The Securities and Exchange Commission brought a record-breaking number of enforcement actions in fiscal year 2014, but it’s not the volume of cases that has legal, compliance, and audit executives raising their eyebrows, it’s whom they targeted.

Gatekeepers, including those in the legal, compliance, and audit areas, are more commonly on the defensive end of several SEC enforcement actions. In fiscal year 2014, the SEC said it charged three compliance officers and one audit committee chairman for failing to perform effective oversight. The agency charged three compliance officers for similar oversight failures in 2013, according to analysis performed by Gibson Dunn & Crutcher. Such enforcement actions could become more common. During a keynote speech at Compliance Week 2014, SEC Enforcement Director Andrew Ceresney warned that the SEC won't hesitate to pursue companies and executives for compliance lapses when they fail to act appropriately to stop securities fraud.

In all, according to its latest enforcement report, the SEC brought a record 755 enforcement actions in fiscal year 2014, obtaining a total of $4.1 billion in disgorgement and penalties. In comparison, the agency brought 686 enforcement actions, resulting in $3.4 billion in disgorgement and penalties last fiscal year, and 734 enforcement actions in fiscal year 2012, resulting in $3.1 billion in disgorgement and penalties.

“It’s certainly been an eye-popping year for the Enforcement Division, in terms of the number of cases brought and the amount of dollars collected,” says Stephen Crimmins, a partner with law firm K&L Gates and a former litigation attorney with the Enforcement Division. “This is a much more aggressive SEC than we’ve ever seen before.”

Beyond just the numbers, however, lurks a far more important message: “the overarching theme of personal accountability,” says Russ Berland, a partner with law firm Stinson Leonard Street. In particular, compliance, legal, and audit executives are increasingly finding themselves under scrutiny when significant lapses in oversight result in a securities law violation.

This month, for example, the SEC brought an enforcement action against Judy Wolf, a former Wells Fargo compliance officer who was responsible for identifying potentially suspicious trading by Wells Fargo employees or the firm’s customers and clients. According to the SEC, Wolf created a document in 2010 summarizing her review of suspicious trading by a Wells Fargo’s broker, but closed her review with no findings. After the SEC charged the broker with insider trading two years later, Wolf intentionally altered the document, according to the SEC.

“It’s certainly been an eye-popping year for the Enforcement Division, in terms of the number of cases brought and the amount of dollars collected.”
Stephen Crimmins, Partner, K&L Gates

By allegedly altering the document, Wolf made it appear that she performed a more thorough review in 2010 than she actually had. “Regardless of her motivation, her conduct was inconsistent with what the SEC expects of compliance professionals and what the law requires,” Daniel Hawke, chief of the SEC Enforcement Division’s Market Abuse Unit, said in a statement announcing the action.

In another example, the SEC charged animal feed company AgFeed Industries in March with repeatedly reporting fake revenues from the company’s China operations in order to meet financial targets and prop up AgFeed’s stock price. Along with the company, the SEC charged five former AgFeed executives and a former audit committee chair with failing to take adequate steps to investigate and disclose the accounting fraud to investors. That case remains ongoing.

Stephen Hill, former U.S. attorney for the Western District of Missouri and now a partner at law firm Dentons, says companies should heed the SEC’s warnings that it will pursue internal gatekeepers in cases where the agency believes those individuals could have, and should have, prevented misconduct and did not act appropriately. “In-house counsel and compliance officers will continue to be the focus of those efforts,” he says.

According to Hill, the SEC will expect companies, when conducting an internal investigation, to evaluate and communicate not only their own efforts, but also be prepared to explain what role individual gatekeepers played related to a securities law violation.

Whistleblowers and Retaliation Cases

The enforcement report also indicated that the SEC’s whistleblower program shifted into high gear this fiscal year, after the SEC issued a record award of more than $30 million last month to a whistleblower whose information led to a successful SEC enforcement action. The award, given to an anonymous tipster, is more than double the previous $14 million record-setting whistleblower award that the SEC doled out last year.

Again, compliance and audit executives are at the center of the SEC’s actions. In August, the agency paid a $300,000 award to “a company employee who performed audit and compliance functions.” Sean McKessy, chief of the SEC’s Whistleblower Office, made it clear that the SEC wants to hear from compliance and audit executives. “Individuals who perform internal audit, compliance, and legal functions for companies are on the front lines in the battle against fraud and corruption,” he said in a statement.  “They often are privy to the very kinds of specific, timely, and credible information that can prevent an imminent fraud or stop an ongoing one.”

