Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 29, the U.S. District Court for the District of South Florida granted final judgment against a Florida-based payday loan company and an individual (collectively, “defendants”), resolving SEC allegations that the company fraudulently misappropriated funds from investors. According to the complaint, the SEC claimed that the defendants falsely represented to many Venezuelan-American investors that the company would use their funds to finance payday loans through the offer and sale of “safe and secured” promissory notes. However, the complaint noted that “the proceeds [the company] generated from its consumer loan business were woefully insufficient to cover principal and interest payments to investors,” and had been offered in violation of registration and anti-fraud provisions of the Securities Act and Exchange Act. The complaint also noted that the individual allegedly misappropriated $2.9 million for personal use and authorized the transfer of $3.6 million to friends and relatives for no apparent legitimate business purpose. According to the order, the company: (i) is permanently restrained and enjoined from violating sections of the Securities Act and Exchange Act; (ii) must pay $30.3 million in disgorgement; and (iii) must pay $2 million interest on disgorgement and a $7 million civil penalty. The individual is jointly liable for more than $4.6 million in disgorgement.
On June 6, the SEC announced that a Luxembourg-based manufacturer and supplier of steel pipe products agreed to pay over $78 million to settle the SEC’s claims that it violated the anti-bribery, books and records, and internal accounting controls provisions of the FCPA and the Exchange Act. The settlement is the latest in the long-running investigation regarding Brazilian state-owned and controlled energy company Petrobras, and resolves allegations that agents and employees of the company’s Brazilian subsidiary paid approximately $10.4 million in bribes between 2008 and 2013 to obtain over $1 billion in new contracts and to retain existing business from Petrobras. The bribes were allegedly funded on behalf of the company through entities associated with its controlling shareholder and paid to Brazilian government officials in exchange for using their influence to persuade Petrobras to forego an international tender process. The DOJ closed its parallel investigation without charges.
This is the second time the Luxembourg-based company has resolved FCPA charges with U.S. authorities, following 2011 resolutions with both the DOJ and SEC related to a state-owned entity in Uzbekistan. The company had been the first ever to enter into a Deferred Prosecution Agreement with the SEC.
The current resolution involves a $25 million monetary penalty, as well as $42.8 million in disgorgement and over $10 million in prejudgment interest. The company neither admitted nor denied the allegations.
On May 20, the SEC announced charges against the broker-dealer affiliate of a national bank for allegedly failing to file Suspicious Activity Reports (SARs) in a timely manner in violation of the Securities Exchange Act and Rule 17a-8. According to the SEC’s order, the broker-dealer’s internal anti-money laundering (AML) transaction monitoring and alert system allegedly failed to reconcile the different country codes used to monitor foreign wire transfers due to an alleged failure to test a new version of the system. The broker-dealer also allegedly did not timely file SARs related to suspicious transactions in its customers’ brokerage accounts involving the wire transfers to or from foreign countries that it determined to be at a high or moderate risk for money laundering, terrorist financing, or other illegal money movements. Additionally, in April 2017, the broker-dealer allegedly failed to timely file additional SARs due to a failure to appropriately process wire transfer data into its AML transaction monitoring system in certain other situations. In addition to the $7 million penalty, the institution, without admitting or denying the SEC’s findings, agreed to a censure and a cease-and-desist order.
On May 18, the U.S. Court of Appeals for the Fifth Circuit held that the SEC’s in-house adjudication of a petitioners’ case violated their Seventh Amendment right to a jury trial and relied on unconstitutionally delegated legislative power. The appellate court further determined that SEC administrative law judges (ALJs) are unconstitutionally shielded from removal. In a 2-1 decision, the 5th Circuit vacated the SEC’s judgment against a hedge fund manager and his investment company arising from a case, which accused petitioners of fraud under the Securities Act, the Securities Exchange Act, and the Advisers Act in connection with two hedge funds that held roughly $24 million in assets. According to the SEC, the petitioners had, among other things, inflated the funds’ assets to increase the fees they collected from investors. Petitioners sued in federal court, arguing that the SEC’s proceedings “infringed on various constitutional rights,” but the federal courts refused to issue an injunction claiming they lacked jurisdiction and that petitioners had to continue with the agency’s proceedings. While petitioners’ sought review by the SEC, the U.S. Supreme Court issued a decision in Lucia v. SEC, which held that SEC ALJs are “inferior officers” subject to the Appointments Clause of the Constitution (covered by InfoBytes here). Following the decision, the SEC assigned petitioners’ proceeding to an ALJ who was properly appointed, “but petitioners chose to waive their right to a new hearing and continued under their original petition to the Commission.” The SEC eventually affirmed findings of liability against the petitioners, and ordered the petitioners to cease and desist from committing further violations and to pay a $300,000 civil penalty. The investment company was also ordered to pay nearly $685,000 in ill-gotten gains, while the hedge fund manager was barred from various securities industry activities.
