At this year’s PLI “SEC Speaks” conference held February 22-23, 2018, in Washington, D.C., the U. S. Securities and Exchange Commission’s senior leadership showcased its 2017 accomplishments, and previewed priorities for 2018 and beyond. The conference was highly anticipated, coming days after the SEC’s first cybersecurity disclosure guidance for public companies since 2011 and following a year rife with data breach announcements (including where the SEC itself was the victim); uncertainty regarding the SEC’s regulation of cryptocurrencies; and drama as certain administration appointees appeared intent on undermining their own agencies.  But nine months into his tenure, Chairman Jay Clayton offered a glowing assessment of the SEC, reflecting on the strength of the agency’s foundation, goodwill, resiliency and flexibility.

In describing his priorities, Clayton emphasized that the SEC needed to remain nimble given the evolving markets, and reiterated the importance of protecting the long-term interests of “Main Street” investors (a/k/a “retail investors” and “Mr. & Mrs. 401(k)”) and creating investment opportunities for them. Clayton stressed the need to create broader public company portfolio opportunities, especially at companies’ “growth stages,” which frequently are funded with private capital—a difficult, if not inaccessible investment opportunity for smaller investors. To counter the diminishing number of public companies, Clayton proposed easing registration burdens as long as investor protections remained intact. Clayton also remarked that companies who go through the registration process emerge with stronger governance and internal controls. Clayton’s other priorities included looking at large financial institutions, whose actions impact Main Street investors, harmonizing regulations, and coordinating with other regulators who, at times, have overlapping oversight roles (e.g., the U.S. Commodities Futures Trading Commission, the Financial Industry Regulatory Authority and the Federal Reserve).

A common theme throughout this year’s SEC Speaks conference was that market participants and the SEC would benefit if both were more:

1. Accessible—If the SEC would answer questions and provide clearer guidance, and market participants gave feedback and shared industry expertise to enhance the SEC’s knowledge base and abilities.
2. Flexible—If both (regulators and market participants) were ready and willing to adapt to evolving markets, financial instruments and technology with increased understanding of each other’s role in the financial system.
3. Transparent—If the SEC would provide clarity on its initiatives and actions, and market participants made fulsome disclosures to the SEC and investors, especially regarding fees and risks.

Below are other noteworthy priorities and initiatives that were highlighted by SEC leadership:

New Enforcement Initiatives: Cyber Unit, Retail Strategy Task Force and Share Class Selection Disclosure Initiative

In their first year as co-directors, Stephanie Avakian and Steven Peikin led the Division of Enforcement’s launch of several new initiatives, including the Cyber Unit, Retail Strategy Task Force and Share Class Selection Disclosure Initiative.

New Cyber Unit Consolidates SEC Expertise to Counter Cyber Threats. In line with last year’s promise to focus on cybersecurity in 2017, the SEC’s new Cyber Unit consolidates the Enforcement Division’s cyber expertise in an effort to keep pace with an ever-increasing range of cyber threats. In his remarks, Robert Cohen, Chief of the Cyber Unit, described the unit’s priorities, including matters involving Initial Coin Offerings (ICOs) and digital assets, trading cases involving hacking for non-public information, account takeovers, market manipulations facilitated through cyber means (e.g., fake EDGAR filings and websites), and cybersecurity cases involving regulated entities required to maintain reasonable controls.

Cohen noted that the unit’s work has already affected market behavior. For example, in December 2017, a California-based company selling tokens to raise capital for its blockchain-based food review service stopped its ICO after the SEC raised registration concerns. A dozen other companies have also voluntarily halted their ICOs to more closely examine whether their offerings or tokens were securities requiring registration. Cohen noted that an early indicator of the SEC’s effectiveness in the fintech space is that it appears more companies are engaging law firms (with expertise) to render opinions on their offerings, as opposed to relying on internet searches and other dubious forms of legal advice. Cohen warned that he expected to see more substantial penalties in the future against fintech offerings that violate the securities laws given the amount of notice the SEC has provided the industry, including in its July 2017 “DAO Report.”

