This year’s report from the SEC’s Office of Inspector General also acknowledges the Supreme Court’s decision this year in SEC v. Jarkesy – which prevents the SEC from using administrative proceedings in contested securities fraud actions for civil penalties. The report says this has created uncertainty on the enforcement front:
The decision may have broader implications for the SEC’s enforcement program, as open questions remain, such as the constitutionality of seeking civil penalties in other types of administrative proceedings It is difficult to predict whether the availability of a federal jury trial will make defendants more likely or less likely to resolve claims in advance of litigation The uncertainty surrounding the SEC’s ability to adjudicate other enforcement actions administratively, as well as the additional resources required to bring actions in federal court, pose challenges for the SEC.
Related to this, but not mentioned in the report, is the fact that the SEC has been dismissing misconduct proceedings against accountants that were pending before administrative law judges. I blogged about that a couple months ago – here’s a LinkedIn post about the impact that the proceedings had on one accountant’s career.
According to this year’s annual report from the SEC’s Office of Inspector General, budget constraints are affecting the SEC’s ability to fulfill its mission and mitigate the risks it is facing. Here’s an excerpt:
The current budget environment constrains the SEC’s ability to address each of the challenges described in this report. Flat funding for Fiscal Year (FY) 2024 required an Agency-wide freeze on hiring, as well as the elimination of certain performance bonuses and other employee benefits. Increasing personnel costs limit the resources available to update and improve legacy information systems, including information security. The changing regulatory environment will likely increase operational demands on the Agency and its staff. Lack of resources may hinder the Agency’s ability to meet these challenges, mitigate its risks, and pursue its vital mission.
On the plus side, the report says there’s been lower attrition this year. But in addition to the hiring freeze, funding limitations are making it difficult to keep pace with competitive compensation arrangements for staff. Depending on how appropriation laws shake out, the SEC may have to suspend some benefits. That could affect the agency’s ability to recruit and retain staff.
Remember when the SEC’s X account was hacked earlier this year? A political circus ensued, and it eventually came out that the SEC hadn’t enabled two-factor authentication, which left its account vulnerable to a SIM swap scheme.
We hadn’t heard much more about the incident since January, but the wheels of justice have been turning. Last month, the DOJ announced the arrest of a 25-year-old Alabama man, who allegedly conspired with others. Here’s how the government says the crime happened:
As described in the indictment, Council, who used online monikers including “Ronin,” “Easymunny,” and “AGiantSchnauzer,” received personal identifying information (PII) and an identification card template containing a victim’s name and photo from co-conspirators. Council then used his identification card printer to create a fake ID with the information. Council proceeded to obtain a SIM card linked to the victim’s phone line by presenting the fake ID at a cell phone provider store in Huntsville, Alabama. He then purchased a new iPhone in cash and used the two items to obtained access codes to the @SECGov X account. Council shared those codes with members of the conspiracy, who then accessed the account – and issued the fraudulent tweet on the @SECGov X account in the name of the SEC Chairman, falsely announcing the SEC’s approval of BTC ETFs. Council received BTC payment for performing the successful SIM swap. Shortly after, Council drove to Birmingham, Alabama to return the iPhone used in the SIM swap for cash.
He later conducted internet searches for “SECGOV hack,” “telegram sim swap,” “how can I know for sure if I am being investigated by the FBI,” and “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them.”
Here’s the indictment with more details. The investigation is ongoing. So, the allegations haven’t been proven. And there may be more individuals who eventually face charges….
Although eye-poppingwhistleblower awards might make you think otherwise, the SEC is not throwing bags of cash at every [Redacted] who reaches out to them. An order issued by the Commission earlier this week serves as a warning to aspiring whistleblowers that they must exercise at least some discretion with their submissions.
The order not only denied a whistleblower’s award applications – it also permanently barred them from ever participating in the whistleblower program again. Here’s the background:
Claimant submitted three of the relevant award applications to the Office of the Whistleblower (“OWB”) in [Redacted]. Claimant bases these award claims on tips Claimant submitted alleging that Claimant lost $20,000,000,000,000 and became aware of misconduct involving an unnamed investment company, through, among other sources, account statements, broker-dealer records, publicly available information, SEC filings, and social media. Claimant lists – without any explanation – numerous internet pages, most of which appear to be social media posts, including links to companies providing market insights and analysis, legal alerts of criminal misconduct, company reports, U.S. and international articles and political commentary.