In vacating the SEC’s judgment, the appellate court determined that the SEC had deprived petitioners of their right to a jury trial by bringing its action in an “administrative forum” instead of filing suit in federal court. While the SEC challenged “that the legal interests at issue in this case vindicate distinctly public rights” and therefore are “appropriately allowed” to be brought in agency proceedings without a jury, the appellate court countered that the SEC’s enforcement action was “akin to traditional actions at law to which the jury-trial right attaches.” Moreover, the 5th Circuit noted that while “the SEC agrees that Congress has given it exclusive authority and absolute discretion to decide whether to bring securities fraud enforcement actions within the agency instead of in an Article III court[,] Congress has said nothing at all indicating how the SEC should make that call in any given case.” As such, the 5th Circuit opined that this “total absence of guidance is impermissible under the Constitution.”
Additionally, the 5th Circuit raised concerns about the statutory removal restrictions for SEC ALJs who can only be removed for “good cause” by SEC commissioners (who are removable only for good cause by the president). “Simply put, if the President wanted an SEC ALJ to be removed, at least two layers of for-cause protection stand in the President’s way,” the appellate court concluded. “Thus, SEC ALJs are sufficiently insulated from removal that the President cannot take care that the laws are faithfully executed. The statutory removal restrictions are unconstitutional.”
The dissenting judge disagreed with all three of the majority’s constitutional conclusions, contending that the majority, among other things, misread the Supreme Court’s decisions as to what are and are not “public rights,” and that “Congress’s decision to give prosecutorial authority to the SEC to choose between an Article III court and an administrative proceeding for its enforcement actions does not violate the nondelegation doctrine.” The judge further stated that while the Supreme Court determined in Lucia that ALJs are “inferior officers” within the meaning of the Appointments Clause in Article II, it “expressly declined to decide whether multiple layers of statutory removal restrictions on SEC ALJs violate Article II.” Consequently, the judge concluded that he found “no constitutional violations or any other errors with the administrative proceedings below.”
On April 21, the U.S. Court of Appeals for the Fourth Circuit affirmed a district court’s dismissal of a securities suit against a hotel corporation (defendant) alleging that they misled the plaintiffs regarding data vulnerabilities connected to a major breach of customers’ personal information. According to the opinion, two years after merging with another hospitality corporation, the defendant “learned that malware had impacted approximately 500 million guest records in the [hospitality corporation’s] guest reservation database.” An investor filed a putative class action against the defendant and nine of its officers and directors, alleging that its failure to disclose severe vulnerabilities in the hospitality corporation’s IT systems rendered 73 different public statements false or misleading in violation of Section 10(b) of the Securities Exchange Act of 1934 (Exchange Act) and SEC Rule 10b-5. The district court granted the defendant’s motion to dismiss with prejudice and concluded that the plaintiffs “‘failed to adequately allege a false or misleading statement or omission, a strong inference of scienter, and loss causation,’ which doomed the claim under Section 10(b) and Rule 10b-5 as well as the secondary liability claim [under Section 20(a) of the Exchange Act].” The investor appealed, dropping its challenge to 55 of the statements but maintaining its challenge to the other 18.
On appeal, the 4th Circuit agreed with the district court that the defendant’s statements about the importance of cybersecurity were not misleading with respect to the quality of its cybersecurity efforts. The appellate court found that “[t]he ‘basic problem’ with the complaint on this point is that ‘the facts it alleges do not contradict [the defendant’s] public disclosures,’” and that reiterating the “basic truth” that data integrity is important does not mislead investors or create a false impression. The appellate court also noted that the complaint “concedes that [the defendant] devoted resources and took steps to strengthen the security of hospitality corporation’s systems,” and that the company included “such sweeping caveats that no reasonable investor could have been misled by them.” The appellate court concluded that the defendant “certainly could have provided more information to the public about its experience with or vulnerability to cyberattacks, but the federal securities laws did not require it to do so.”
