Skip to main content
Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Agencies issue NPRM on incentive-based compensation

    Agency Rule-Making & Guidance

    On May 6, the FDIC, OCC, NCUA and the FHFA issued a NPRM (proposed rule) on incentive-based compensation, pursuant to Dodd-Frank’s Section 956 (Section 956), which required federal regulators to prescribe regulations or guidelines regarding incentive-based compensation at covered financial institutions. Regulators first proposed a rule to implement Section 956 in 2011, and again in 2016. Now, regulators are reproposing the 2016 version without change, albeit with certain alternatives. The current proposal, however, will be published without involvement from the Fed or SEC.

    Section 956 defined “covered financial institutions” as institutions with at least $1 billion in assets and include the following: depository institutions or depository institution holding companies, registered broker-dealers, credit unions, investment advisers, Fannie Mae, and Freddie Mac (or any other financial institution that federal regulators determined should be treated as a covered financial institution). Dodd-Frank required regulators to prohibit incentive-based compensation arrangements that encouraged “inappropriate risks.” The proposed rule included prohibitions intended to make these compensation arrangements more sensitive to risk, such as a ban on incentive-based compensation arrangements that do not include risk adjustment of awards, deferral of payments, or forfeiture and clawback provisions. In addition, the proposed rule set forth recordkeeping and disclosure requirements to help federal regulators monitor potential issues.

    The agencies will review both new comments and those received in 2016 for the prior proposed rule. The agencies invited those who previously submitted comments and resubmit their comments to explain how their viewpoint may have changed from their prior comments. The agencies also requested comments on the compliance date and disclosures, like the recordkeeping and clawback requirements. Comments will be due no later than 60 days following publication in the Federal Register.

    Agency Rule-Making & Guidance Bank Regulatory OCC FDIC FHFA Dodd-Frank SEC Federal Reserve

  • House passes resolution to nullify SEC’s rule on crypto accounting guidance


    On May 8, the U.S. House of Representatives passed H. J. Res. 109, the first step in an attempt to nullify the SEC’s Staff Accounting Bulletin No. 121 (SAB 121) under the Congressional Review Act. SAB 121 describes how the SEC expects entities to account for and disclose their custodial obligations to “safeguard crypto-assets held for their platform users,” and has been in effect since April 11, 2022. As previously covered by InfoBytes, in October 2023, the GAO found SAB 121 was a rule, not guidance, making SAB 121 subject to the Congressional Review Act.

    Securities Accounting SEC Congress Agency Rule-Making & Guidance Congressional Review Act

  • SEC, DFPI charge unregistered crypto platform


    On February 7, the SEC and DFPI announced charges against a Florida-based crypto platform, for failing to register the offer and sale of a crypto lending product that allowed U.S. investors to deposit or purchase crypto assets into an account in exchange for promised interest payments.  

    The SEC found that crypto asset accounts with the “interest feature” were offered and sold by the company as securities in the form of investment contracts but failed to register its offer and sale as required by law. Despite voluntarily halting the offering of the interest feature in 2022, the company agreed to pay a $1.5 million penalty to settle the SEC's charges. The SEC also noted that the company announced its intention to terminate all crypto-related products and services in the U.S. on February 22.   

    In addition, DFPI also entered a consent order with the platform to settle an investigation into the platform’s interest-earning program. The resolution is part of a multistate settlement facilitated by a task force led by California and Washington, comprising of eight state securities regulators. The investigation found that from 2020 through 2022, the platform engaged in the unregistered offer and sale of securities through its crypto interest-earning program. The platform offered the program to investors, allowing them to passively earn interest on crypto assets loaned to the platform. The platform maintained “total discretion” over revenue-generating activities to generate returns for investors, DFPI added. As part of the settlement with DFPI, the company agreed to pay a $1.5 million penalty to the DFPI on behalf of 51 U.S. jurisdictions, mirroring a similar settlement with the SEC for the same amount. 

    Securities DFPI SEC Registration Securities Exchange Commission Consent Order Digital Assets

  • SEC charges alleged hedge fund with defrauding $1.2 million from investors

    Financial Crimes

    On February 2, the SEC issued a complaint which charged a company for allegedly raising $1.2 million from 15 investors through an offer and sale of fraudulent securities for a hedge fund. The company raised this money from 2017-2018 and offered securities that would be used to form a hedge fund and invest in crypto-assets using “specific” investment strategies. (The company ostensibly managed the hedge fund, but the hedge fund never appeared to be created.) 

