Securities Enforcement Forum DC 2024: Priorities in the Election’s Wake

Senior Division of Enforcement officials from the U.S. Securities and Exchange Commission (SEC) spoke with SEC alumni, private practitioners, and other professionals at the Securities Enforcement Forum D.C. 2024 (the Forum), held on November 6 in Washington, D.C.—the day after the U.S. presidential election. 

Panelists had much to discuss given recent and anticipated leadership changes at the SEC, including the Division of Enforcement Director and Chair. A common theme that emerged among the panels, however, was the expectation that certain enforcement priorities will persist. Relatedly, Acting Enforcement Director Sanjay Wadhwa emphasized that the SEC’s mission remains unchanged even though leadership will transition. Indeed, Wadhwa highlighted that in the last fiscal year, enforcement initiatives, such as off-channel communications, resulted in an increase in self-policing, self-reporting, remediation, and other cooperation from market participants, which in turn resulted in greater investor protection. Regardless of forthcoming changes to the SEC and its enforcement priorities due to the new administration, registrants can expect principles of self-policing, self-reporting, remediation, and cooperation to remain focal points. 

Key Developments

Impact of the US Presidential Election on SEC Enforcement

Forum panelists discussed how President-elect Trump’s administration may affect SEC enforcement. While panelists generally agreed that much remains to be seen until a new SEC chair is appointed, they acknowledged that the enforcement agenda is unlikely to change significantly given the apolitical nature of the SEC’s mission to protect investors—with one exception: crypto. However, panelists anticipated that any real insight into material enforcement changes in the crypto space will take time. 

Staff emphasized current enforcement actions are unlikely to be dismissed based on the new administration. However, registrants and issuers facing investigations or litigation may have a greater opportunity to settle on more favorable terms than they otherwise would be able to.

Cryptocurrency

Although it is not clear exactly how the SEC’s approach to crypto will evolve over the coming year, panelists level-set by discussing recent enforcement action trends and settlements. Jorge Tenreiro, Acting Chief of the Crypto Asset and Cyber Unit in the Division of Enforcement, reaffirmed the Unit’s extensive knowledge and sophistication as the largest investigative unit in the Division and its ability to pursue a myriad of cases, including those headed into litigation. Tenreiro explained that the SEC is undefeated in jurisdictional issues in litigated cryptocurrency actions. With the rise in challenges to the SEC’s authority, however, he would not be surprised if we begin to see suits against the Commission related to its enforcement work in this field. Ultimately, Tenreiro explained that this would likely help streamline the Unit’s enforcement efforts (e.g., by setting clear standards).

While litigation may be on the rise in the coming year, Tenreiro also shared his perspective on what to look for in settlements, specifically in this area of enforcement. He explained that the SEC aims to secure compliance through settlements, which may even include agreements to cease operations in certain parts of a business— an untraditional way of making policy. He encouraged market participants to examine the constructs, incentives, and consequences in settlements to stay informed on the state of SEC policy in this space.

Artificial Intelligence

Artificial Intelligence (AI) was a common topic of discussion throughout the Forum given that its mainstream use is on the rise. There have been a handful of enforcement actions in the AI space against asset management firms and public companies—all related to “AI washing” and disclosure shortcomings. While current SEC leadership has prioritized AI because it is a new technology that brings excitement and, therefore, greater opportunity to fraudulently capitalize on that excitement, panelists opined that AI-related enforcement actions will persist and even increase during future administrations. 

This is because of how pervasive AI is becoming. Indeed, many companies are putting significant resources into developing AI to improve efficiencies. As panelists pointed out, just as AI can cause fraud, it can also police fraud. Panelists anticipate that AI will become a tenet of risk and compliance programs, and they would not be surprised to see further regulation in this space. As such, registrants would be wise to stay current with developments in AI technology.

Cybersecurity

Public companies continue to seek clarity on the materiality of cybersecurity disclosures, especially as the rules adopted in July 2023 are implemented and enforced. 

