Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • CFTC awards $500,000 to whistleblowers

    Securities

    On March 10, the CFTC announced awards totaling approximately $500,000 to two whistleblowers who “separately provided significant information and substantial assistance” that led to a successful Commodity Exchange Act enforcement action. The associated order noted that the claimants voluntarily provided original information, which began an underlying investigation and “significantly contributed to the success” of the enforcement action.

    The CFTC has awarded approximately $300 million to whistleblowers since the enactment of its Whistleblower Program under Dodd-Frank, and whistleblower information has led to nearly $3 billion in monetary relief.

    Securities Enforcement CFTC Commodity Exchange Act Whistleblower

    Share page with AddThis
  • SEC proposes amendments to cybersecurity risk management

    Securities

    On March 9, the SEC announced proposed amendments to its standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The proposed amendments would require, among other things, “current reporting about material cybersecurity incidents and periodic reporting to provide updates about previously reported cybersecurity incidents.” Specifically, firms would be required to describe their policies and procedures for the identification and management of cyber risks, provide information about the board’s oversight of and management’s role in cybersecurity risk, and disclose if a member of the board has expertise in cybersecurity. According to the SEC, “[t]he proposed amendments are intended to better inform investors about a registrant's risk management, strategy, and governance and to provide timely notification to investors of material cybersecurity incidents.” Comments are due 60 days after publication in the Federal Register.

    The same day, the SEC published a fact sheet clarifying, among other things, how the amendments are applied and what is required. SEC Chair Gary Gensler issued a statement stating he was “pleased to support this proposal because, if adopted, it would strengthen investors’ ability to evaluate public companies’ cybersecurity practices and incident reporting.” According to a dissenting statement issued by SEC Commissioner Hester M. Peirce, the proposed amendments “flirt[] with casting us as the nation’s cybersecurity command center, a role Congress did not give us,” and argued that the “precise disclosure requirements look more like a list of expectations about what issuers’ cybersecurity programs should look like and how they should operate.”

    Securities SEC Agency Rule-Making & Guidance Privacy/Cyber Risk & Data Security Disclosures Data Breach

    Share page with AddThis
  • SEC awards $3.5 million to whistleblower

    Securities

    On March 8, the SEC announced that it awarded a whistleblower over $3.5 million for providing “critical” information that led to two successful SEC enforcement actions. According to the redacted order, the whistleblower provided information that prompted SEC staff to further investigate certain potential securities violations, which saved time and resources and helped advance settlement discussions. The SEC has awarded approximately $1.2 billion to 248 individuals since issuing its first whistleblower award in 2012.

    Securities Whistleblower Enforcement SEC

    Share page with AddThis
  • CFTC orders unregistered respondents to pay $2.6 million for fraudulent solicitations

    Securities

    On February 23, the CFTC announced a $2.6 million settlement with a North Carolina-based company and its president for allegedly acting as unregistered commodity trading advisors and commodity pool operators, and for advertising without making required disclosures. Among other things, the respondents allegedly engaged in binary options solicitation and trading fraud through the operation of two webpages and related social media channels. According to the CFTC, the respondents made numerous false statements to solicit business, which claimed that traders could choose from the company owner’s winning strategies to earn significant profits. However, the CFTC stated that the owner was not actually a successful trader and had an overall losing trading record. Additionally, the respondents distributed client testimonials and training videos without providing disclosures required under CFTC regulations. As a result, ten participants lost roughly $410,000 in a managed account trading pool, while approximately 1,600 customers lost at least $945,000 through fraudulent solicitations for binary options signals, trainings, and strategy course offerings. While the respondents did not admit or deny any of the allegations, they agreed to pay $409,965 in restitution, $896,673 in disgorgement, and a $1,306,638 civil monetary penalty. Additionally, the respondents must cease and desist from any further violations of the Commodity Exchange Act or CFTC regulations. The order also permanently bans the respondents from trading on, or trading subject to, the rules of any CFTC-registered entity, and from engaging in any activities requiring CFTC registration. Respondents are also prohibited from, directly or indirectly, entering into any transactions involving commodity interests.

