Recent SEC Enforcement Developments

In order to provide an overview for busy in-house counsel and compliance professionals, we summarize below some of the most important SEC enforcement developments from the past month, with links to primary resources. This has been a busy month for SEC rulemaking and enforcement alike, and we examine the following questions:

• What can we glean from the recently issued proposed rules targeted at investment advisers, including advisers to private funds and institutional investment managers?
• How does the SEC propose to strengthen its whistleblower program?
• Can cooperation with the SEC mitigate adverse outcomes?
• What do the SEC’s actions signal about its priorities?

1) Proposed Rule Changes on Private Fund Adviser Reporting, Cybersecurity, and Short Sales: In February 2022, the SEC voted to propose three sets of rules that would (1) impose new disclosure requirements on private fund advisers, (2) specify cybersecurity risk management requirements for registered investment advisers (RIAs) and others, and (3) increase short sale disclosure obligations on certain institutional investment managers. The thread linking these proposed rules appears to be an effort by the SEC to promote greater transparency and disclosure to investors.

First, on February 9, 2022, the SEC proposed new rules related to periodic disclosures by private fund advisers that impose heightened disclosure and other requirements on RIAs and exempt reporting advisers to private funds. The proposed rules would require these advisers to provide private fund investors with quarterly statements, cause the private funds to undergo financial statement audits, distribute to investors a fairness opinion under certain circumstances, and prohibit certain practices and undisclosed preferential treatment, among other things.

Second, and also on February 9, 2022, the SEC proposed cybersecurity risk management rules for RIAs and registered investment companies (funds). If the SEC’s proposed cybersecurity rules are adopted, this would mark the first time the SEC has established explicit cybersecurity compliance and breach notification requirements for RIAs and funds. The proposed rules focus on mitigating the risk of RIAs and funds not being able to continue to do business in the event of a cybersecurity attack. If adopted, the rules will require RIAs and funds to maintain bespoke written cybersecurity policies and procedures; conduct annual reviews and prepare written reports; and disclose cybersecurity risks and incidents, among other things.

Third, on February 25, 2022, the SEC proposed a new short sale disclosure rule, which would require certain institutional investment managers to report short sale-related information on a monthly basis. Specifically, managers exercising discretion over short positions meeting specified thresholds would have to report information relating to end-of-the-month short positions and certain daily activity affecting such short positions. The SEC would then aggregate this data to maintain confidentiality of the reporting managers and disseminate it to all investors. Chair Gensler’s statement on the proposed rule indicates his view that the public should have more visibility into the behavior of large short sellers and the SEC needs a better understanding of the role short selling may play in market events.

2) Proposed Changes to Whistleblower Rules: On February 10, 2022, the SEC proposed two amendments to enhance the rules governing its whistleblower program. The first proposed amendment would allow the SEC to pay whistleblower awards for certain actions brought by other entities. Chair Gensler stated that this was so the “whistleblower is not disadvantaged by another whistleblower program that would not give them as high an award as the SEC would offer.” The second proposed amendment would affirm the SEC’s authority to consider the dollar amount of a potential award to increase, but not to decrease, it. Coming on the heels of the SEC awarding more than $500 million in its Fiscal Year 2021 alone, the SEC’s latest action highlights its emphasis on the whistleblower program as a means to develop cases that should prompt companies to continually revisit their whistleblower-related policies and procedures.

3) CCO Liability: On February 11, 2022, the Financial Industry Regulatory Authority (FINRA) fined an ex-Interactive Brokers Chief Compliance Officer (CCO) $25,000, as well as implementing a two-month ban against the CCO. FINRA said that between January 2013 and August 2018, CCO Arnold Feist failed to maintain and monitor a “reasonably designed” AML program on a day-to-day basis or to supervise the firm’s AML analysts and supervisors over whom he had “dotted line” supervisory responsibilities. The fine follows broader action against Interactive Brokers in August 2020, where Interactive Brokers agreed to pay $38 million to FINRA and the SEC to settle related claims around its AML program.

FINRA’s action against a CCO highlights that conduct by compliance professionals may be scrutinized by regulators, though as SEC Commissioner Hester Peirce pointed out in 2020, the nature of personal liability CCOs face can seem unclear.

4) BlockFi Settlement (and path forward): On February 14, 2022, the SEC charged BlockFi Lending LLC (BlockFi) with failing to register the offers and sales of its retail crypto lending product, BlockFi Interest Accounts (BIAs), which the SEC alleged was a security. Without admitting or denying the SEC’s findings, BlockFi agreed to a cease-and-desist order, ceased offering BIAs to new investors in the U.S., and agreed to pay $100 million in penalties. Unlike other companies caught in the SEC’s crosshairs for offering digital assets alleged to be securities, BlockFi has paved a path forward. The company plans to register under the Securities Act the offer and sale of a new investment product, BlockFi Yield.

5) Continued Focus on Self-reporting: On February 22, 2022, the SEC announced settled negligence charges and an $18 million penalty against Baxter International Inc. for engaging in improper intra-company foreign exchange transactions that resulted in the misstatement of the company’s net income. The SEC also brought settled negligence charges against the company’s former treasurer and assistant treasurer for their alleged misconduct related to these transactions.

The Baxter case demonstrates the emphasis that the SEC places on self-reporting and cooperation. The SEC praised Baxter for its “self-reporting and substantial cooperation” in working with the SEC, and stated that the company’s cooperation was an important consideration in assessing the appropriate sanctions and identifying remedial measures, including recouping bonuses paid to the CEO, CFO, and other officers pursuant to the Company’s Executive Compensation Recoupment Policy and Section 304(a) of SOX.