The co-founder of a Las Vegas-based software company has agreed to pay a $97,523 fine to settle charges laid by the Securities and Exchange Commission (SEC) that he impeded a whistleblower’s attempt to communicate with the agency about a securities law violation.

David Hansen, co-founder and former chief information officer at fraud detection and prevention software company NS8, agreed to pay the fine for violating the SEC’s whistleblower rule without admitting or denying the agency’s findings. He also consented to a cease-and-desist order.

The SEC alleged in its order that in 2018 and 2019, an NS8 employee raised concerns internally that the company was overstating its customer data to deceive the public and investors about its financial health. The whistleblower raised the concerns to a number of NS8 executives, including Hansen, even though he did not report directly to Hansen.

In July 2019, the whistleblower submitted a tip to the SEC, the order said.

A month later, the whistleblower told Hansen that “unless NS8 addressed this inflated customer data, he would reveal his allegations to NS8’s customers, investors, and any other interested parties.” He made the same statement to his manager later that day, the order said.

In response, Hansen and the company’s chief executive took steps to remove the whistleblower’s access to NS8’s computer system, including access to customer data, according to the SEC. Hansen allegedly told the CEO he could use the company’s “agent” function to watch what the whistleblower was doing on his laptop. Hansen also accessed his “keeper” folder, in which the whistleblower kept his passwords for his personal email, job search website, and social media accounts, the SEC alleged.

Hansen left the whistleblower’s open laptop and passwords in the CEO’s office, the order said. The whistleblower’s personal accounts were accessed using his company laptop, the order said.

Later that week, the CEO fired the whistleblower, the SEC stated. Although not named in the order, the CEO of NS8 at the time was Adam Rogas, who in March pleaded guilty to one count of securities fraud in U.S. District Court for the Southern District of New York. The Justice Department alleged Rogas defrauded investors of more than $100 million by claiming the company was booking revenue that did not exist. Rogas faces sentencing in August.

NS8 filed for bankruptcy in 2020, changed its name to Cyber Litigation, and was ordered by a judge in March to repay $38 million to investors, as reported by Bloomberg Law.

SEC Commissioner Hester Peirce voted against the agency’s settlement with Hansen, saying in a dissenting statement the order “does not explain what, precisely, Mr. Hansen did to hinder or obstruct direct communication between the NS8 employee and the Commission.”

“How did Hansen’s actions as set forth in the order remove the NS8 employee’s access to the IT systems, let alone stand in the way of the NS8 employee’s direct communication with the Commission?” Peirce asked in her statement. “In my view, they quite plainly did not.”

Aaron Nicodemus covers regulatory policy and compliance trends for Compliance Week. He previously worked as a reporter for Bloomberg Law and as business editor at the Telegram & Gazette in Worcester, Mass.

Topics