InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
SEC charges alternative data provider with securities fraud
On September 14, the SEC announced a settlement with an alternative data provider and one of the company’s co-founders (collectively, "respondents") resolving allegations that the company violated antifraud provisions by engaging in deceptive practices and making material misrepresentations regarding alternative data. According to the order, the respondents understood that companies would share their confidential app performance data if they promised not to disclose it to third parties. As a result, the respondents assured companies that their data would be aggregated and anonymized before being used by a statistical model to generate estimates of app performance. However, the respondents, between 2014 and mid-2018, utilized non-aggregated and non-anonymized data to alter its model-generated estimates to make them more valuable to sell to trading firms. The SEC alleged that the respondents violated provisions of the Exchange Act, such as Section 10(b) and Rule 10b-5 thereunder, because their misrepresentations and other deceptive practices misled subscribers regarding how the company’s intelligence estimates were calculated. The order, to which the respondents consented, imposes civil money penalties of $300,000 and $10 million. The order also provides that the company must cease and desist from committing or causing any future violations of the Exchange Act, and prohibits the co-founder from serving as an officer or director of a public company for three years.
Former officials agree SEC usurped FinCEN’s BSA enforcement authority
On August 20, former FinCEN officials filed an amicus brief in support of a petition for certiorari filed by penny stock broker-dealer (petitioner) against the SEC claiming the agency usurped FinCEN’s Bank Secrecy Act (BSA) enforcement authority. The petition seeks to reverse a U.S. Court of Appeals for the Second Circuit decision, which upheld a $12 million penalty and concluded the SEC has the authority to bring an action under Section 17(a) of the Securities Exchange Act of 1934 (Exchange Act) and Rule 17a-8 promulgated thereunder for failure to comply with the Suspicious Activity Report (SAR) provisions of the BSA. As previously covered by InfoBytes, the appellate court rejected the broker-dealer’s argument that the SEC is attempting to enforce the BSA, which only the U.S. Treasury Department has the authority to do. The appellate court noted that the SEC is enforcing the requirements of Rule 17a-8, which requires broker-dealers to adhere to the BSA in order to comply with requirements of the Exchange Act, which does not constitute the agency’s enforcement of the BSA. Moreover, the appellate court concluded that the SEC did not overstep its authority when promulgating Rule 17a-8, as SARs “serve to further the aims of the Exchange Act by protecting investors and helping to guard against market manipulation,” and that the broker-dealer did not meet its “‘heavy burden’ to show that Congress ‘clearly expressed [its] intention’ to preclude the SEC from examining for SAR compliance in conjunction with FinCEN and pursuant to authority delegated under the Exchange Act.”
The former officials’ brief states that they “have no interest in the facts” of the petitioner’s dispute with the SEC, but rather “are concerned that the Second Circuit’s misunderstanding of FinCEN’s delegated enforcement authority will lead to confusion among the financial institutions that must comply with the BSA; create multiple, conflicting BSA regulatory regimes; decrease American influence over global financial regulators; and hamper U.S. law enforcement and national security efforts by diminishing the value of BSA data.” They further pointed out that the appellate court “erred in conflating delegated compliance examination efforts with the exercise of enforcement authority and let stand SEC and lower court decisions applying materially different legal standards with a lower level of judicial oversight and review than that established by Congress.” The former officials stressed that the appellate court’s decision fails “to appreciate the nature of the AML regime and therefore FinCEN’s unique expertise and central role,” adding that the decision “threatens to undermine the BSA statutory regime and harm U.S. efforts to fight money laundering and terrorist financing” and may affect other regulators and regulated entities.
SEC settles with company over data breach
On August 16, the SEC announced charges against a London-based educational publishing company for its role in allegedly misleading investors regarding a cyber breach that involved millions of student records and had inadequate disclosure controls and procedures in place. According to the SEC’s order, the company made material misstatements and omissions about a 2018 cyber intrusion that affected millions of rows of data across 13,000 school, district, and university customer accounts in the U.S. According to a 2019 report furnished to the Commission, the company’s risk factor disclosure implied that the company faced the hypothetical risk that a “data privacy incident” “could result in a major data privacy or confidentiality breach” but did not disclose that a data breach involving the company had previously taken place. In response to an inquiry by a media outlet, the company sent a breach notification to its affected customers and issued a previously prepared statement that included misstatements regarding the breach and data involved. The order found that the company failed “to maintain disclosure controls and procedures designed to analyze or assess such incidents for potential disclosure in the company’s filings.” The SEC charged the company with violating, among other things, Rule 13a-15(a) of the Securities Act, which requires every issuer to maintain disclosure controls and procedures, and Section 13(a) of the Exchange Act which requires “every foreign issuer of a security registered pursuant to Section 12 of the Exchange Act to furnish the Commission with periodic reports containing information that is accurate and not misleading.” The order, which the company consented to without admitting or denying the findings, imposes a civil money penalty of $1 million and provides that the company must cease and desist from committing or causing any future violations of the Securities Act and the Exchange Act.
