issues Risk Alert Regarding Broker-Dealers and Investment Advisers’ Privacy Practices and Compliance with Regulation S-P

Posted on: April 22nd, 2019

By: Jennifer Lee

On April 16, 2019, the U.S. Securities and Exchange Commission (“SEC”) issued a Risk Alert summarizing the findings from the examinations of broker-dealers and investment advisers’ privacy practices and compliance with Regulation S-P.

Regulation S-P, 17 C.F.R. § 248.30, was enacted to protect the privacy of customers and their information. It has three major components:

  1. Firms are required to provide their customers with a copy of their privacy policies and procedures at the initial outset of the relationship and also on an annual basis.
  2. Firms are prohibited from sharing customers’ nonpublic information with unaffiliated third parties unless the customer is given prior notice regarding such practices.
  3. Firms must inform customers that they have a right to opt-out of the firm’s data sharing practices with unaffiliated third-parties and provide a method in which customers can opt-out.

During the examinations, which spanned over the course of the past two years, the Office of Compliance Inspections and Examinations (“OCIE”) found common deficiencies in firms’ compliance with Regulation S-P. The OCIE found that some firms did not provide customers with the initial and/or annual privacy policies and procedures. In other instances, the privacy policies and procedures were inadequate to satisfy the requirements under Regulation S-P. For example, the policies and procedures failed to identify the precautions taken to ensure the integrity of customers’ information.

Even when firms gave the required notices and had satisfactory written policies and procedures on the books, the OCIE often found that such policies and procedures were not actually being implemented and firms’ practices diverged from the written policies and procedures. Customers’ personally identifiable information (“PII”) were sent via unencrypted emails and left in unsecured physical locations, firm employees had customer information on unsecured personal devices, and outside vendors were not vetted on their cybersecurity and privacy practices.

These findings are unsurprising because often when a new set of privacy or cybersecurity regulations is introduced, companies will invest an incredible amount of time and resources to develop policies and procedures that comply with the new requirements. Usually, most of this work is done by the COO or Chief Information Security Officer (“CISO”). However, it does not and cannot stop there as most enforcement actions and customer actions are brought based on the firm’s failure to implement its policies and procedures.

To reduce the risk of enforcement and customer actions, firms must ensure that the policies and procedures in its books are put into practice. This requires buy-in from everyone at the executive level—from the CEO to the CMO—and cooperation from multiple departments in the firm that may not necessarily work closely with each other on a regular basis. In addition, firms should shift their perspective on compliance with Regulation S-P and other privacy or cybersecurity regulation. It is not a one-off event. Instead, it should be seen as an active and on-going process that requires constant training and monitoring.

If you have any questions regarding your firm’s compliance with Regulation S-P or other privacy and cybersecurity regulations, please contact Jennifer Lee at [email protected].

SEC Holds Public Forum as Part of Increasing Efforts to Regulate Digital Assets, Cryptocurrency Exchanges, and ICOs

Posted on: March 28th, 2019

By: Jennifer Lee

The Securities and Exchange Commission will be hosting a public forum on distributed ledger technology and digital assets in Washington DC on May 31, 2019. This is a part of the SEC’s increasing efforts to regulate cryptocurrency exchanges and initial coin offerings (ICOs) that have been proliferating unchecked until very recently.

Since digital assets are still an emerging concept, regulators, such as the SEC and the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Department of Treasury, have been struggling to figure out how the existing regulatory framework applies to cryptocurrencies, exchanges, and ICOs. However, as established financial institutions, such as Fidelity, begin to enter the digital asset space, the SEC has ramped up its efforts to ensure that companies are aware of and are in compliance with all applicable laws and regulations. Depending on the nature of the services provided, companies may be subject to the Securities Exchange Act of 1934, Bank Secrecy Act, and states’ money transmitter licensing statutes.

The push for more oversight over cryptocurrencies comes at the heels of high-profile scandals involving cryptocurrency exchanges and ICOs that left consumers and investors alike with nothing but questions after losing their fiat and digital currencies.

The very first incident involved Mt. Gox, a bitcoin exchange based in Tokyo, Japan that operated between 2010 and 2014. Cryptocurrency exchanges allow its users to exchange fiat currency (e.g., U.S. Dollars) into cryptocurrency and provide digital wallets for users to store their cryptocurrency. At its heyday, it was handling over 70% of all bitcoin transactions worldwide. However, it ran into a host of problems in 2013 continuing on to 2014 until it stopped operations and filed for bankruptcy. During the litigation that ensued, it was revealed that Mt. Gox somehow lost approximately 750,000 of its customers’ bitcoins, valued at around $473 million at that time.