    The company made several misrepresentations which the SEC claimed violated Section 17(a) of the Securities Act of 1933 and Section 10(b) and Rule 10b-5 of the Securities Exchange Act of 1934. These alleged misrepresentations included the founder’s background and education, the demand for and size of the proposed hedge fund, and the investment scheme to grow a return for investors. The investors were given an investor pitch deck that put forth the hedge fund’s terms, investment strategy, and management team. Then, the investors gave a minimum investment of $1 million; however, the hedge fund investors were offered the opportunity to invest for less than $1 million through a separate entity.  

    Through this, the SEC alleged that the company violated the federal securities law and put forth two claims for relief. The SEC permanently enjoins the company from issuing, buying, offering, or selling any security, including crypto-assets. No civil monetary judgment has been offered. 

    Financial Crimes SEC Securities Cryptocurrency Enforcement

  • OCC publishes bank guidance on shortening the standard settlement cycle following SEC final rule

    On January 17, the OCC issued its OCC Bulletin 2024-3 which highlighted the actions banks should take to prepare for the upcoming changes to the standard settlement cycle. These new changes are designed to “reduce the credit, market, and liquidity risks” in securities transactions. According to the OCC Bulletin, these banking rules follow the SEC’s final rule that shortened the standard settlement cycle from the second business day after the trade (T+2) to the first business day after the trade (T+1). As previously covered in InfoBytes, the settlement cycle was last shortened from (T+3) days to (T+2) days in 2018. The OCC encouraged banks to prepare for the T+1 change since it will affect many banking activities; accordingly, the OCC listed many factors that a bank’s management should consider when identifying systems and changes to enhance.

    This Bulletin replaces and rescinds OCC Bulletin 2017-22 and OCC Bulletin 2018-05, both related to the shortening of the settlement cycle. The rules will go into effect on May 28, 2024, and the OCC expects banks to be prepared by then.

    Bank Regulatory OCC SEC Broker-Dealer Settlement

  • Supreme Court hears oral argument in case challenging SEC ALJ use


    On November 29, the Supreme Court heard oral argument in the SEC’s request to appeal the 5th Circuit’s decision in Securities and Exchange Commission v. Jarkesy. As previously covered by InfoBytes, the 5th Circuit held that the SEC’s in-house adjudication of a petitioners’ case violated their Seventh Amendment right to a jury trial and relied on unconstitutionally delegated legislative power. At oral argument, Justice Kavanaugh stated in his questioning of Principal Deputy Solicitor General Brian Fletcher (representing the SEC) that given the severity of the potential outcome of cases, the SEC’s decision-making process fully being carried out in-house could be “problematic,” and that it “doesn’t seem like a neutral process.” Meanwhile, Fletcher mentioned that the boundaries and “outer edges” of the public rights doctrine can be “fuzzy.” Justices’ questions also centered around Atlas Roofing v. Occupational Safety and Health Review Commission—a Supreme Court case that held that “Congress does not violate the Seventh Amendment when it authorizes an agency to impose civil penalties in administrative proceedings to enforce a federal statute.”

    Courts Appellate U.S. Supreme Court ALJ Constitution Securities Exchange Act SEC Advisers Act Fifth Circuit Securities Act

  • SEC charges crypto firm for failing to register and mitigate risk factors


    On November 20, the SEC filed a complaint in the U.S. District Court of the Northern District of California against a crypto trading platform, which allows customers to buy and sell crypto assets through an online market, for allegedly acting as an unregistered securities exchange, broker, dealer, and clearing agency. The SEC is also claimed defendant’s business practices, internal controls, and recordkeeping were inadequate and presented additional risks to consumers, that would also be prohibited had defendant been properly registered with the commission. For instance, the SEC cited practices including commingling billions of dollars of consumers’ cash and crypto assets with defendant’s own crypto assets and cash, which defendant’s 2022 independent auditor identified as “a significant risk of loss."

    Director of the SEC’s Division of Enforcement, Gurbir S. Grewal said, “[Defendant’s] choice of unlawful profits over investor protection is one we see far too often in this space, and today we’re both holding [defendant] accountable for its misconduct and sending a message to others to come into compliance.”