Cybersecurity Risks & Incidents: Materiality Remains Key—Update Your Insider Trading Program

Two days before the start of this year’s conference, the SEC issued its first guidance for public companies regarding the disclosure of cybersecurity risks and incidents since the Division of Corporation Finance’s 2011 staff guidance. According to Director of the Division of Corporation Finance William Hinman, although technology and the types of cybersecurity incidents have changed, the central disclosure requirements have not—only information concerning material cybersecurity risks and incidents must be promptly disclosed. That said, the new guidance expands on its predecessor in two ways.

First, the new guidance emphasizes the need for disclosure procedures and controls that allow thoughtful analysis of risks and incidents “up the chain,” beyond just the organization’s information technology group. It also encourages a meaningful process that engages the IT group with the business staff and others so that decision makers can assess whether and when a timely disclosure need be made. Second, the new guidance encourages issuers to have insider trading policies which recognize that cybersecurity risks and incidents may be considered non-public, material information. Companies should consider whether to implement prophylactic measures (e.g., close trading windows) when such information is known by insiders, and consider incorporating examples of non-public, material cybersecurity information in their insider trading training program.

Retail Strategy Task Force Aims at Investor Protection and Education

The Retail Strategy Task Force that was announced in September 2017 aims to develop proactive, targeted initiatives to identify misconduct affecting retail investors. According to the task force’s chief, Charu Chandrasekhar, it will not only examine classic types of fraud directed at retail investors, including boiler room and microcap fraud and Ponzi schemes; it will also  focus on misconduct by investment professionals, including those who: (1) inappropriately steer retail investors to higher fee mutual fund share classes; (2) fail to fully disclose fees or mark-ups; and (3) engage in churning and excessive trading to generate large commissions at the investor’s expense. The task force will also deploy the SEC’s full range of data analytics and technology to strategically and efficiently identify trends or problems, and uncover areas requiring additional scrutiny.

Share Class Selection Disclosure Initiative & Self-Reporting     

The Enforcement Division’s new Share Class Selection Disclosure Initiative will bolster its efforts to protect retail investors and may help conserve agency resources. Under the initiative, investment advisers who received undisclosed 12b-1 fees by placing clients in mutual fund share classes with higher fees, when less costly classes were available, have until June 12, 2018, to self-report their conduct to the SEC. If they do, the Enforcement Division would recommend settlement terms requiring the adviser to disgorge ill-gotten gains to the harmed investor without also seeking civil penalties from the adviser. According to Anthony Kelly, co-chief of the Enforcement Division’s Asset Management Unit, those who do not take advantage of this initiative and fail to timely self-report may face sanctions greater than those sought in the past for similar conduct.         

Continued Rigor for Rest of Enforcement Agenda

Enforcement officials stressed that the SEC has not abandoned other aspects of its enforcement program, including efforts to combat foreign bribery and corruption. As recently appointed Chief of the Foreign Corrupt Practices Unit Charles Cain noted, although there was a significant drop in the number of FCPA cases brought in the year 2017—versus the unusually high number brought in 2016—last year’s total number was consistent with 2013-2015.

These cases included charges against individual defendants, reflecting a focus on holding individuals accountable (e.g., charges against Jeannot Lorenz, former vice president at Halliburton; and settlements with former executives of Magyar Telekom). Cain also highlighted the unit’s continuing efforts to cooperate with the SEC’s international counterparts, noting that the unit reached three coordinated resolutions with foreign regulators in 2017, including with Dutch, Swedish, Brazilian and Swiss authorities.

However, the time needed to bring increasingly complex cases may pose additional challenges for the SEC in the wake of the U.S. Supreme Court’s recent decision in Kokesh v. SEC, 137 S. Ct. 1635, 1640 (2017). In Kokesh, the Court held that SEC claims for disgorgement are subject to a five-year statute of limitations. Because disgorgement is among the remedies most commonly sought in FCPA cases, Kokesh may have an outsized impact on how FCPA cases are conducted. This may be especially true with FCPA cases, which often involve aged conduct and may take years to investigate, as regulators frequently must work through complexities associated with collecting foreign evidence and working with foreign partners. As a result, Enforcement leadership indicated a more judicious approach to opening matters with older conduct and requiring extensive investigation.