More recently, in February 2019, the cryptocurrency exchange QuadrigaCX announced that it was missing approximately $145 million in digital assets. Its executives, consumers, and law enforcement are in a frenzy to determine what happened to the missing digital assets as the only person who had access was QuadrigaCX’s founder Gerry Cotten, who had passed away the month prior.

These incidents are not limited to cryptocurrency exchanges, especially as ICOs have become more popular in recent years. ICOs are similar to IPOs in the sense that investors can buy a stake in a particular cryptocurrency (referred to as a token), but unlike IPOs, a token’s value is not tied to the value or performance of an underlying company. In November 2018, the SEC settled charges against professional boxer Floyd Mayweather Jr. and singer/producer DJ Khaled for failing to disclose payments they received for promoting investments in ICOs. This suggests that despite the decentralized nature of cryptocurrencies and ICOs, the SEC has assumed jurisdiction over the space and its players.

Accordingly, broker-dealers and investment advisory firms looking to get involved in the digital asset space, including operating cryptocurrency exchanges, providing trading platforms for cryptocurrencies, or facilitating ICOs, must ensure that they are in compliance with all existing laws and regulations that govern traditional financial transactions and investments.

For more information or to inquire about the firm’s services related to digital currencies, please contact Jennifer Lee at [email protected].

Latest FINRA Rules to Regulate Expungement Actions

Posted on: February 19th, 2019

By: Margot Parker

FINRA recently announced its approval of enhanced training and guidance for arbitrators hearing expungement requests, an issue under increasing scrutiny as over 90% of such actions are currently granted. The proposal is now under review by the SEC and represents a step toward making it more difficult for brokers to have customer complaints expunged from their public records. The proposed rules also include a ban on compensated non-attorney representatives (NARs) from representing clients in FINRA arbitrations, as part of another step to strengthen the arbitration process.

While a ban on NARs has been widely supported, critics of the expungement process believe more should be done to take the burden away from customers to fight expungement actions. FINRA states that it shares these concerns. To reduce the high volume of expungements in the past, it codified a rule stating: “expungement is an extraordinary remedy that should be recommended only under appropriate circumstances.” With these recent steps, we may continue to see changes in the regulation of FINRA expungement actions in the near future.

If you have any questions or would like more information, please contact Margot Parker at (310) 937-2066 or [email protected].

Women On Board

Posted on: October 16th, 2018

By: Rebecca Smith

Nearly one-quarter of California-headquartered publicly held domestic or foreign corporations have no female directors.  No later than the close of the 2019 calendar year, those companies will need to add at least one.  Senate Bill 826 (SB 826) signed by Governor Brown on September 30, 2018 has mandated this change.  And, if the board of directors of a corporation is larger than four board members, the required number of women on the board increases.  If the number of directors is six or more, the corporation must have a minimum of three directors, if the number of directors is five, the corporation shall have a minimum of two directors.  Corporations will be allowed until the close of the 2021 calendar year to add the additional female directors beyond one.

There is a strong likelihood that this new law will be challenged in the courts.  The first argument being made is that the law will displace an existing member of the board of directors solely on the basis of gender.  The new law has attempted to address this by indicating:  “A corporation may increase the number of directors on its board to comply with this section.”  The argument being made is that the law focuses too narrowly on gender instead of other aspects of diversity, including race and sexual orientation.  The government may have to prove not only that there is disparity in board representation among men and women, but also that such a divide is a sufficient reason to create a special law for women.

The other issue in the forefront is to which companies the law will apply.  While the statute provides that the companies will be determined by the location of the principal executive offices according to the corporation’s SEC 10-K form, challenges are being made that the law should not apply to businesses headquartered in California, but incorporated elsewhere.  The new Section 2115.5 of the Corporations Code has attempted to address this issue by indicating that the new requirements shall apply to a foreign corporation that is a publicly held corporation to the exclusion of the law of the jurisdiction in which the foreign corporation is incorporated.  That being said, the “internal affairs doctrine” may provide a basis for the challenge.  The internal affairs doctrine, a choice of law rule in corporation law, provides that the internal affairs of a corporation will be governed by the corporate statutes and case law of the state in which the corporation is incorporated.

