SEC Speaks 2024—Five Key Takeaways
Leadership of the U.S. Securities and Exchange Commission (SEC) addressed criticism, reiterated its commitment to safeguarding investors, and offered a glimpse into its agenda for the upcoming year during the Practising Law Institute's SEC Speaks conference, held on April 2 and 3 in Washington, D.C. Director of the Division of Enforcement Gurbir Grewal, acknowledged that the Division of Enforcement's ability to do its job "depends on trust and credibility." Consequently, the Division's enforcement agenda focuses on maintaining and rebuilding that public trust and credibility.
The SEC's emphasis on building investor trust carries significant implications for market participants across the board. Below are five key takeaways from this year's conference.
Cryptocurrency Remains Top of Mind Amid Criticism
Grewal's remarks focused on crypto regulation, noting, "we are facing significant headwinds in our enforcement efforts," such as attacks on the SEC's integrity and accusations of overreach stifling innovation.
Grewal expressed his hope that "after the latest in a long and growing string of courts affirming [the SEC's] authority to police the crypto markets," the SEC can move forward and "address the very real issues present in this industry that lead to elevated investor risk," including fraud and lack of transparency and oversight. As such, we are likely to see continued emphasis on enforcement in the cryptocurrency space, and crypto players and stakeholders should thoughtfully consider the SEC's aggressive posture going forward.
Focus on Gatekeeper and Entity Liability To Increase Transparency and Trust in the Markets
The SEC reaffirmed its commitment to holding gatekeepers accountable, underscoring the vital role that gatekeepers play in safeguarding investor interests. Panelists emphasized the SEC's capacity to enforce regulations and professional norms among gatekeepers, which, according to SEC staff, is "critical" to properly functioning capital markets.
In addition to underscoring the significance of the gatekeeper function, the staff highlighted the importance of registrants' implementation of robust controls to ensure investors receive accurate information. Indeed, the SEC's focus extends beyond gatekeepers to encompass the entities themselves, highlighting the need for proper internal controls over financial reporting and disclosure reporting procedures. The SEC aims to move beyond the notion that penalties are merely a business expense—the cost of doing business—and instead advocates for deterrent-focused remedies. Market participants should continue to ensure controls are up –to date and act together with gatekeepers to provide adequate protections to investors.
Off-Channel Communications Violations: How Penalties Are Assessed
The Division of Enforcement also discussed its continued focus on tackling recordkeeping violations. Deputy Director of Enforcement Sanjay Wadhwa acknowledged criticism from the defense bar regarding the broad range of penalties imposed in these matters and maintained that the Division individually assesses the facts and circumstances of each case when determining the penalty to recommend to the SEC. Wadhwa then provided the various factors that he claims the Division considered in that assessment, including the following:
- Self-reporting. Wadhwa stated this is "the most significant factor in terms of moving the needle on penalties."
- Cooperation. A firm that cooperates during the investigation "can still receive credit," according to Wadhwa, even if it does not self-report.
- Size of the firm. The SEC assesses the firm's revenue and the number of registered professionals at the firm to ensure that the penalties are adequate to serve as a deterrent against future violations.
- Scope of the violations. This assessment considers how many individuals communicated off-channel and the total number of off-channel communications.
- Firm's efforts to comply with recordkeeping obligations. This includes, for example, whether the firm adopted meaningful technological or other solutions.
- Precedent. The SEC has now issued 40 settled orders in these matters since December 2021 and views these precedents as a "guide," though "not determinative."
Wadhwa explained that while "none of these [factors are] dispositive," self-reporting is "the factor most likely to significantly lower the penalty we recommend." While market participants should take heed of Wadhwa's statements regarding self-reporting, they should also consider referencing precedent as a blueprint for navigating these issues.
A Continued Focus on Emerging and Evolving Risk Disclosures, Including AI
The SEC will continue to focus on ensuring registrants disclose emerging and evolving risks, such as those related to artificial intelligence (AI), supply chain issues, commercial real estate, and cyber-related disclosures. The staff cautioned registrants that disclosure related to AI must identify potential risks, encompass concerns such as data privacy (e.g., ensuring appropriate third-party data protection measures), identify potential discriminatory results or bias, protect intellectual property, and include consumer safeguards.
Moreover, as in years past, supply chain issues continue to present potential risks for registrants, including dependencies on a limited number of suppliers or suppliers located in specific geographic regions. Recent trends in the commercial real estate sector since early 2023 have introduced potential risks, such as increased vacancies, declining property values, and higher interest rates and property costs. The staff emphasized the importance of investors understanding the unique challenges that registrants face and reiterated its longstanding position that boilerplate disclosures are insufficient if registrants determine that these developments influence their business. Registrants should consider tailoring their disclosures to accurately describe applicable risks and any distinctive challenges they face.
Finally, SEC leadership reaffirmed that cyber remains a top priority. With the new cybersecurity disclosure rules now effective, companies should look to qualitative and quantitative factors when describing the material impact or likely material impact of a cyber event. Panelists emphasized that the lack of quantitative harm does not mean the incident was not material and therefore could warrant disclosure. Moreover, as set forth in recent guidance, the SEC encourages those facing a cyber event to work closely with law enforcement, including the FBI, as soon as possible.
Market Participant Cooperation Is Key
The Division of Enforcement highlighted the importance of cooperation. Chief Counsel in the Division, Samuel Waldon, emphasized the SEC's concerted effort to incentivize cooperation. Waldon provided concrete examples of cooperation:
- Providing the SEC with documents it cannot compel.
- Conducting an internal investigation and providing the SEC with the results.
- Waiving privilege and producing potentially privileged documents that allow the SEC to develop a record more fully.
- Translating documents when necessary.
- Providing helpful financial analyses.
He referenced a handful of enforcement actions in which the SEC imposed reduced or no penalties based in part on cooperation, including the recently settled action against Cloopen Group Holding Limited. There, Cloopen self-reported accounting violations to the SEC and provided substantial cooperation to the staff, including summarizing interviews of witnesses located in China and identifying and translating key documents. As a result, no monetary penalties were imposed against Cloopen.
Waldon added that complying with subpoenas, responding to document requests, and providing truthful testimony do not constitute cooperation.
Waldon then explained how the SEC evaluates cooperation. For individuals, it looks at various factors, including the value of the cooperation, the gravity of the underlying matter, the need to hold the cooperator accountable, and the cooperator's profile. In the case of a corporation, the SEC considers the Seaboard factors: self-policing, self-reporting, remediation, and cooperation. Panelists also noted that although it is preferable to cooperate from the outset of an investigation, any level of cooperation may result in a penalty reduction.
Conclusion
Throughout the conference, the staff emphasized key priorities integral to its efforts to address criticism and rebuild trust. These priorities include the SEC's heightened regulation and enforcement efforts in the crypto space, the pursuit of penalties related to recordkeeping violations, holding gatekeepers accountable, and ensuring emerging and evolving risks are disclosed appropriately. Furthermore, the staff affirmed its dedication to incentivizing cooperation and self-reporting—one way it seems the SEC is seeking to reignite public engagement and rebuild its trust and credibility.
For more information, an expanded version of this article was previously published in Law360.
© 2024 Perkins Coie LLP