Better late than never, they always say. Yesterday, the SEC announced its Enforcement results for Fiscal Year 2025, which ended back on September 30, 2025. In the past, the SEC has reliably published is Enforcement results sometime in November following the end of the fiscal year, but for some reason we did not hear about the results until now, a little over six months after the end of fiscal 2025.
The announcement commences with, not too surprisingly these days, an indictment of past practices:
Central to an effective enforcement program is determining which cases to bring and responsibly stewarding Commission resources. Regrettably, such resources have been misapplied in prior years to pursue media headlines and run up numbers, and in turn, led to misguided expectations on what constitutes effective enforcement.
Call me old-fashioned, but isn’t it weird to read so many press releases from the SEC that are so critical of itself? In any event, here is what the announcement has to say about fiscal 2025 results:
During fiscal year 2025, the Commission filed 456 enforcement actions, including 303 standalone actions and 69 “follow-on” administrative proceedings seeking to bar or suspend individuals from certain functions in the securities markets based on criminal convictions, civil injunctions, or other orders, and obtaining orders for monetary relief totaling $17.9 billion. These enforcement actions addressing a broad range of misconduct demonstrate the Commission’s prioritization of cases that directly harm investors and the integrity of the U.S. securities markets, including offering frauds, market manipulation, insider trading, issuer disclosure violations, and breaches of fiduciary duty by investment advisers.
The results do not include the 1,095 matters in which potentially violative conduct was investigated and which were closed, the several matters where market participants remediated their practices, or cases that were otherwise not pursued.
FY 2025 was a unique period of transition for the enforcement division never experienced before in modern SEC history. It was characterized by an unprecedented rush to bring a significant number of cases in advance of the presidential inauguration and the aggressive pursuit of novel legal theories under the prior Commission.
This period brought about the current Commission’s resolution of prior cases that were not sufficiently grounded in the federal securities laws. The current Commission deliberately refocused the enforcement program on matters of fraud—cases that inherently require more time and resources to develop and bring, often requiring up to two or more years to manifest results.
Some of the key themes highlighted in the announcement include:
– Protecting retail investors
– Holding individual wrongdoers accountable
– Combatting securities fraud wherever it occurs
– Safeguarding markets from abusive trading
– Deploying resources judiciously as to emerging technologies
The announcement also includes an addendum that provides more detailed statistics highlighting the Division of Enforcement’s fiscal 2025 Enforcement activities.
Yesterday, SEC Chairman Paul Atkins joined Texas Governor Greg Abbott, Florida Governor Ron DeSantis, Citadel Securities President Jim Esposito, Texas Stock Exchange Founder & CEO Jim Lee, and other business leaders and public officials at an event in Miami, Florida called “Welcome to the Boom Belt.” The “Boom Belt” for this purpose is a the fast-growing region of the southeast United States that stretches from Florida to Texas.
In his remarks at the event, Chairman Atkins reiterated the three pillars of his “MIGA” movement, noting:
It is little surprise, then, that shortly after I left the SEC back in the mid-1990s as chief of staff, there were more than 7,800 companies listed on the U.S. exchanges—and by the time that I returned last year as Chairman, that figure had fallen by roughly 40 percent.
This trajectory tells a cautionary tale that we are working to rectify through the three pillars of my plan to make IPOs great again.
First, we are modernizing, rationalizing, and streamlining disclosure reports so that they are meaningful, understandable, and not a repellant to investors. Too many SEC requirements that began as a framework to inform have become instruments to obscure — drifting along the way from what a reasonable investor would consider important to what a regulator might find interesting. That is completely opposite of what should be the case since we are commanded by law to put the investor first.
Our disclosure regime is most effective when the SEC provides the minimum effective dose of regulation necessary to elicit the information that is material to investors, and we allow market forces—not the regulator—to drive the disclosure of any additional aspects that may be beneficial. Materiality, in short, must reclaim its place as the SEC’s north star.