Seller Beware: Expect Continued Aggressive Regulatory Scrutiny of Fintech

Senior leadership made clear that fintech products are squarely on the SEC’s radar across many divisions.  It was equally clear that notwithstanding a product’s utility or self-identification (coin, token or cryptocurrency), whether it is a security and subject to registration and other requirements depends on the economic reality of the transaction.

Sellers should, and the SEC will, generally employ the Howey test (the investment contract analysis) to determine if a fintech product is a security. If it is, sellers must beware that a host of SEC registration requirements may be triggered, not just for the product but for those involved in its offer and sale—potentially invoking exchange, clearing agency, transfer agent or broker dealer registration requirements, each with its own complexities. Sellers must also beware that the securities analysis does not begin and end with Howey. They must also consider the other types of securities contained in the ’33 Act to determine if registration may be required.

In addition to registration issues, panelists expressed concerns regarding misrepresentations and inaccurate information in the offer and sale of fintech products, especially scenarios in which offerors falsely invoked fintech terms in their names and business descriptions to cash in on fintech’s popularity. In addition to potentially being fraudulent, registered investment companies could also violate the Investment Company Names Final Rule if at least 80% of their assets are not invested in the type of investment suggested by the name.

On the topic of investment funds and fintech products, Division of Investment Management panelists discussed and directed attendees to a recent letter from Dalia Blass, director of the Division of Investment Management, raising issues about mutual funds and exchange traded funds (ETFs) maintaining cryptocurrencies and related products in their holdings. The letter and panelists raised questions about whether cryptocurrencies could meet daily valuation, liquidity/daily redeemability, custody of holdings, and arbitrage (for ETFs) requirements, and how funds would address the potential for manipulation and other risks in the current cryptocurrency markets.

Because there are more questions than answers at this point, Investment Management stated that it does “not believe that it is appropriate for fund sponsors to initiate registration of funds that intend to invest substantially in cryptocurrency.” As a result, it has successfully requested the withdrawal of all registration statements filed for such products.

The overall message to the fintech community was far from dour. Director of the Division of Corporation Finance Hinman and other SEC senior leadership appeared to recognize that fintech is an important market segment and expressed a seemingly genuine willingness to work with market participants, both sophisticated and not, to navigate the intersection between fintech and the securities laws. The SEC has set up an email address, fintech@sec.gov, which, according to Hinman, is monitored by experts from across the agency. Hinman also welcomed market participants to share their knowledge and expertise with the SEC concerning the evolving fintech landscape.

***

The dichotomy between “old and new” was on full display this year as SEC leadership highlighted its priorities for the year ahead. The staff underscored their commitment to Mr. and Mrs. 401(k), and stressed the importance of creating new investment opportunities. Meanwhile, the SEC has yet to complete its long-awaited rule making process to clarify the fiduciary standard applicable to broker-dealers—arguably the front line of interaction with Main Street investors. Likewise, the SEC staff promised efficient regulatory oversight of cryptocurrencies and ICOs, but repeatedly stated they would rely upon a decades-old legal infrastructure to do so—namely, the ’33 and ’34 Acts, and the Supreme Court’s 1946 Howey decision. But, with the January 2018 appointment of Commissioners Jackson and Peirce, the commission is now operating at full bench strength for the first time in nearly two years. If, as Chairman Clayton underscored, the SEC truly focuses on being nimble in the face of ever-changing technology and investment opportunities, 2018 will be a busy year for the SEC and all that it regulates.

This update was also published in Law360 on 02.27.2018, “Highlights From 'SEC Speaks' 2018."

Highlighted in Law360's: "In Case you Missed It:  Hottest Firms And Stories On Law360," on 03.02.2018.

© 2018 Perkins Coie LLP

---

Sign up for the latest legal news and insights  >

---