On February 10, the SEC proposed amendments to its rules governing beneficial ownership reporting under Exchange Act Sections 13(d) and 13(g) in order to “improve transparency and provide more timely information for shareholders and the market.” (See also SEC fact sheet here.) Among other things, the proposed rule would (i) accelerate the filing deadlines for Schedules 13D and 13G beneficial ownership reports from 10 days to five days (amendments would be required to be filed within one business day); (ii) expand the application of Regulations 13D and 13G to certain derivative securities; (iii) clarify the circumstances in which two or more persons have formed a “group” that would be subject to beneficial ownership reporting obligations; (iv) allow for new exemptions “to permit certain persons to communicate and consult with one another, jointly engage issuers, and execute certain transactions without being subject to regulation as a ‘group’”; and (v) require Schedules 13D and 13G filings to be done through a “structured, machine-readable data language.” Comments are due 30 days after publication in the Federal Register, or April 11, whichever is later. SEC Chair Gary Gensler issued a statement supporting the proposed amendments, which “would reduce information asymmetries and promote transparency, thereby lowering risk and illiquidity,” citing the “rapidity of current markets and technologies” as justification for updating the decades-old rules. However, SEC Commissioner Hester M. Peirce dissented, arguing that the proposed amendments fail to fully contend “with the realities of today’s markets or the balance embodied in Section 13(d) of the Exchange Act.” She further challenged the justification of technological advancements as a reason to shorten the 10-day reporting window to five days.
On January 28, the U.S. District Court for the Eastern District of Michigan issued judgments (see here and here) against a real estate company and its CEO in the SEC’s first crowdfunding regulation enforcement action. As previously covered by InfoBytes, the SEC filed a complaint last September alleging that several entities and related individuals participated in a fraudulent scheme to sell nearly $2 million of unregistered securities through two crowdfunding offerings. The complaint alleged that two of the entities issued securities without registering with the SEC, while their principals diverted investor funds for personal use rather than using the funds for the disclosed purposes. Without admitting or denying the SEC’s allegations, the real estate company and the CEO consented to be permanently enjoined from violating certain securities laws. The CEO also agreed to a prohibition on “acting as an officer or director of any issuer that has a class of securities registered pursuant to Section 12 of the Exchange Act [15 U.S.C. § 78l] or that is required to file reports pursuant to Section 15(d) of the Exchange Act [15 U.S.C. § 78o(d)].” The judgments decreed that, upon motion of the SEC, the court will decide whether disgorgement and/or civil money penalties are appropriate.
On January 28, the SEC announced a settlement subject to court approval with a private technology company to resolve allegations that the company, through its former CEO, falsely inflated key financial metrics and doctored internal sales records. The complaint, which alleged violations of the antifraud provisions of the Securities Act of 1933 and the Securities Exchange Act of 1934, claimed that the CEO significantly inflated the value of numerous customer deals, and then masked the inflation by creating fake invoices and altering real invoices to make it seem as if customers had been billed higher amounts. The company’s board of directors conducted an internal investigation, which led to the removal of the CEO, a revised company valuation, and remedial efforts including repaying investors. The company also hired new senior management, expanded its board, and implemented processes and procedures to ensure transparency and accuracy of deal reporting and associated revenues. While the company neither admitted nor denied the allegations, it agreed to be permanently enjoined from violations of the antifraud provisions. The SEC highlighted that the lack of a penalty in the settlement is significant, and demonstrates the Commission’s position that a company may receive credit if it makes significant remedial efforts in the wake of an internal investigation. “For companies wondering what types of remedial actions and cooperation might be credited by the Commission after a company uncovers fraud, this case offers an excellent example,” stated Gurbir S. Grewal, Director of the SEC’s Division of Enforcement. “[The company’s] remediation and cooperation included not just its internal investigation and revised valuation, but also repaying harmed investors and improving its governance—all of which were factors that counseled against the imposition of a penalty in this case.”
On January 20, the Financial Industry Regulatory Authority (FINRA) announced it had entered into a Letter of Acceptance, Waiver, and Consent (AWC), which requires a securities firm to pay a $9 million fine for allegedly failing to (i) maintain proper control of excess margin securities it carried on behalf of customers; (ii) store electronic brokerage records in the required non-erasable, “write once, read many” format (known as “WORM”); (iii) disclose potential conflicts of interest when publishing research reports; and (iv) implement and enforce a supervisory system to ensure compliance with federal securities law and FINRA rules. FINRA claimed that among the alleged violations, the firm failed to preserve approximately 18.6 billion records in the required WORM format, which affected applications, “including those related to accounts payable and receivable, fingerprint records, customer account records, general ledger/trial balances, order and trade tickets, trade confirmations, and wire instructions.” According to FINRA, although the firm understood the requirement to store records in WORM format, it allegedly had no supervisory procedures in place to ensure compliance. The firm did not admit nor deny the findings as part of the AWC but has agreed to a censure and will pay the fine. Additionally, the firm is required to certify that it has implemented reasonably designed supervisory systems and procedures to comply with federal securities laws and FINRA rules and requirements.