SEC takes emergency action against investor fraud scheme
On August 13, the SEC announced it obtained a temporary restraining order through an emergency action filed against an individual and his two entities, which allegedly induced dozens of consumers to invest by falsely claiming that their funds would be used to acquire real estate and to make commercial loans. According to the SEC, the individual misappropriated the vast majority of the investors' funds to pay for his residences, cover credit cards bills, and make student loan payments. The complaint also alleges that the individual hid the fraud from investors by providing investors with false valuations, among other things. The SEC’s complaint alleges violations of the antifraud provisions of the Securities Act of 1933, the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, and seeks a permanent injunction against the defendants enjoining them from future violations, disgorgement of all ill-gotten gains, and civil penalties, among other things.
SEC says digital asset trading company violated the Exchange Act
On August 9, the SEC announced charges against a digital asset trading company for operating an unregistered online digital asset exchange in connection with its operation of a trading platform that facilitated buying and selling of digital asset securities. According to the SEC’s order, the company operated a web-based trading platform that facilitated buying and selling digital assets, which included digital assets that were investment contracts and therefore securities. The order finds that, “[n]otwithstanding its operation of the [Company] Trading Platform, [the company] did not register as a national securities exchange nor did it operate pursuant to an exemption from registration at any time, and its failure to do so was a violation of Section 5 of the Exchange Act,” despite operating as a Rule 3b-16(a) system under the Exchange Act. The order, which the company consented to without admitting or denying the findings, imposes a disgorgement fee of $8,484,313, a prejudgment interest fee of $403,995, and a civil penalty of $1.5 million, for a total of $10,388,309. The order also provides that the company must cease and desist from committing or causing any future violations of the Exchange Act and establishes a fair fund for the benefit of victims.
SEC settles with company selling securities through DeFi platform
On August 6, the SEC announced a settlement with two individuals and their company for the alleged unregistered sale of over $30 million of securities using smart contracts and decentralized finance technology, and for misleading investors regarding the operations and profitability of their business. According to the SEC’s order, the company offered and sold securities in unregistered offerings through a program from February 2020 to February 2021, which used smart contracts to sell two types of digital tokens: one type that could be purchased using specified digital assets and paid 6.25 percent in interest; and the other type that purportedly provided holders certain voting rights, some excess of profits, and the ability to profit from resales in the secondary market. The SEC alleged that the company violated provisions of the Securities Act, such as Section 5(a) and 5(c), by offering and selling securities without having a registration statement filed or in effect. In addition, the company violated Section 17(a) of the Securities Act, Section 10(b) of the Exchange Act, and Rule 10b-5 thereunder, by making materially false statements and engaging in other deceptive acts regarding business operations and profitability. The order, which the company consented to without admitting or denying the findings, imposes a civil money penalty of $125,000 to each individual and a total of $12,849,354 in disgorgement. The order also provides that the company must cease and desist from committing or causing any future violations of the Exchange Act.
District Court finds that investors qualify for SEC whistleblower protections
On July 21, the U.S. District Court for the Southern District of New York ruled that the SEC’s whistleblower protection rule extends to investors. In June 2020, a Nevada-based company and its owner (collectively, “defendants”) filed a motion to dismiss, strike portions of, and enter judgment on the pleadings of an amended complaint filed by the SEC which alleged, among other things, that the defendants violated Rule 21F-17 of the Securities Exchange Act. Rule 21F-17 “prohibits any ‘person’ from taking ‘any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.’” The defendants argued that the SEC’s rulemaking authority extends only to “whistleblower-employees,” claiming they “were not in an employer-employee relationship with those individuals whom the SEC claims were impeded (that is, investor-victims),” and objected to a magistrate judge’s report and recommendation (R&R) “as it relates to the SEC’s claim for impermissible impeding of Rule 21F-17 in violation of the Exchange Act.” The SEC countered that “Section 21F is not limited to protecting whistleblowers in the employee-employer relationship, and as such, Rule 21F-17’s application to any ‘person’ is a proper exercise of its rulemaking authority.”