So what happens if a company does not comply:  A fine of $100,000 for a first violation, and a fine of $300,000 for a second or subsequent violation.  For purposes of imposing the fine, each director seat required by the section to be held by a female, which is not held by a female during at least a portion of the calendar year is considered a violation.  For the time being, California companies with their principal executive offices in California should start to think about how to comply with the law by the end of 2019 and stay tuned for any changes.

If you have any questions or would like more information, please contact Rebecca Smith at [email protected].

Is the SEC Mortal After All?

Posted on: August 27th, 2018

By:Ted Peters

The Securities and Exchange Commission, created through the Securities Exchange Act of 1934, is without a doubt one of the most powerful regulatory agencies in the free world.  According to its website, the SEC’s mission is “to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation.” Since its inception, the Commission has wielded great power, and in many instances has pushed the envelope to expand that power. But, as reflected in a handful of recent landmark cases, courts around the country and even this nation’s highest court have pushed back making clear that the Commission’s authority is not unlimited.

The SEC initiates enforcement actions in federal court when it determines that a violation of securities law has occurred. Like any other plaintiff, the SEC is subject to statutes of limitation.  The statute governing enforcement actions is five (5) years.  28 U.S.C. § 2462.  Section 2462 provides that, “an action, suit or proceeding for the enforcement of any civil fine, penalty, or forfeiture, pecuniary or otherwise, shall not be entertained unless commenced within five years from the date when the claim first accrued.”

Historically, the Commission has acted with the belief that Section 2462 applied only to the specific enforcement actions enumerated therein.  The SEC’s own enforcement manual provides that “certain claims are not subject to the five-year statue of limitations under Section 2462, including claims for injunctive relief.” (See § 3.1.2 (Nov. 28, 2017)).

In Kokesh v. SEC, 137 S. Ct. 1635 (2017), the United States Supreme Court ruled that Section 2462 extends to disgorgement claims.  Prior to Kokesh, the Commission had taken the position that disgorgement claims could reach back indefinitely.  Writing for a unanimous Court, Justice Sotomayor stated that “[d]isgorgement in the securities-enforcement context is a ‘penalty’ within the meaning of § 2462.”  The Court explained that disgorgement operates as a sanction because it redressed a wrong to the public, as opposed to an individual.  The Court rejected the SEC’s argument that disgorgement is remedial, finding instead that it was punitive because it “does not simply restore the status quo,” and often “leaves the defendant worse off.”

Prior to the Court’s decision in Kokesh, the SEC initiated an enforcement action in SEC v. Cohen, 2018 U.S. Dist. LEXIS 121164 E.D.N.Y. (Jul. 12, 2018), in the United States District Court for the Eastern District of New York.  In that action, the Commission asserted that between 2007-2012, the defendants participated in a scheme that involved making improper payments to government officials in a number of African countries.  As typical, the Commission sought recovery of monetary penalties, disgorgement and injunctive (follow-the-law) relief.  While the action was pending, Kokesh was decided.  Following Kokesh, the Cohen court held that Section 2462 also extended to actions for injunctive relief.  Finding that the SEC’s demand for injunctive relief would operate, at least in part, as a penalty, the court concluded that the claims were time-barred.

But not every court addressing injunctive relief has reached the same result.  In SEC v. Collyard, 861 F.3d 760 (8th Cir. 2017), a case decided after Kokesh, the Eighth Circuit, acknowledging a split of authority over whether an injunction can be a “penalty” for purposes of Section 2462, concluded that the at-issue injunction entered by the district court was not a penalty and, therefore, not subject to Section 2462.  That injunction enjoined the defendant from violating Securities Exchange Act § 15(a) and the district court concluded that the defendant was “reasonably likely to violate Section 15(a) again unless enjoined.”  Upholding that determination, the Eighth Circuit remarked that “[n]ot every injunction that specifically deters an individual is imposed to punish.”

After Kokesh, it is clear that SEC disgorgement actions fall within the limitations of Section 2462.  As for injunctive relief, district courts around the country remain split.  Given the importance of the SEC’s ability to seek injunctive relief, it is likely that the Supreme Court may be called upon to settle the split, perhaps through a possible certiorari of Cohen. Regardless, these recent decisions undeniably provide defendants with more leverage when facing the SEC.

If you have questions or would like more information, please contact Ted Peters  at [email protected].