Second, as part of the three pillars of making IPOs great again, we are focused on ensuring that States, and not the SEC, regulate matters of corporate governance. Over time, the agency has used its disclosure authority to attempt to indirectly establish governance standards that state corporate law should and can address. We must stay in our lane as a disclosure agency and not be a merit regulator.
Third [pillar], and finally, we are allowing public companies to have litigation alternatives while maintaining an avenue for shareholders to continue to bring forth meritorious claims. At the SEC, we have been hard at work on executing this plan so that we can shield the innovator from the frivolous—and protect the investor from the fraudulent.
Taken together, these reforms represent something larger than a regulatory agenda — indeed, they herald the SEC’s return to first principles that have made this region’s ascent so remarkable. In many ways, the Boom Belt embodies the best of what we are working toward in Washington. And guided by your example, we are reminded that the most consequential reforms are not those that add to the compliance burden, but those that have the courage to lift it.
One area that the SEC could potentially address as part of its MIGA movement is the patchwork of rules and statutory provisions that govern pre-offering communications. Despite my best efforts as a regulator over the years to defend the ramparts of Section 5 against illegal communications in securities offerings (I was reviewing Webvan’s IPO when it was delayed for a gun-jumping violation, and later, as Chief Counsel, I dealt with the publication of a Playboy interview with the founders of Google while the company was in registration for its IPO), the “offer” side of the equation has largely been substantially deregulated, as former Corp Fin Director Linda Quinn once envisioned in her 1996 remarks “Reforming the Securities Act of 1933: A Conceptual Framework.” Such deregulatory efforts were jumpstarted by the JOBS Act and have been furthered by the Commission, as it has adopted rules such as Rule 163B, Rule 147 and permissive pre-offering communications regulations as part of Regulation A and Regulation Crowdfunding.
As Anna Pinedo recently noted in Mayer Brown’s “Free Writings & Perspectives” blog, a rulemaking petition has been submitted to the SEC by the CEO & Founder of Radivision, Inc., calling on the SEC to amend its communications rules to facilitate more participation in offerings by retail investors. The blog notes:
A rulemaking petition filed recently highlights the need to address the communications safe harbors. The Securities and Exchange Commission has not reviewed the rules and regulations relating to social media under the securities laws since 2000. The last comprehensive review of the rules relating to offering related communications and safe harbors was Securities Offering Reform, which now was over 20 years ago. Since then, there have been modest changes to the communications rules, principally in connection with exempt offerings and the JOBS Act. The petition notes that, in some respects, the communications rules are more liberal in the case of offerings made pursuant to Regulation Crowdfunding (CF) and Regulation A offerings than in connection with testing-the-waters communications in the context of SEC registered offerings.
The petition requests that the SEC take action to amend Rule 163B to expand the class of permitted test-the-waters investors, which now includes only qualified institutional buyers and institutional accredited investors, so that, at a minimum, accredited investors might be included. The petition suggests that if the categories of persons were to be expanded, then, written test-the-waters materials should include a brief legend noting that no offer to sell is being made and no allocation commitment exists. In addition, the petition requests that Rule 169, the safe harbor relating to regularly released factual business information, be amended to (1) broaden its application to communications during registered offerings, (2) clarify that the safe harbor applies to digital and social media communications, and (3) harmonize the safe harbor with the communications standards applicable under Regulation A and Regulation CF that allow issuers to communicate freely with prospective retail investors while undertaking registered offerings. Finally, the petition requests that the SEC issue interpretive guidance confirming that the SEC’s policy judgments permitting retail solicitation in Regulation CF, Regulation A, and Rule 506(c) offerings apply to IPOs.
We shall see if lawmakers or the SEC will consider any of these suggestions in future legislative or regulatory action.