    Securities CFTC Enforcement Commodity Exchange Act Settlement

    Share page with AddThis
  • SEC, states reach $100 million settlement over crypto lending product

    Securities

    On February 14, the SEC and state regulators reached a $100 million settlement with a New Jersey-based financial services company in parallel actions to resolve allegations that the company failed to register the offers and sales of its retail credit lending product—marking the SEC’s “first-of-its-kind action” taken with respect to crypto lending platforms. According to the SEC, the company offered a product whereby retail investors lent crypto assets to the company “in exchange for the company’s promise to provide a variable monthly interest payment.” Among other things, the SEC found that because the company’s product are securities under applicable law, the company was required to register its offers and sales of the product or qualify for an exemption—both of which the company failed to do. The company also allegedly violated the Securities Act by making misleading statements on its website concerning its collateral practices and the level of risk in its loan portfolio and lending activity. Additionally, the company allegedly violated the Investment Company Act by engaging in interstate commerce while failing to register as an investment company with the SEC. While the company neither admitted nor denied the findings, it agreed to pay $50 million to the SEC and another $50 million to 32 states to settle similar charges. The company also agreed to cease engaging in unregistered offers and sales of its product, and will stop offering or selling its product in the U.S. Additionally, the company’s parent company stated its intention to register the offer and sale of a new lending product under the Securities Act.

    Securities Digital Assets Enforcement Cryptocurrency Settlement State Issues State Regulators Investment Company Act Securities Act Fintech

    Share page with AddThis
  • SEC amends whistleblower program rules

    Securities

    On February 10, the SEC announced two amendments to the rules regarding its whistleblower program. According to the SEC, the first proposed amendment concerns award claims for related actions that would be otherwise covered by an alternative whistleblower program. The amendment would allow the Commission to pay whistleblower awards for certain actions brought by other entities, including designated federal agencies, in cases where those awards might otherwise be paid under the other entity's whistleblower program. The second amendment would affirm the Commission's authority under Rule 21F-6 to consider the dollar amount of a potential award for the limited purpose of increasing the award amount, and would eliminate the Commission’s authority to consider the dollar amount of a potential award for the purpose of decreasing an award. Comments are due 60 days after publication of the proposing release on the SEC’s website or 30 days after publication in the Federal Register.

    Securities Whistleblower Agency Rule-Making & Guidance SEC

    Share page with AddThis
  • SEC to update beneficial ownership reporting requirements

    Securities

    On February 10, the SEC proposed amendments to its rules governing beneficial ownership reporting under Exchange Act Sections 13(d) and 13(g) in order to “improve transparency and provide more timely information for shareholders and the market.” (See also SEC fact sheet here.) Among other things, the proposed rule would (i) accelerate the filing deadlines for Schedules 13D and 13G beneficial ownership reports from 10 days to five days (amendments would be required to be filed within one business day); (ii) expand the application of Regulations 13D and 13G to certain derivative securities; (iii) clarify the circumstances in which two or more persons have formed a “group” that would be subject to beneficial ownership reporting obligations; (iv) allow for new exemptions “to permit certain persons to communicate and consult with one another, jointly engage issuers, and execute certain transactions without being subject to regulation as a ‘group’”; and (v) require Schedules 13D and 13G filings to be done through a “structured, machine-readable data language.” Comments are due 30 days after publication in the Federal Register, or April 11, whichever is later. SEC Chair Gary Gensler issued a statement supporting the proposed amendments, which “would reduce information asymmetries and promote transparency, thereby lowering risk and illiquidity,” citing the “rapidity of current markets and technologies” as justification for updating the decades-old rules. However, SEC Commissioner Hester M. Peirce dissented, arguing that the proposed amendments fail to fully contend “with the realities of today’s markets or the balance embodied in Section 13(d) of the Exchange Act.” She further challenged the justification of technological advancements as a reason to shorten the 10-day reporting window to five days.

    Securities Agency Rule-Making & Guidance Beneficial Ownership SEC Securities Exchange Act

    Share page with AddThis
  • SEC proposes cybersecurity risk management rules and amendments

    Securities

    On February 9, a divided SEC voted to release proposed cybersecurity risk management rules and amendments to certain requirements for registered investment advisers and funds. (See SEC fact sheet here.) Commissioner Hester Peirce voted against the proposal, stressing that because “an adviser’s or fund’s system has been successfully breached should not lead us to the immediate conclusion that that adviser or fund was lax in its efforts to protect client data and funds.” She added that “[a]bsent circumstances that suggest deliberate or reckless disregard of known vulnerabilities by the firm, we should resist the temptation to pile on with an enforcement action after a breach.”