    The SEC seeks to (i) permanently enjoin defendant from violating Section 5 and section 17A of the Exchange Act; (ii) permanently enjoin defendant from offering or selling securities through crypto asset staking programs; (iii) disgorge defendant’s allegedly illegal gains and pay prejudgment interest; and (iv) impose a civil money penalty.

    Securities SEC Cryptocurrency Enforcement California Digital Assets Broker

  • SEC and DOJ charge two co-CEOs operating a $100 million fraud scheme

    Federal Issues

    On November 9, the SEC and DOJ charged two co-CEOs of a tech investment firm for allegedly directing a $100 million fraud scheme. The two individuals were the founders of a failed Fresno-based technology company and were charged with “conspiring to commit wire fraud and taking more than $100,000,000 from various businesses and individuals” under U.S.C. § 1349. The two founders allegedly misled investors through falsified documents, bank records, auditing reports, and accounting statements.

    The DOJ alleges that, as recently as January 2022, “[the two individuals lied] to board members, investors, lenders, and others about [the company’s] finances to obtain investments, loans, and other funding… Much of the money went towards paying payroll, including the [co-CEOs’] $600,000 per year salaries.” Authorities discovered the alleged fraud scheme back in May 2023 when the company failed to make payroll and then terminated all its 900 employees. If convicted, the two founders face a maximum statutory penalty of 20 years in prison each and a $250,000 fine.

    Federal Issues California Fintech Fraud SEC DOJ Enforcement

  • SEC announces 2024 examination priorities, excludes ESG


    On October 16, the SEC’s Division of Examinations announced that its 2024 examination priorities will focus on key risk factors related to information security and operational resiliency, crypto assets and emerging financial technology, regulation systems compliance and integrity, and anti-money laundering. SEC registrants, including investment advisers, investment companies, broker dealers, self-regulatory organizations, clearing agencies, and other market participants are reminded of their obligations to address, manage, and mitigate these key risks. Notably, ESG was a “significant focus area[]” in 2022 (covered by InfoBytes here) and 2023, but it is not directly mentioned in the 2024 examination priorities.

    According to the report, examiners plan to increase their engagement to support the evolving market and new regulatory requirements. Regarding information security and operational resiliency, examiners will focus on registrants’ procedures surrounding “internal controls, oversight of third-party vendors (where applicable), governance practices, and responses to cyber-related incidents, including those related to ransomware attacks.” Additionally, regarding crypto assets and emerging fintech, examiners will focus on registrants’ business practices involving compliance practices, risk disclosures, and operational resiliency practices. The SEC also mentioned in the “Crypto Assets and Emerging Financial Technology”  section of the report that it will assess registrant preparations for the recently adopted rule for broker dealer transactions that shortens the standard settlement cycle to one business day (previously two days) after the trade, which has a compliance date of May 28, 2024. Among other things, the SEC will also focus on whether registrants’ regulation systems compliance and integrity are “reasonably designed” to ensure the security of its systems, including physical security of the systems housed in data centers.

    SEC chair Gary Gensler said that the Division of Examinations plays an important role in “protecting investors and facilitating capital formation,” adding that the commission will focus on “enhancing trust” in the changing markets.

    Securities SEC Examination Digital Assets Fintech Compliance Privacy, Cyber Risk & Data Security

  • Software provider settles allegations related to data breach

    Privacy, Cyber Risk & Data Security

    On October 5, a software provider serving nonprofit fundraising entities agreed to pay almost $50 million to settle claims with 49 states and the District of Columbia alleging that the provider maintained insufficient data security measures and inadequately responded to a 2020 data breach. Specifically, the settlement resolved claims that the software provider violated state consumer protection laws, breach-notification laws, and the Health Insurance Portability and Accountability Act (HIPAA).

    According to the allegations, the data breach exposed donor information, including Social Security numbers and financial records, of over 13,000 nonprofit groups and organizations and the provider waited two months before informing these clients of the breach.

    The settlement requires the provider to improve its cybersecurity protections and breach notification procedures.

    Earlier this year, the software provider also settled claims with the SEC for $3 million to address allegations of misleading disclosures relating to the same 2020 data breach.


    Privacy, Cyber Risk & Data Security SEC Data Breach HIPAA Consumer Protection Settlement


Upcoming Events