Last month, I highlighted the SEC’s announcement of a Roundtable on Options Market Structure coming up on April 16, and now the SEC has announced the agenda and panelists for that event. Following opening remarks by Commissioner Peirce, Commissioner Uyeda and Jamie Selway, Director of the Division of Trading and Markets and a presentation of data from the Office of Analytics and Research in the Division of Trading and Markets, the first panel “will focus on how the current options market structure facilitates or hinders the ability of liquidity providers to compete fairly and freely in furtherance of a robust national market system for standardized listed options.” The second panel will focus on the customer (i.e., non broker-dealer) experience with listed options, and then the third panel “will focus on the growth of listed options, the associated challenges and opportunities that growth presents, and the issues that the Commission and market participants should consider in the years ahead.”
The Roundtable will take place from 9:00 a.m. to 3:15 p.m. Eastern time at the SEC’s headquarters and registration for in-person attendees is required. The public can also watch the webcast on the SEC’s website. The SEC is currently accepting comments on this topic at the Roundtable on Options Market Structure event page.
I highlighted back in February that a new board had been sworn in at the PCAOB, and that group held its first open Board meeting last week to chart a course under that new leadership. At the open meeting, the Board approved a request for public comment seeking input regarding the PCAOB’s strategic priorities. The announcement of the meeting notes:
The feedback received will help inform the development of the PCAOB’s 2026-2030 strategic plan and guide the PCAOB’s focus areas for future standard-setting activities. Importantly, the public will have further opportunities to provide input on a draft 2026-2030 strategic plan and refreshed standard-setting focus areas later this year.
The request for public comment indicates that the board is particularly interested in receiving comments addressing the following questions:
1. What should the PCAOB focus on as its strategic priorities in registration, inspections, and enforcement over the next two to five years to further its statutory mission?
2. What changes should the PCAOB make to its inspections program including, but not limited to, changes in light of its new quality control standard (QC 1000)?
3. What inspection information would be most useful to stakeholders, and how could inspection reporting be enhanced under a quality control-focused inspection program?
4. What standard-setting projects should the PCAOB pursue?
5. How can the PCAOB achieve greater alignment of its auditing standards with international auditing standards?
6. In what ways should the PCAOB consider deploying technology, including AI, to help further its investor-protection mission?
7. How can the PCAOB enhance transparency with its stakeholders?
Comments are requested by May 15, 2026, and can be provided via email at comments@pcaobus.org or by delivery to the following address: Office of the Secretary, PCAOB, 1666 K Street, NW, Washington, DC 20006-2803.
With all of the focus on tokenized securities these days, now is a great time to catch on what you need to know with our latest Timely Takes Podcast. Meredith is joined by Scott Kimpel, who is a partner at Hunton, where he leads the firm’s working group on blockchain and digital assets. The topics covered on this podcast include:
– Plain English definition of key terms
– ‘Issuer-sponsored’ tokenization versus ‘third-party’ tokenization
– What a simple stock trade looks like in an “on-chain” system
– Why Scott expects market intermediaries will continue to play a big role in the securities markets
– How tokenization will facilitate 24/7 trading and atomic settlement (i.e., T+0)
– How tokenization will streamline the proxy voting process
– Recent action by the SEC, DTC, Nasdaq, NYSE and others to facilitate the tokenization of securities
– The risks of transitioning to a new blockchain-based system
As always, if you have insights on a securities law, capital markets or corporate governance issue, trend or development that you would like to share in a podcast, we would love to hear from you. Email Meredith and/or John at mervine@ccrcorp.com or john@thecorporatecounsel.net.
NAVEX just released its 2026 Whistleblowing & Incident Management Benchmark Report (available for download). The reported results are based on NAVEX’s database of 4,052 organizations, 2.37 million individual reports, and nearly 200,000 conflict-of-interest disclosures made through NAVEX One Disclosure Manager during 2025. Here are some key findings from the executive summary.
Median Reports per 100 Employees once again reached an all-time high. At 1.65 in 2025, reporting increased nearly 5% over the sustained record levels of the previous two years. This is particularly notable given that past periods of economic uncertainty often led to lower reporting levels due to fear of calling attention to oneself. Fewer organizations are experiencing very low reporting activity, and more are receiving higher Reports per 100 employees. Reporting increased across nearly all organization sizes, with the largest enterprises remaining near five-year highs.