In an effort to provide guidance to registrants, the Division of Corporate Finance released a clarification statement in May of this year. The statement expanded on how to report cybersecurity incidents, even if materiality is not fully determined. Specifically, registrants should disclose material cybersecurity incidents under Item 1.05 of Form 8-K and those that are deemed not material under a different item of Form 8-K, such as Item 8.01.

Panelists discussed the recently settled enforcement action with The Intercontinental Exchange, Inc. (ICE), where ICE failed to report a cyber intrusion to the SEC as required by Regulation Systems Compliance and Integrity (Regulation SCI). Entities subject to Regulation SCI (SCI entities) include self-regulatory organizations, such as national securities exchanges, registered clearing agencies, and registered securities associations. As such, it is vital that SCI entities appropriately report cyber intrusions to the SEC because of the critical functions they serve. Staff recommended SCI entities reach out to the SEC as soon as there is a cyber intrusion because the SEC may be in a better position to determine materiality. Practitioners advised that registrants should be cognizant that when facing a cyber intrusion, the speed of reporting and sufficiency of controls surrounding the reporting process are crucial.

Financial Reporting Fraud

Mark Cave, Associate Director at the SEC, explained that financial reporting fraud remains a high-priority area. Importantly, actions over the past fiscal year have touched on a wide range of issues, including conventional Generally Accepted Accounting Principles (GAAP) reporting violations, non-GAAP reporting violations, and other disclosure-related issues. When looking at the 2024 fiscal year, there is a pattern of charges against individuals, including CEOs and founders in certain instances. 

In addition to individual liability for C-suite individuals, gatekeeper liability continues as an enforcement priority. Both internal and external gatekeepers (e.g., internal accountants and external accountants) are held accountable for their role in misconduct, and staff will continue to explore the best available options to ensure that the Commission can obtain appropriate relief on behalf of investors. 

In predicting the direction of enforcement in this space given the presidential election results, panelists anticipated a continuation of the recent flurry of “old school” revenue recognition accounting fraud cases. Should the SEC revert to its roots due to the election results, we will likely see an increase in such cases.

Effective Approaches for Managing SEC Enforcement Actions

Staff and practitioners provided useful guidance on best practices when facing an SEC investigation and subsequent action. Beginning with testimony, panelists underscored the importance of properly preparing a witness before giving testimony. As Sam Waldon, Acting Deputy Director of the Division of Enforcement, explained, this is what SEC leadership will review when considering settlement or litigation. Both in-house and outside counsel can collaborate on strategy and approaches to testimony preparation.

A cornerstone to successfully going through the SEC investigation process is maintaining credibility by being truthful at all stages, including presentations and written submissions. It is important that clients provide complete and accurate information to counsel, as this is central to credibility. 

Regarding the Wells process, Waldon emphasized that practitioners should focus on key arguments, as weaker arguments can undermine the stronger points. In fact, from Waldon’s perspective, weaker arguments can damage credibility. One way practitioners can boost credibility is conceding issues by acknowledging instances where the SEC may have a stronger argument or the issue is a toss-up. Clients should be mindful of this strategy if counsel determines it is in their best interest to raise only certain arguments to staff.

Finally, when it comes to resolutions, be prepared to discuss with your counsel what an acceptable outcome would be and note that this may change during the course of the investigation.

Conclusion

Key takeaways from the Forum are: 

• The SEC may undergo significant changes, particularly regarding its enforcement priorities, with the incoming administration. The new chair will be the most important factor in how this takes shape.
• Registrants should review settlements in crypto enforcement to stay informed of the SEC’s evolving policies in this space.
• Keep in mind the SEC’s focus on AI when deploying AI and making AI-related disclosures.
• Regularly review disclosure controls and cybersecurity governance practices for compliance with SEC cybersecurity rules.
• Financial reporting fraud is highly likely to remain an enforcement priority for the SEC. Watch for increased focus on revenue recognition actions.
• Be aware of the importance of counsel’s credibility with the SEC. Clients should be receptive to counsel’s recommendations on strategy when submitting presentations or written materials to the SEC.