One of the more significant trends in enforcement actions by the Securities and Exchange Commission recently may not be immediately obvious.
Last month, an enforcement sweep resulted in charges and fines against 28 officers, directors, and other shareholders for failing to promptly report required information about their holdings and transactions in company stock. Six publicly traded companies were charged for contributing to filing failures by insiders or failing to report their insiders’ filing delinquencies.
The broader significance was revealed in a comment by Andrew Ceresney, director of the SEC’s Division of Enforcement, when he credited “quantitative analytics” for making the actions possible. No additional details on how that was accomplished were made public, but the cases were the first actions to emerge from the work of the Enforcement Division’s Center for Risk and Quantitative Analytics, launched last year, and a signal that the SEC is finally flexing its data-mining muscles.
“It has always fascinated me that regulators weren’t better equipped to do the sort of things that the private sector does,” Mitchell Kraskin, CEO of Compliance Science, a provider of governance, risk, and compliance software and services, says. “The amount of data, the complexity of transactions, and the number of companies and market participants all keep mushrooming year-after-year. The SEC was never going to keep up with it all simply by increasing head count, and it has not had the budgets needed to even consider the army of analysts needed to get this work done. Now, it is thinking more about how to leverage technology, and it is not a surprise this is happening.”
The Center for Risk and Quantitative Analytics was created to “employ quantitative data and analysis to profile high-risk behaviors and transactions and support initiatives to detect misconduct, increasing the Division’s ability to investigate and prevent conduct that harms investors.” Although there have been occasional updates on how new technology would be implemented, there has been little to connect-the-dots to efforts to enforcement actions until now. Coincidentally or not, one day after the Commission was rounding up delinquent filers, it announced the creation of a new office within its Division of Economic and Risk Analysis—the Office of Risk Assessment.
“The amount of data, the complexity of transactions, and the number of companies and market participants all keep mushrooming year-after-year. The SEC was never going to keep up with it all simply by increasing head count.”
Mitchell Kraskin, CEO, Compliance Science
Since its creation in 2009, DERA has edged the SEC into using new technology to protect financial markets. Its Aberrational Performance Inquiry, for instance, sought out atypical hedge fund performance and informed enforcement staff of those red flags. Since that time, it has working closely with the Enforcement Division’s Financial Reporting and Audit Task Force and the Division of Corporation Finance on developing tools to assist in identifying financial reporting irregularities that may indicate financial fraud. The Office of Risk Assessment, rebooted from a previous unit that was absorbed into DERA years ago, will use predictive analytics to support supervisory, surveillance, and investigative programs.
The return of an independent Office of Risk Assessment is an important milestone for the Commission as it pursues its adoption of data analytics tools. “Its role will be to coordinate data-driven risk assessment efforts, and that makes a lot of sense,” says Matthew Rossi, a partner with the law firm Mayer Brown, and former assistant chief litigation counsel for the SEC’s Enforcement Division. “Now, there will be one office overseeing and coordinating all of that. The fact they have created an office that is going to coordinate all those different efforts is further indication we are going to see more of this from the SEC in the future.”
“That’s a very significant statement by the Commission that they are not only bringing it back, but it is going to stand on its own,” Kraskin says of the new office. “It is gong to flex its muscle and go after folks a bit more aggressively.”
No Violation Too Small
The resurrection of the Office of Risk Assessment and the enforcement sweep of delinquent filers will support the SEC’s new “broken windows” approach to what were once low-priority cases. The philosophy, adapted from a community policing approach, is that small violations can encourage bigger, worse crimes. “Mary Jo White has repeatedly talked about the broken windows approach, and data analytics seems tailor made for addressing broken windows types of violations,” Rossi says.
“She wants to show herself as the tough cop on the beat, and the SEC has been working through how it can use data to find information cheaply and efficiently so it can enforce more things,” Pamela Greene, a securities lawyer with the firm Mintz Levin says.