Organizations that track all intake channels – Web, Hotline and other sources – consistently report higher visibility into concerns. Monitoring all reporting avenues remains essential to understanding an organization’s full risk profile, particularly as increased reporting places greater demands on response systems.
One of the most significant findings this year relates to Case Closure Time. The median increased by seven days year-over-year, from 21 to 28 days – a 33% increase. No organization size was immune, and nearly every Risk Type experienced longer investigation timelines. Workplace Civility cases, which historically resolved more quickly, increased from 19 to 31 days.
While the percentage of cases open for more than 100 days declined, cases closed within 10 days decreased significantly, signaling pressure on investigative systems. Workforce reductions, economic pressures and increasing case complexity may be influencing timelines. Additionally, integration of AI-enabled tools may introduce additional review steps that enhance insight while extending duration. Regardless of cause, timely resolution remains essential to sustaining reporter confidence.
The NAVEX 2026 Whistleblowing & Incident Management Benchmark Report breaks down data by entity type — including public companies, private companies, government entities, and education organizations. Here are key differences (some surprising!) between reporting statistics for public versus private companies.
– Report volume is significantly higher for Private organizations.
– Private companies are more likely to substantiate cases than Public companies. This may be attributed to a lower anonymous reporting rate (52% for Private versus 55% for Public).
– Consistent with last year, Private companies receive a higher median of Business Integrity reports than Public companies, and Public companies receive a higher median of Workplace Conduct reports.
– Private companies are more likely to separate employment than all other groups. Public companies are far more likely to impose Discipline than the other groups.
The 2026 NAVEX Report noted that the lengthening case closure time may be related to the growing integration of AI tools into the case management process, which it notes might add some procedural steps that extend timeframes (which is counterintuitive!). This Debevoise alert shares some other ways that AI is impacting whistleblowing beyond the case management process:
– Regulators continue to prioritize AI-related conduct.
– At the same time, accelerating AI adoption—particularly agentic AI—combined with growing public skepticism is increasing the likelihood of internal complaints and external reporting.
– AI whistleblower risks have sharply increased since 2024. Enterprise AI tool development and deployment have accelerated exponentially since 2024.In particular, agentic AI—artificial intelligence systems that can complete tasks with little to no supervision—has exploded in development and usage over the past year, and poses multiple new compliance and operational risks. For example, agentic AI tools may undertake tasks beyond the scope of authorization; access data or systems beyond the scope of authorization; reinforce biased or erroneous outcomes; generate strategies to meet goals that developers did not program and cannot easily follow; and behave unpredictably when facing novel situations. Malicious agents may also exploit trust mechanisms to trick agentic AI into granting unauthorized privileges, leading to inadvertent but potentially catastrophic exposure of systems and data.
It concludes with some suggestions for updating your whistleblower policies and procedures to address these evolving risks:
– Substantiating AI Capability Claims: Assess substantiation, documentation, and review controls for AI-related disclosures (including marketing, fundraising, and investor materials) to mitigate “AI-washing” risk.
– Accelerating Internal Response Timelines: Consider whether internal investigation and escalation timelines appropriately account for the incentives created by DOJ’s program and related self-reporting considerations.
– Training: Train managers involved in AI on relevant whistleblower protections and escalation procedures to mitigate whistleblower risks.
– Employee or Contractor Agreements: Review all confidentiality agreements, including severance agreements, releases, codes of conduct, ethics manuals, training materials, and investor materials, for compliance with the Rule 21F-17 requirement not to impede individuals from contacting the SEC to report a possible securities law violation.
– Addressing Complaints Promptly: Avoid delays in responding to whistleblowers where practicable so as not to increase the likelihood that whistleblowers will become frustrated and escalate their complaints externally.
