Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

The Securities & Exchange Commission (SEC)

What is the Securities & Exchange Commission (SEC)?

Congress established the Securities & Exchange Commission (SEC) in 1934 to enforce the newly passed securities laws, such as the Securities Exchange Act of 1934, to protect investors and to promote stability in the markets. The SEC monitors corporate conduct by requiring companies that publicly offer securities for investment dollars to tell the public the truth about their businesses, the securities they are selling, and the risks involved in investing. In addition, the SEC oversees people who sell and trade securities – brokers, dealers, and exchanges – ensuring that they treat investors fairly and honestly, putting investors' interests first.


How does the SEC decide whether to open an investigation or bring charges?

In determining whether to open an investigation and, if so, whether an enforcement action is warranted, SEC staff considers a number of factors, including: the statutes or rules potentially violated; the egregiousness of the potential violation; the potential magnitude of the violation; whether the potentially harmed group is particularly vulnerable or at risk; whether the conduct is ongoing; whether the conduct can be investigated efficiently and within the statute of limitations period; and whether other authorities, including federal or state agencies or regulators, might be better suited to investigate the conduct.


Information about how SEC conducts investigations and the guiding principles that SEC staff considers when deciding whether to open or close an investigation and whether civil charges are merited can be found in SEC’s Enforcement Manual, available on SEC’s website.


What are some of the new tools the SEC uses to fight financial fraud?

In 2013, the SEC’s Enforcement Division formed the Financial Reporting and Audit Task Force to detect “fraudulent or improper financial reporting” and “enhance the Division’s ongoing enforcement efforts related to accounting and disclosure fraud.” Around the same time, the SEC established a similar group focused on microcap fraud, especially geared toward companies that don’t regularly publicly report their financial results, and created the Center for Risk and Quantitative Analysis. The Center works closely with the Division of Economic and Risk Analysis and serves as both an analytical hub and a source of information about characteristics and patterns that indicate possible fraud or other illegality.


How has the SEC strengthened oversight of asset-backed securities?

The SEC now requires that the relevant transaction agreements include provisions for a review of the underlying assets for compliance with the representations and warranties upon the occurrence of certain post-securitization trigger events. The rule is designed to address comments received related to the triggers and potential costs, while at the same time balance the need for stronger mechanisms to enforce underlying contract terms. Under the final rule, the agreements must require a review, at a minimum, upon the occurrence of a two-pronged trigger. The first prong of the trigger is the occurrence of a specified percentage of delinquencies in the pool. If the delinquency trigger is met, the second prong of the trigger is the direction of investors by vote. The reviewer’s findings and conclusions for all assets reviewed must be reported to the trustee so that the trustee can determine whether a repurchase request would be appropriate under the terms of the transaction agreements, and a summary of the report must be included on Form 10-D.


How does the SEC oversee cybersecurity risks?

In November 2014, the SEC adopted Regulation Systems Compliance and Integrity and Form SCI to strengthen the technology infrastructure of U.S. securities markets, which mandates comprehensive new controls to strengthen key technological systems, promoting greater transparency, resiliency, and accountability. Regulation SCI applies to self-regulatory organizations such as stock and options exchanges; registered clearing agencies; the Financial Industry Regulatory Authority (FINRA) and the Municipal Securities Rulemaking Board (MSRB); alternative trading systems (ATSs) that trade National Market System (NMS) and non-NMS stocks exceeding specified volume thresholds; disseminators of consolidated market data (plan processors) and certain exempt clearing agencies. The rules apply primarily to the systems of SCI entities that directly support any one of six key securities market functions—trading, clearance and settlement, order routing, market data, market regulation, and market surveillance. Regulation SCI took effect on November 3, 2015.


How does the SEC protect corporate whistleblowers?

The SEC’s Whistleblower program allows an individual to file a claim anonymously by using an attorney as his legal representative. Under Dodd-Frank, the Whistleblower Office is prohibited from even revealing details that could identify the whistleblower during the investigation. The claim is submitted anonymously by the lawyer who completes a Tip, Complaint or Referral (TCR) Form. The statute also protects whistleblower against any retaliation he or she may encounter as a result of his litigation. This protection also extends to employees of any subsidiary or parent corporation of the company suspected of violating the securities laws.


If a whistleblower is fired, demoted or otherwise faces retaliation because s/he filed or even just considered filing a SEC action, the Dodd-Frank Act further extends its protection by allowing him or her to bring a lawsuit in federal court against the employer for wrongful discrimination. If it is found that the employee did face retaliation, the plaintiff is entitled to double back pay with interest, reinstatement to his/her former position (in cases of termination or demotion), compensation for litigation costs including attorney’s fees, and possibly even a higher position overall. The program’s anti-retaliation provision also protects those who did not work directly for the fraudulent company but instead were employed as agents such as accountants, bankers, or salesmen.


Those who report a violation are entitled to receive a reward as long as the authorities successfully recover more than $1 million through an enforcement action. This award ranges from 10 percent to 30 percent of the total amount recollected when the investigation is over. This reward system means that the minimum a successful whistleblower can receive is $100,000, with potential for a payout in the millions of dollars.

Accounting & Auditing Update Blog

Deloitte confirms cyber hack exposed client information

Tammy Whitehouse | September 26, 2017

Deloitte says information on a small number of clients was accessible to hackers after an intrusion of the firm's email platform.

Accounting & Auditing Update Blog

Half say revenue rule is immaterial, one-fifth still evaluating

Tammy Whitehouse | September 15, 2017

A PwC analysis shows about half of Fortune 500 companies expect revenue recognition changes to be immaterial, but nearly 20 percent are still evaluating.

Accounting & Auditing Update Blog

Board members wary of CAM disclosures in audit reports

Tammy Whitehouse | September 12, 2017

Half of public company board members say critical audit matters will not make audit reports more useful to investors, but instead will make their jobs more difficult.

Accounting & Auditing Update Blog

FASB proposes updated, new taxonomies for 2018

Tammy Whitehouse | September 8, 2017

FASB has completed its annual update to the GAAP taxonomy and has added a new taxonomy for companies to consider addressing international standards.

News Article

The classic post-scandal question to auditors: What happened in the black box?

Tammy Whitehouse | September 12, 2017

When investors decry the black box of public company auditing, asking for more visibility, they’re referring to cases like KPMG’s audit work at Wells Fargo.


FOR: Neither admit nor deny

Brad Karp | September 6, 2017

Allowing firms to enter into consent judgments without having to admit material facts or liability prevents excessive disruption of the regulatory/enforcement framework. Read more from Paul Weiss litigators Brad Karp and Susanna Buergel.


AGAINST: Neither admit nor deny

Honorable Judge Jed S. Rakoff | September 6, 2017

Allowing defendants to settle cases without admitting or denying guilt deprives the public of transparency and accountability. The Honorable Judge Jed Rakoff for the United States District Court explores below.


Good controls are good business

Jay Lippman | August 29, 2017

A recent SEC case highlights five key ways in which strict compliance procedures still pay off for brokerage firms when it comes to detecting and preventing fraud.

News Article

Pushback rises on disclosure of auditor, audit committee talks

Tammy Whitehouse | August 29, 2017

Despite calls for transparency around the interaction between audit committees and auditors, angst runs deep about giving investors visibility into that dialogue.

Accounting & Auditing Update Blog

SEC rescinds historic guidance under new revenue rule

Tammy Whitehouse | August 23, 2017

The SEC is telling companies its historic staff guidance on revenue recognition will not trump the new revenue standard when it takes effect in 2018.