On review, the court sided with the SEC in finding that Section 21F broadly defines “[w]histleblower” as “any individual who provides . . . information relating to a violation of the securities laws” to the SEC, ruling that Rule 21F-17 “falls squarely within the SEC’s statutory authority to issue ‘necessary and appropriate’ regulations to implement Section 21F of the Exchange Act.” The court further held that “[w]hile certain portions of Section 21F provide anti-retaliation protections specific to those whistleblowers who are employees, nothing in the statute’s text nor the supporting documents indicates that Congress intended to protect only those whistleblowers who are employees.”
SEC charges liability company with Exchange Act violations
On June 23, the SEC announced charges against a New York-based limited liability firm for Securities Exchange Act violations because the firm allegedly used language in the firm’s compliance manual that prohibited potential whistleblowers from speaking out to regulators. According to the order, over a four year span, the firm’s compliance manual stated that employees were “strictly prohibited from initiating contact with any Regulator without prior approval from the Legal or Compliance Department,” and that violation of this policy may result in “disciplinary action by the Firm.” The order noted, however, that the agency was “unaware of any specific instances” where an employee of the firm was prevented from disclosing to the SEC staff about possible violations. In 2018 and 2019, the firm also provided annual compliance training to its employees that allegedly included similar language. Specifically, a slide in the training contained language that prohibited employees “from initiating contact with any regulator without prior approval from Legal or Compliance, including conversation[s] regarding an individual’s registration status with FINRA.” The SEC further alleged that the firm’s employees were also required to comply with the code of conduct maintained by the firm’s indirect parent company, but acknowledged that the code was not meant to restrict employees’ whistleblower protections, and employees were not prohibited from reporting to government agencies. However, the firm’s manual also noted that “personnel should follow the more restrictive” of the various policies, “absent explicit direction to the contrary.” The order noted that the firm took remedial steps to correct the issues, including altering the language in the compliance manual to instead advise employees of their right to communicate with regulators about possible concerns without obtaining prior approval. The firm communicated the revisions to its employees by administering a compliance alert, which linked to the revised manual. The SEC charged the firm with violating Rule 21F-17 of the Securities Exchange Act and ordered the firm, to cease and desist for committing future violations of Rule 21F-17 and pay a $208,912 penalty.
SEC sues mutual fund for diverting investor funds into shell companies
On June 21, the SEC filed a complaint against a Cayman Islands-registered mutual fund and its operators (collectively, “defendants”) in the U.S. District Court for the Southern District of New York alleging they diverted millions of dollars in investor funds to shell companies under the defendants’ control through uncollateralized loan transactions, and issued “false or misleading statements of material facts to investors to disguise their misconduct.” According to the SEC, the defendants have also blocked investors from redeeming the roughly $106 million they invested in the fund, and have transferred $64 million of the investors’ deposits into the fund’s brokerage account, from which the assets were allegedly “subject to further dissipation and misappropriation.” The SEC’s complaint alleges violations of the antifraud provisions of the Securities Act of 1933 and the Securities Exchange Act of 1934, and seeks a permanent injunction against the defendants, a permanent ban prohibiting the participation in future securities offerings through entities owned or controlled by the defendants, disgorgement of ill-gotten gains, civil penalties, and an asset freeze.
Broker-dealer settles with SEC for failing to file SARs
On May 12, the SEC announced a settlement with a broker-dealer for allegedly violating the Securities and Exchange Act by failing to consistently implement its anti-money laundering (AML) program and file Suspicious Activity Reports (SARs) despite knowing individuals were attempting to gain unauthorized access to retirement accounts. According to the SEC’s order, from September 2015 through October 2018, the broker-dealer allegedly knew that individuals were attempting to gain access, or had gained access, to plan participants’ retirement accounts through the use of improperly obtained personal identifying information. The SEC alleged that, despite this knowledge, the broker-dealer failed to file approximately 130 SARs in cases where it had detected the suspicious activity and, in the roughly 297 SARs that it did file, failed to include certain required information linked to the bad actors, such as URL addresses, IP addresses, and other electronic identifying information. The order requires the broker-dealer, who has neither admitted nor denied the SEC’s allegations, to cease and desist from future violations and pay a $1.5 million penalty. The SEC acknowledged the broker-dealer’s significant cooperation in the investigation and subsequent remedial efforts.