Claimant further identifies a purported investment company as the perpetrator of misconduct against Claimant and also alleges a “murder” that is linked to a business where Claimant was allegedly employed as a Non-Employee Director. Claimant’s tips were closed and do not on their face bear any relation to the charges in the Covered Actions.
I have a lot of questions about how someone could lose $20 trillion. Of course we’ll never know the details, but apparently, the Staff was skeptical:
On [Redacted], pursuant to Exchange Act Rule 21F-8(e), OWB provided notice to Claimant that it had determined that these seven award applications were frivolous or noncolorable. OWB also informed Claimant that the Commission has the authority to permanently bar a claimant. Accordingly, OWB recommended that Claimant withdraw all frivolous or noncolorable claims that he/she had submitted. The 30-day deadline to withdraw the claims expired on [Redacted], and Claimant did not respond.
The Commission issued a permanent bar because the claimant’s time-wasting, frivolous claims hindered the efficient operation of the whistleblower program. The ability to issue a bar was part of 2020 rule changes – and these FAQs give more color to whistleblowers about what will be considered “frivolous” or fraudulent. The order notes the claimant had filed “3 or more applications” – but it’s not clear exactly how many. The last time the Commission issued a permanent bar, the individuals had filed hundreds of frivolous applications.
I joked in my other blog today about redactions in whistleblower orders. The reason these orders have so much information blocked out is because Exchange Act Section 21F(h)(2)(A) directs the Commission to keep identifying information about whistleblowers confidential. The SEC seems to interpret that directive very broadly – but a recent joint statement from Commissioners Peirce and Uyeda point out that going overboard with redactions may have serious consequences. Here’s an excerpt:
Despite the undeniable importance of the information the Commission includes as part of its public final orders, the Commission’s releases, statements, and labyrinthian whistleblower rules are silent on how the Commission determines what information it can and cannot disclose. From the public’s perspective, as evidenced by the appearance on the Commission’s website of heavily redacted award determinations, someone at the Commission determines that this or that information should be redacted. The public is left with only limited, curated information to consider when assessing whether the award determination raises potential legal issues related to the interpretation and application of the whistleblower statutes and whether the Commission is applying its rules in a reasonable and consistent matter when it awards substantial sums of money from the public fisc.
Unnecessary redaction of final award determinations in the name of whistleblower confidentiality limits public information about the awards, and that, in turn, insulates the awards from scrutiny. And the whistleblower program needs scrutiny. Most direct participants in the program share a common incentive—to maximize awards. Whistleblowers have incentives to obtain the largest award possible; the Division of Enforcement has an incentive to maximize awards as an inducement for whistleblowers to come forward; and the Commission has an incentive to maximize awards as a metric to illustrate the success of the program. Ensuring that the Commission’s public final award determinations disclose, to the greatest extent possible, the facts supporting the determination and articulate the legal reasoning underpinning the Commission’s interpretation and application of the whistleblower statute and rules is a necessary and helpful check on the potential negative consequences of such an alignment of incentives. The whistleblower program is important to the Commission, so we should do everything possible to protect its integrity, including allowing appropriate outside scrutiny.
I’ve always thought it would be fun to be the person who handles the redactions. It would be the closest I’d ever get to becoming a CIA agent, and until now, it had seemed there was little downside to going too far. But the Commissioners make a good point. Maybe that job is going to get more difficult in the future.
Election Day is finally here. Boards (and those who advise them) will need to adapt to oversee whichever set of risks & opportunities accompany the outcome. It’s also very likely that the outcome remains unknown for a while – and that situation presents its own risks. This guide from the Erb Institute’s Corporate Political Responsibility Taskforce points out that although companies would prefer to stay above the fray, that doesn’t mean they can ignore foreseeable business risks. Here’s an excerpt:
Businesses face serious risks when democratic institutions erode; proactive risk management is critical: Our expert panel outlined three types of risks businesses may face during this year’s election cycle – Election Risks, Governing Risks and Societal Risks. It is critical to anticipate and plan for a context where the odds of serious disruption may be low but the stakes are very high, and the risks of inaction may equal the risks of action.