    Under the proposed rules, advisers and funds would be required to adopt and implement written policies and procedures reasonably designed to address cybersecurity risks that could harm advisory clients and fund investors. Advisers would also be required to file a confidential report for a significant cybersecurity incident to the SEC on a new form. Additionally, advisers and funds must also publicly disclose cybersecurity risks and significant cybersecurity incidents that occurred in the last two fiscal years “that have significantly disrupted or degraded the adviser’s ability to maintain critical operations, or that have led to the unauthorized access or use of adviser information, resulting in substantial harm to the adviser or its clients in their brochures and registration statements.” Advisers and funds would be required to comply with new cybersecurity-related recordkeeping requirements to assist SEC inspection and enforcement capabilities. Comments on the proposal are due 60 days following publication on the SEC’s website or 30 days after publication in the Federal Register, whichever period is longer.

    Securities Privacy/Cyber Risk & Data Security SEC Agency Rule-Making & Guidance Risk Management Disclosures

    Share page with AddThis
  • Judgments reached in SEC’s first crowdfunding regulation enforcement action

    Securities

    On January 28, the U.S. District Court for the Eastern District of Michigan issued judgments (see here and here) against a real estate company and its CEO in the SEC’s first crowdfunding regulation enforcement action. As previously covered by InfoBytes, the SEC filed a complaint last September alleging that several entities and related individuals participated in a fraudulent scheme to sell nearly $2 million of unregistered securities through two crowdfunding offerings. The complaint alleged that two of the entities issued securities without registering with the SEC, while their principals diverted investor funds for personal use rather than using the funds for the disclosed purposes. Without admitting or denying the SEC’s allegations, the real estate company and the CEO consented to be permanently enjoined from violating certain securities laws. The CEO also agreed to a prohibition on “acting as an officer or director of any issuer that has a class of securities registered pursuant to Section 12 of the Exchange Act [15 U.S.C. § 78l] or that is required to file reports pursuant to Section 15(d) of the Exchange Act [15 U.S.C. § 78o(d)].” The judgments decreed that, upon motion of the SEC, the court will decide whether disgorgement and/or civil money penalties are appropriate.

    Securities Enforcement SEC Crowdfunding Courts Securities Act Securities Exchange Act

    Share page with AddThis
  • SEC: Taking remedial actions may help companies avoid penalties

    Securities

    On January 28, the SEC announced a settlement subject to court approval with a private technology company to resolve allegations that the company, through its former CEO, falsely inflated key financial metrics and doctored internal sales records. The complaint, which alleged violations of the antifraud provisions of the Securities Act of 1933 and the Securities Exchange Act of 1934, claimed that the CEO significantly inflated the value of numerous customer deals, and then masked the inflation by creating fake invoices and altering real invoices to make it seem as if customers had been billed higher amounts. The company’s board of directors conducted an internal investigation, which led to the removal of the CEO, a revised company valuation, and remedial efforts including repaying investors. The company also hired new senior management, expanded its board, and implemented processes and procedures to ensure transparency and accuracy of deal reporting and associated revenues. While the company neither admitted nor denied the allegations, it agreed to be permanently enjoined from violations of the antifraud provisions. The SEC highlighted that the lack of a penalty in the settlement is significant, and demonstrates the Commission’s position that a company may receive credit if it makes significant remedial efforts in the wake of an internal investigation. “For companies wondering what types of remedial actions and cooperation might be credited by the Commission after a company uncovers fraud, this case offers an excellent example,” stated Gurbir S. Grewal, Director of the SEC’s Division of Enforcement. “[The company’s] remediation and cooperation included not just its internal investigation and revised valuation, but also repaying harmed investors and improving its governance—all of which were factors that counseled against the imposition of a penalty in this case.” 

    Securities Enforcement SEC Settlement Fraud Securities Act Securities Exchange Act

    Share page with AddThis

Pages