On December 17, the SEC announced charges against a subsidiary limited liability company of a national bank for Securities Exchange Act violations because the firm and its employees allegedly failed to maintain recordkeeping requirements. According to the order, from at least January 2018 through at least November 2020, the company’s employees communicated about securities business matters on their personal devices, using text messaging applications and personal email accounts. These communications were not maintained or preserved by the company, and some were not able to be furnished promptly to a Commission representative when requested, allegedly in violation of Section 17(a) of the Exchange Act and Rules 17a4(b)(4) and 17a-4(j) thereunder. Additionally, the company’s “widespread failure to implement its policies and procedures which forbid such communications led to its failure to reasonably supervise its employees within the meaning of Section 15(b)(4)(E) of the Exchange Act.” The company received subpoenas for documents and records requests in numerous Commission investigations during the time that it failed to maintain required securities records relating to the business. In its response to the subpoena requests, the bank allegedly did not search for relevant records contained on the personal devices of its employees. The order further noted that because the company’s “recordkeeping failures impacted the Commission’s ability to carry out its regulatory functions and investigate potential violations of the federal securities laws across these investigations, the Commission was often deprived of timely access to evidence and potential sources of information for extended periods of time and, in some instances, permanently.” According to the SEC, the company admitted the facts set forth in the SEC’s order and acknowledged that its conduct violated the federal securities laws, and agreed to: (i) pay a $125 million penalty; (ii) implement robust improvements to its compliance policies and procedures, including retaining “a compliance consultant to, among other things, conduct a comprehensive review of its policies and procedures relating to the retention of electronic communications found on personal devices and [the company’s] framework for addressing non-compliance by its employees with those policies and procedures”; and (iii) cease and desist from committing or causing any violations and any future violations of Section 17(a) of the Exchange Act and Rule 17a-4 thereunder.
The same day, the CFTC announced a $75 million settlement with the company, the national bank, and its public limited company (collectively, “respondents”) for allegedly failing to maintain, preserve, and produce records that were required to be kept under CFTC recordkeeping requirements, and failing to diligently supervise matters associated with its businesses as CFTC registrants. According to the CFTC order, from at least 2015, the respondents’ employees internally and externally communicated on unapproved channels, and had messages related to the respondents’ businesses as CFTC registrants that were required to be maintained under CFTC-mandated recordkeeping requirements. The order also noted that the written communications were not maintained and preserved by the respondents, and they were not able to be furnished promptly to a CFTC representative when requested. The order further alleged that the widespread use of unauthorized communication methods by the respondents’ employees to conduct firm business violated their own policies and procedures. The respondents also did not maintain adequate internal controls with respect to business-related communications on non-approved communication methods. The order requires the respondents to pay a $75 million civil monetary penalty, to cease and desist from further violations of recordkeeping and supervision requirements, and to engage in specified remedial undertakings.
- Kathryn L. Ryan to host the affiliate members meeting at AARMR’s 2022 Annual Regulatory Conference & Training
- Kathryn L. Ryan and Jedd R. Bellman to discuss “Risk and compliance management: Are you covered?” at a Mortgage Bankers Association webinar
- Melissa Klimkiewicz and Daniel A. Bellovin to discuss “Things to know about flood insurance” at a NAFCU webinar
- Hank Asbill to discuss “Ethical issues at sentencing” at the 31st Annual National Seminar on Federal Sentencing
- Max Bonici will moderate a panel on “Enforcement risk and other regulatory and compliance issues related to crypto and digital assets” at the American Bar Association’s 2022 Annual Meeting
- John R. Coleman to provide a “CFPB Update” at MBA’s 2022 Regulatory Compliance Conference
- Amanda R. Lawrence to discuss “The shifting data privacy and data protection landscape” at MBA’s 2022 Regulatory Compliance Conference
- Benjamin W. Hutten to discuss “Fundamentals of financial crime compliance” at the Practicing Law Institute
- Benjamin W. Hutten to discuss “Ongoing CDD: Operational considerations” at NAFCU’s Regulatory Compliance & BSA Seminar