When it comes to “anticipating and planning,” the guide links to several resources, including a board deck from the Civic Business Initiative that identifies near-term foreseeable risks to have on your radar:
– Increased levels of stress, distraction, and disharmony among employees adversely impacting productivity and morale;
– Political violence and civil unrest posing threats to the safety of employees and customers;
– Civil unrest causing property damage and interruption of operations;
– Cyber attacks disrupting infrastructure, communications, and financial systems;
– Supply chain disruption;
– Increased market volatility; and
– Capital market disruption.
The deck suggests practical steps to take to manage these risks, identifies dates to be on “high alert,” and provides tools for scenario planning. Even if your board hasn’t had time to scenario plan, you can still use these tools to consider whether & how to escalate issues if the need arises.
Yesterday, for example, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint statement warning that foreign actors like Russia and Iran are running disinformation campaigns to stoke violence. The statement encourages people to seek information from trusted, official sources, in particular, state and local election officials.
Last month, the Business Roundtable issued a brief statement entitled, “Voting is the Bedrock of Our Democracy,” which says:
“Voting is a fundamental right of American citizens. The strength of our nation’s democracy and the stability of America’s economy depend on free and fair elections.
“As voting in the 2024 election continues, Business Roundtable strongly encourages all eligible citizens to vote. Our members are committed to helping by providing flexibility for workers to vote and volunteer at polling locations across the country.
“It can take time to finalize election results, and we urge all Americans to respect the processes set out in federal and state laws for electoral determinations and an orderly transition.”
The statement was issued after the Interfaith Center on Corporate Responsibility sent a letter to CEOs of the 200+ companies that are BRT members, calling for the business community to publicly support democratic norms. The BRT’s comments track with recommended steps in the Erb Institute guide, which makes this point:
Business has a common interest and a legitimate role in in upholding American constitutional democracy but needs to articulate this and act on it thoughtfully. Companies depend on institutions, including the rule of law, a predictable, stable and impartial regulatory environment, and the general prosperity enabled by the American economic and political system. However, any external-facing initiatives need to be explicit about business’ legitimate role and the specific risks to their industry when institutions are doubted, disputed or unreliable. For many companies this involves a fresh look at their decision frameworks and the principles that guide their political engagement.
The guide urges companies to take action – internally and externally – but to focus on rules that apply no matter who is running or governing. As noted above, one recommended action is to review and upgrade governance related to political spending and other activities, which is something Dave blogged about last week.
The good news about Election Night (and beyond) is that each of us is in control of our own sanity. Although we all need to stay informed to some extent in order to do our jobs, we probably do not need to inflict ourselves with thousands of metaphorical paper cuts, imposed one by one as we consume every opinion piece, prediction, and statement. I don’t want that for myself, and I don’t want that for you!
It’s hard to accept that we won’t have immediate certainty about the election outcome. But just like planning ahead for business risks, that “not knowing” is a foreseeable scenario, and you can prepare now to address it head-on rather than being surprised next week by the amount of time and energy you’ve wasted by following each breathless play-by-play update. This article from Temple University shares ideas to get you through the week:
– Establish boundaries.
– Limit social media. Social media accounts can also be set up to reduce and/or restrict political content.
– Schedule a midday walk, and keep your phone in your pocket.
– Set up a scheduled time to block apps and notifications.
If you’re a lawyer and you want to put energy towards something election-related, the ABA Task Force for American Democracy recently published ways that individuals and bar associations can help support a fair and peaceful election – and promote civics education for the long-term.
Personally, I’m making great use of my library card right now. I’ve queued up a few page-turners in Libby. When I want to doomscroll, I open one of those instead. I’ve also been revisiting the uplifting third entry in this 2020 blog from John.
The Ropes memo summarizes the complaints, which are premised on allegations of improper revenue recognition that affected financial statements used in an IPO and follow-on offering. Here’s an excerpt:
According to the complaint against the CFO and AC Chair, the CFO and AC Chair first learned that the beta tests had not been performed on the day Kubient launched the follow-on offering. The SEC alleges that on that day an employee who had discovered that KAI had not scanned the customers’ data informed the AC Chair of this discovery, while questioning whether it could be indicative of fraud and suggesting that, if the wrong data had been scanned for the beta test, the company might need to restate its earnings. The AC Chair then relayed this information to the CFO on the same day.