– Taking Concerns Seriously: Take all whistleblower complaints seriously, including ones that are vague or inflammatory. Even one legitimate concern in an otherwise baseless complaint that is not properly investigated can trigger investigative and enforcement risk.
– Protecting Whistleblower Anonymity: If the whistleblower is anonymous, take reasonable measures to protect that anonymity throughout an investigation. If the identity of the whistleblower is known to investigators, it is best practice not to share this identity with others in order to limit the risk of retaliation or investigative taint.
– Providing Context for Decisions: Whistleblowers may have valid concerns but lack the broader context for the priorities and competing considerations of their companies. When addressing a whistleblower’s concerns, consider providing them with the additional context, when appropriate, on the costs, risks, and business impacts of alternative proposed courses of action, and why those may not be achievable.
– Consulting Counsel: Consider involving counsel when faced with complaints regarding alleged violations of law, including those related to AI, especially if any adverse action (including cutting off access to company systems and denying access to company facilities) is being considered against an employee or independent contractor who has raised the concern. Involving outside counsel may also help strengthen privilege claims over the investigation and provide a level of independence.
– Expert Investigation Team: Ensure that the investigation team has the necessary AI expertise to evaluate the whistleblower’s allegations or has access to consultants who can assist in that evaluation.
This White & Case alert describes two related civil insider trading actions brought by the New York AG under the state’s Martin Act — one against the executive and one against the company. As the alert explains, both actions have unusual features:
– [T]he Company is a Delaware corporation headquartered outside of New York. Nonetheless, according to the complaint filed against the CEO (the “CEO Complaint”), the NYAG asserted jurisdiction on the basis that the Company’s shares were traded on the New York Stock Exchange (“NYSE”), the CEO’s trades were executed through a New York-based investment adviser, the trading plan was governed by New York law, and New York investors — including state pension funds — purchased and sold the Company’s shares during the relevant period.
– [The CEO action] represents an unusual instance of the NYAG bringing an insider trading action against a corporate executive for trading pursuant to a Rule 10b5-1 plan [. . .] [O]n October 14, 2020, the CEO initiated discussions about entering into a Rule 10b5-1 trading plan. The plan was reviewed by the Company’s Senior Counsel on November 11 and 12. It was signed by the CEO on November 13, 2020, in the midst of what the CEO Complaint describes as an “all-hands-on-deck” manufacturing crisis and just days after the Company and AstraZeneca had agreed to slow down production.
– The NYAG found that the Company engaged in fraud because it “approved the CEO’s Trading Plan despite the CEO’s possession of material non-public information, and that [the Company] had not disclosed the information at the time of the [p]lan or sales.”
– Both the SEC and the U.S. Department of Justice (“DOJ”) examined the insider trading issue but did not bring charges [. . .] [U]nlike federal insider trading laws—which require proof of scienter, i.e., an intent to defraud—the Martin Act has been found to not require proof that the defendant acted with fraudulent intent. This lower standard of liability may explain why the NYAG was willing to bring this action after the SEC and DOJ, which operate under the more demanding federal scienter standard, declined to do so. We are not aware of a prior instance in which the NYAG has pursued a company for approving an executive’s trading plan.
The alert says that the NYAG’s pursuit of the company, based on its approval of the plan, creates additional compliance considerations for issuers.
Companies should implement robust procedures for reviewing and approving executive trading plans, which may include:
a) Requiring detailed certifications from executives that they are not in possession of MNPI at the time of plan adoption;
b) Conducting diligence beyond written certifications, including inquiries regarding recent significant operational activities, management and board presentations, and undisclosed developments that could constitute MNPI;
c) Where a company is experiencing material, nonpublic business developments — such as operational issues, regulatory challenges, or significant contractual developments — considering whether it is appropriate to delay the adoption or approval of trading plans or to implement additional safeguards, such as General Counsel and CFO approvals;
d) Consulting with legal counsel to assess potential MNPI risks based on the company’s current business circumstances; and
e) Documenting the review process and the basis for approving the plan.