Ownership reporting violations have traditionally been “tacked on at the end” of other enforcement actions because they were too difficult, time-consuming, and costly to find otherwise, Greene says. “Now that they have developed the in-house technology needed to be able to find these easily, I just don’t see them stopping,” she says. “[Those sorts of violations] are easier than, for example, insider-trading cases because they don’t have to prove intent. They just have to prove the person didn’t file.”
Greene expects the SEC to initially deploy its analytic tools to go after low-hanging fruit securities law violations, especially those that were infrequently uncovered in the past. Penny socks, micro-caps, and, eventually, crowdfunding firms are the sorts of things that may be in its crosshairs once the SEC ramps up the use of algorithms. She describes it as a “take-no-prisoners approach” that will build upon the increased scrutiny already being paid to hedge funds and private equity funds, adding that “they are putting everybody’s feet to the fire.”
BROKEN WINDOWS TECHNOLOGY
The following, excerpted from a speech delivered by Securities and Exchange Commission Chair Mary Jo White at the 2013 Securities Enforcement Forum, details her view on bring the “broken windows” policing philosophy to the Enforcement Division, and its emerging use of technology to do so.
Investors do not want someone who ignores minor violations, and waits for the big one that brings media attention. Instead, they want someone who understands that even the smallest infractions have victims, and that the smallest infractions are very often just the first step toward bigger ones down the road.
This approach is not unlike the one taken in the nineties by then New York City Mayor Rudy Giuliani and Police Commissioner Bill Bratton, back when I was the U.S. Attorney for the Southern District of New York. They essentially declared that no infraction was too small to be uncovered and punished. And, so the NYPD pursued infractions of law at every level—from street corner squeegee men to graffiti artists to subway turnstile jumpers to the biggest crimes in the city.
The same theory can be applied to our securities markets—minor violations that are overlooked or ignored can feed bigger ones, and, perhaps more importantly, can foster a culture where laws are increasingly treated as toothless guidelines. And so, I believe it is important to pursue even the smallest infractions.
Technology
Over the last four years, we have filed an unprecedented number of insider trading actions—some 200 actions—against more than 450 individuals and firms charging illicit trading gains of nearly $1 billion. In these types of cases, one of the most challenging issues is establishing the relationship between tippee and tipper.
To deal with that, we have developed what we call the Advanced Bluesheet Analysis Program. This program analyzes data provided to us by market participants on specific securities transactions. It identifies suspicious trading before market-moving events. It also shows the relationships among the different players that are involved in the trading – relationships that might not have been apparent at first.
The technology we are using is assisting us in many areas. We are using data analytics and related technology to enable us to conduct predictive analysis and spot trends, streamline our investigative efforts and leverage new data sources such as Form PF, which collects information from private funds—hedge funds, private equity funds—on, among other things, the type and size of assets they hold.
Source: SEC.
As the SEC improves its ability to spot violations of the securities laws that may not necessarily uncover fraud, that scrutiny means that companies, funds, and firms need to take greater care they have the controls in place to make sure all required filings are timely and accurate. “If you are a public company, you really have to spend money on compliance and have either a compliance officer or somebody who actually takes this stuff seriously,” Greene says.
The SEC is likely to use analytics to dig into “any kind of disclosure form filing obligation,” such as the requirement for making filings in advance of private offerings, Rossi says. “It is important for individuals, and the companies they work for, to look carefully at their filing obligations,” he says. “They need to make sure they have compliance systems in place to ensure that all their filing obligations have been met. With the potential for other types of cases that may be brought under an analytics approach it is important to have written policies and make sure they are followed so you can quickly respond and have explanations for what was disclosed.”
Some compliance advisers say the SEC’s data analytics approach could require companies to spend more and add better systems for compliance. “If you are not investing in putting good technology solutions into place on your own, well, the regulator is,” Kraskin says. “It is an arms race.”
No comments yet