The complaint further alleges that, despite learning this, neither the CFO nor the AC Chair investigated the circumstances of the $1.3 million revenue recognition; instead they both furthered the CEO-initiated fraudulent scheme by failing to correct the statements in the follow-on offering documents, signing the company’s subsequent public filings including the same statements, and lying to the company’s independent auditor about the revenue and their knowledge of concerns raised internally about the transactions supporting the revenue.
The memo goes on to detail the allegations against the Audit Committee Chair specifically, which included:
– Failing to investigate the circumstances surrounding the $1.3 million revenue recognition after learning that the customers’ data were not scanned by KAI;
– Failing to inform the independent auditor of that discovery;
– Failing to correct the KAI testing and revenue statements in the follow-on offering documents;
– Excluding the independent auditor from the audit committee meeting where concerns about the KAI contract were discussed (the “KAI Audit Committee Meeting”);
– Further concealing the KAI Audit Committee Meeting from the independent auditor by signing minutes (prepared by the CFO) of the immediately following audit committee meeting that disclosed another meeting, instead of the KAI Audit Committee Meeting, as the last audit committee meeting;
– Falsely stating to the auditor, during the 2020 year-end audit interview, that she was unaware of any tips or complaints regarding the company’s financial reporting, any fraud or suspected fraud affecting the company, or any other matters relevant to the audit; and
– Signing the company’s 2020 Form 10-K that included the statements in question.
Charges against audit committee chairs are rare, but statementsfromSEC officials about the important role of gatekeepers are not. Although there appear to have been some “bad facts” here, the charges reinforce the message that gatekeepers must take their role seriously, promptly investigate red flags, and oversee steps to correct material errors.
Clean audit reports on financials that later prove inaccurate may serve as the basis for a Rule 10b5-1 securities fraud claim against a company’s independent auditor, according to an amended opinion issued last week by a Second Circuit panel. The amendment reversed course from the court’s 2023 decision to dismiss the claim. The WSJ reports:
After the [2023] ruling, a trio of former Securities and Exchange Commission officials filed a brief with the court asking it to reconsider the decision. The court then asked the SEC to submit a brief expressing its views on the subject. The SEC did so and it, too, asked the court to reconsider, writing in a brief last February that “audit certifications convey crucial information to the investing public” and “audit certifications are not too general to be material.”
The appeals court on Thursday reissued its decision with amendments and ruled the investors’ claims against BDO could proceed.
The investors had alleged that the audit report was uniquely problematic because the audit partners failed to complete the necessary checks and audit work papers before issuing the audit opinion; that they signed several audit work papers without reviewing them; and that they failed to verify that all the necessary audit work was performed before issuing the opinion. In addition, the plaintiffs alleged shortcomings under PCAOB standards that require appropriate supervision, testing of audit procedures, and quality review.
The court determined that the plaintiffs adequately alleged that the audit report contained potentially actionable misstatements, because it was plausible that the partner who signed the audit opinion disbelieved the statement that the audit was conducted in accordance with PCAOB standards. Moreover, the court found adequate allegations that the misstatements were material. Here’s an excerpt (citations omitted):
Although the challenged audit certification reflects standardized language, it is not “so general that a reasonable investor would not depend on it as a guarantee.” Instead, BDO’s certification that the audit was conducted in accordance with PCAOB standards succinctly conveyed to investors that AmTrust’s audited financial statements were reliable. The absence of BDO’s certification would have been significant, for without it, BDO could not 49 have issued an unqualified opinion, AU 508.07, which then would have alerted investors to potential problems in the company’s financial reports.
In other words, audit quality is important – and it’s been front & center in scandals & rules this year. We’ll be providing practical guidance on this topic in an upcoming webcast, “Audit Quality: Lessons from BF Borgers and Other Recent Developments.” Mark your calendars for Thursday, November 21st at 2:00 p.m. ET to hear Deloitte’s William Calder, Maynard Nexsen’s Bob Dow, and Nonlinear Analytics’ Olga Usvyatsky discuss what corporate attorneys need to know about the latest audit-quality developments to advise clients on financial reporting and corporate governance matters.