Officials from the enforcement arms of the SEC and the PCAOB outlined their agencies’ priorities at the Practising Law Institute’s 2018 Enforcement forum. A recurring theme of the forum was cyber-related enforcement issues, including hacking, cryptocurrencies, and initial coin offerings, which was reflected in SEC Enforcement Division Co-Director Steven Peikin’s remarks.
SEC enforcement. According to Peikin, cyber-related misconduct falls within Chairman Jay Clayton’s focus on protecting retail investors. He noted that the SEC recently created a specialized unit to combat cyber misconduct. Cyber misconduct is a broadarea which can include incidents of hacking to obtain material nonpublic information for insider trading purposes, account intrusionsfor market manipulation, and disclosures by public companies relating to cyber breaches, such as the SEC’s recent enforcement action against Yahoo!, Peikin observed.
Peikinalso noted that initial coin offerings (ICOs) have "exploded" over the past year. He quipped that if he had been asked a year ago if he thought he would be spending a lot of time on ICOs, he would have replied, "What’s an initial coin offering?" The Division is proceeding in this space thoughtfully, deliberately, and incrementally, he said. There are two "buckets" for how Enforcement approaches ICOs, Peikin explained. The first bucket involves the failure to register an initial coin offering, which has resulted in one enforcement action that did not involve a penalty after the offering was halted following consultation with the SEC.
However, the vast majority of the Division’s efforts on ICOs involve out-and-out frauds, where wrongdoers have attempted to take advantage of the newsworthiness around ICOs to inducepeople to invest in them, Peikin said. He pointed in particular to a recent case the Division brought, as well as a parallel criminal action, against Centra Tech, which had been endorsed by celebrities including Floyd Mayweather and Paris Hilton. ICOs pose a tremendous risk to ordinary investors who are excited about this prospect of this area of new capital formation and the Division is spending a lot of time on it, Peikin said.
Peikin emphasized that while cyber-related issues have been a hot topic lately, the Division will still go after Ponzi schemes, insider trading, offering fraud, accounting fraud, market manipulation, and FCPA violations, which will occupy the vast majority of the enforcement landscape. He also said that the Division is harnessing data analytics to identify threats to retail investors and drew attention to the formation of the Division’s Retail Strategy Task Force as an "internal think tank" used to identify risks to retail investors.
PCAOB enforcement. Claudius Modesti, director of the PCAOB’s Division of Enforcement, highlighted the Board’s cross-border enforcement efforts. According to Modesti, the PCAOB’s significant extra-territorial reach includes over 900 registered firms abroad, and a significant number of enforcement matters have emerged from the Board’s inspections, tips, and self-reporting initiatives. In both 2016 and 2017, around 40 percent of the Board’s cases were cross-border cases, he said.
While many of these cross-border cases involve the failure to meet auditing standards, the PCAOB has encountered several cases involving the alteration of documents, according to Modesti. He mentioned in particular two cases involving Deloitte affiliate firms, one in Brazil and one in Turkey. With Deloitte Brazil, the firm admitted to the altering of work papers and that its employees had provided false testimony, as well as the obstruction of PCAOB inspections. The misconduct went "straight to the top," Modesti explained.
The Deloitte Turkey matter was brought to the Board’s attention due to self-reporting, Modesti noted. He said the PCAOB can cover only so much ground, but that the message that the PCAOB will find this misconduct is getting out to the larger network firms. The idea that the PCAOB can look at a firm’s work papers and reach into the metadata to figure out that documents have been created or modified after the fact in violation of Board standards is a message that is being delivered, Modesti advised. He also noted that Deloitte Turkey had substantially reduced sanctions due to self-reporting.
MainStory: TopStory Enforcement PublicCompanyReportingDisclosure SECNewsSpeeches
Interested in submitting an article?
Submit your information to us today!Learn More
Securities Regulation Law Daily: Breaking legal news at your fingertips
Sign up today for your free trial to this daily reporting service created by attorneys, for attorneys. Stay up to date on securities regulation legal matters with same-day coverage of breaking news, court decisions, legislation, and regulatory activity with easy access through email or mobile app.