Selflessly, Blaine Doyle recently attended a presentation here in Chicago by the SEC and CFTC, so you didn’t have to do it yourself. Here is his recount of the highlights. – Alan
Anyone who has sat through a talk by financial regulators is undoubtedly familiar with the refrain from the individuals that they do not speak for the Commission and that the opinions offered are their own. Even with that disclosure (and they ALWAYS make that disclosure), regulators are still notoriously tight lipped when it comes to just about anything, but especially if it relates to Enforcement. However, when two high ranking officials from the CFTC and SEC decided to present, as the star attractions, at the Chicago Bar Association, they had no choice but to spill the beans. While nobody would accuse them of having given up state secrets, they did offer some insights into where their respective Commissions are and, more importantly, where they are going. With that in mind, here is what they had to say (with special emphasis on the securities side):
While the government shutdown of early 2019 is ancient history to most of us, the speakers from both the CFTC and SEC emphasized the disruption that the break caused to their respective organizations and personnel. Moreover, on the issue of government funding, they both noted that their organizations are understaffed from past hiring freezes and are trying to backfill positions that have been open for some time. The speaker from the CFTC mentioned that in some respects his organization had been in “triage” mode due to personnel shortages and that he was hoping that the additional hires will help ease the work load. So why does this matter to the reader? If you work in the industry, it would be reasonable to expect that as both organizations hire additional staff, scrutiny on registrants and, possibly, the number of enforcement actions will increase in the coming years.
Having established that regulators will be staffing up in the near future, it might pay (or prevent you from having to pay) to understand what exactly regulators have on their “to do” lists. Overall, and not surprisingly, both regulators repeatedly mentioned that protecting and returning money to victimized “main street” (aka retail) investors was a paramount, if not the main, concern. Thus, on the exam side, the SEC speaker mentioned hidden fees, undisclosed conflicts of interest, firms borrowing money from customers and the protection of senior investors as points of focus.
On the enforcement side, the mission centered on how best to allocate limited resources to protect retail customers. The speaker mentioned that they were developing data analytics as a means to identify and stop investor harm (including market manipulation) and emphasized the importance of individual accountability when issues do arise. Owing to limited resources and the importance of registrant accountability, he highlighted the “Share Class Selection Disclosure Initiative” in which RIAs that self-reported possible securities law violations relating to the failure to disclose information concerning mutual fund share class selection received favorable settlement recommendations from Enforcement. Given that self-reporting uses less resources than when the SEC has to root out violations itself, and also compels self-imposed accountability on the part of the registrants (a big theme from the speaker), it would be reasonable to expect the roll out of similar programs for other types of violations in the near future.
There was a vibrant discussion about cryptocurrency with the SEC indicating its Crypto Unit will be looking at fraud and registration issues in ICOs (Initial Coin Offerings – the rough equivalent of an IPO) as well as whether dealings in crypto can constitute acting as an un-registered broker-dealer or even as an un-registered exchange. Of broader interest to players in the securities industry were the comments on cyber security. Increasingly, registrants are housing their customers’ personal information online, making it vulnerable to cyber-attack. The SEC speaker was clear that when a registrant farms out either the storage or protection of that information to a third-party vendor, the responsibility for safeguarding the information stays with the registrant. In other words, the excuse that “I hired XYZ Company to protect my customers’ information, so it is not my fault” will not serve as some kind of panacea in the eyes of the Commission. Thus, it is imperative that registrants conduct due diligence reviews on third-party vendors and make appropriate disclosures to customers about their information and where it will be housed. For larger entities, he emphasized that the Foreign Corrupt Practices Act (“FCPA”) necessitates close supervision over foreign subsidiaries by their domestic parents. Given the current political climate in the United States, it would not be shocking if foreign subsidiaries and their business dealings come under increased scrutiny in the years to come, especially in relation to payments and favors to government officials abroad.
So that is where the Commission currently resides, but where is it headed? The speaker reemphasized the protection of retail customers and described a concerted effort to make the enforcement process as transparent as possible. While “transparency” might sound like a meaningless buzz word, the speaker described his concept of it being that the Commission puts out rules (no surprise there), but also tries to articulate how it views the implementation of the rules, through devices such as “No Action Letters” so that registrants can react accordingly before the Commission has to get involved. While he did not explicitly say it, this would allow the Commission to direct its limited resources towards knowing wrongdoers instead of targeting registrants that mistakenly run afoul of its rules. Finally, the speaker mentioned the elephant in the room, Regulation Best Interest, which goes into effect in June 2020. Unfortunately, he did not have much to say about it except that it is already resulting in litigation relating to the scope of the rule. Readers should be on the lookout for future releases from the Commission on the subject that will hopefully provide the promised “transparency.” As for now, however, Regulation BI figures to be a source of consternation for registrants and their lawyers, alike.
So there you have it. While the regulators did not say anything earth shattering, they did provide limited insight into how they view matters so that you, as registrants, can stay off their radar. Once on their radar, however, the Commissions’ position conveniently seems to be that quick confession will lead to lesser penalties. That is, of course, a fine notion, unless the allegations against the registrant happen to be meritless, in which case the registrants will find themselves in the unenviable and pricey position of hiring lawyers and taking on the Commission.