In total, the SEC awarded nine whistleblowers with $35 million in fiscal year 2014, compared with 4 awards in FY 2013 of an aggregate $14.8 million. “It shows the system is working as intended,” says Berland.

With many high-value tips percolating in the Enforcement Division, “it is clear that additional cases will flow from the whistleblower program,” says Eugene Goldman, a partner with law firm McDermott, Will & Emery and former senior counsel in the SEC's Enforcement Division. Due to the extensive time it takes to investigate and bring an action, especially financial fraud and accounting cases, it’s likely that whistleblower complaints raised two or three years ago will come to fruition in the coming year, he says.

“All those seeds that got planted are going to come to maturity,” agrees Berland. That’s going to lead to more frequent and larger settlements, he says.

Hill says he further expects the SEC to take a stronger stance against companies that retaliate against whistleblowers moving forward. In particular, the SEC will be more likely to cast a discriminating eye on companies that have in place severance agreements, or confidentiality agreements, that discourage employees from providing information to the SEC, he says.


Below is a partial list of significant enforcement actions brought by the Securities and Exchange Commission in fiscal year 2014.
Charged more than 135 parties with violations relating to reporting and disclosure, including actions against Bank of America; Fifth Third Bancorp and its former chief financial officer; Diamond Foods and its former chief executive officer and CFO; five executives and finance professionals from collapsed law firm Dewey & LeBoeuf; and CVS Caremark and its retail controller.
Charged four officials from clearing firm Penson Financial Services, including its CEO and chief compliance officer, relating to violations of Regulation SHO arising from its securities lending practices.
Filed significant enforcement actions against Wells Fargo Advisors in the SEC’s first ever case against a broker-dealer and its chief compliance officer for failing to protect a customer’s material non-public information.
Held attorneys, accountants and compliance professionals accountable for the important roles they play in the securities industry, including an action against Ernst & Young relating to auditor independence rules, and another against audit firm Sherb & Co. and four of its auditors for their roles in the failed audits of three China-based companies.
Charged the audit committee chair of animal feed company AgFeed Industries, who learned of the misconduct in question and failed to take meaningful action to investigate it or disclose it to investors after learning of it.
Filed significant actions under the Foreign Corrupt Practices Act, including actions against Alcoa; Weatherford; Archer-Daniels-Midland; and Hewlett-Packard.
Source: SEC.

Anti-retaliation enforcement actions are new to the SEC. The Commission adopted a new rule in 2011, under the Dodd-Frank Act, authorizing it to bring enforcement actions based on retaliation against whistleblowers who report potential securities law violations to the agency. The SEC saw the fruits of its labor in June 2014, when it filed its first-ever case under its new authority against hedge fund advisory firm Paradigm Capital Management and owner Candace King Weir. 

According to the SEC, Weir conducted transactions between Paradigm and a broker-dealer that she also owns while trading on behalf of a hedge fund client, posing conflicts between the interests of the adviser and the client. Paradigm failed to provide effective written disclosure to the hedge fund and did not obtain its consent as required prior to the completion of each principal transaction. When the firm’s head trader reported such potential misconduct to the SEC, Paradigm engaged in a series of retaliatory actions that ultimately resulted in the head trader’s resignation. 

McKessy issued a broader warning to all companies that retaliate against whistleblowers. “We will continue to exercise our anti-retaliation authority in these and other types of situations where a whistleblower is wrongfully targeted for doing the right thing and reporting a possible securities law violation,” he said.

Another overarching message to take from the enforcement report is the SEC’s novel use of new data analytical tools and other technologies that are assisting the agency in spotting anomalies and streamlining investigative efforts, “which points to an increasing level of sophistication in the enforcement program in terms of the types of matters the agency is zeroing in on,” Crimmins says.

More than ever, the SEC is using tools like data analytics to spot violations on its own, as opposed to waiting for allegations to arise. “We’re going to see more of that,” says Berland. That means when a company uncovers a potential securities law violation and is evaluating whether to disclose, understand that it’s quite possible that, even if no one has made a report to the SEC, the agency may have already found, or will find, the matter on its own, he says.

Moving forward, the Enforcement Division has warned that it will continue to bring its resources to bear across the entire spectrum of the financial industry—from complex accounting fraud and market structure cases, to investment adviser and municipal securities cases, microcap fraud, insider trading, and cases against gatekeepers.

From the establishment of specialized units to honing in on the latest data analytics tools to beefing up its whistleblower program, the SEC appears to be doubling down on enforcement.