April 6, 2015 HEARD AT THE SIFMA CONFERENCE Government Enforcement Alert Practice Group(s): Government Enforcement; Broker-Dealer; Investment Management, Hedge Funds and Alternative Investments; Securities Enforcement By: Michael J. Missal, Stephen G. Topetzes, Stavroula E. Lambrakopoulos, Erin Ardale Koeppel, Nicole A. Baker, Shanda N. Hastings, K. Susan Grafton, Andras P. Teleki Recently, partners from K&L Gates’ Government Enforcement, Broker-Dealer and Investment Management practice groups attended the Securities Industry and Financial Markets Association’s (“SIFMA”) Compliance and Legal Society Annual Seminar. We thought you would find helpful the following highlights of what we heard at SIFMA from the regulators about the key issues on their radars. KEY ENFORCEMENT INITIATIVES BY DEPARTMENT OF JUSTICE, SEC, CFTC, AND FINRA A. DOJ’s Top Prosecutor for the Southern District of New York Promises Continued Criminal Prosecution of Companies • Preet Bharara, the U.S. Attorney for the Southern District of New York, described criminal prosecution of companies as important for accountability and reform. He does not view the collateral consequences as having been as significant as predicted. Even so, while Mr. Bharara expects such prosecutions to be rare, he views them as necessary. • He suggested that problems occur when management of a company treats legal and compliance as “ancillary” and as a cost center. • He views the best-run companies as those that trust, empower, include, and reward Legal and Compliance. • There are 3 things not occurring as frequently as they should: o Compliance is not included at the beginning of an issue, but rather only for cleanup o Management is not listening enough to Compliance o Management is not valuing Compliance and not paying them enough • Management must incorporate Compliance in a company’s DNA. • Joon H. Kim, Chief of the Criminal Division of the U.S. Attorney’s Office in the Southern District of New York, identified several priorities for prosecutions by his office: o Insider Trading prosecutions will continue as a priority despite their loss before the U.S. Court of Appeals for the Second Circuit in U.S. v Newman, which they view as wrongly decided and a limitation on their ability to prosecute nefarious behavior. o Anti-Money Laundering prosecutions with the help of “El Dorado”—the S.D.N.Y.’s money laundering task force—will include cases related to poor and ineffective policies and procedures that lead to failures to detect and report suspicious activity. The HEARD AT THE SIFMA CONFERENCE S.D.N.Y. has a “SARs team” of nonlawyers that are proactively reviewing Suspicious Activity Report (“SAR”) filings for potential criminal conduct. “El Dorado” is now focusing its investigations on more sophisticated forms of money laundering. o The Securities and Commodities Fraud Unit will be focusing investigations on accounting fraud, market manipulation, and fraudulent valuation of complex instruments. o Consumer Frauds on the prosecution agenda include those targeting the vulnerable, such as payday lending, debt collection practices, subprime auto loans, and mortgage fraud. o Cybercrime will continue to be the subject of coordinated efforts with overseas prosecutors, since many of these crimes are conducted from foreign countries. o Obstruction and perjury in investigations by federal agencies, such as the SEC and the CFTC, will be prosecuted. Mr. Kim gave as an example of criminal conduct the case of an employee who received the subpoena intended for his company, responded personally without involving anyone else, and impersonated a supervisor when the agency called to speak with a supervisor. • Cooperation with the investigation remains important, though Mr. Kim could not quantify how cooperation affects an outcome. Nevertheless, Mr. Kim voiced that merely responding to a subpoena does not constitute cooperation as such response is obligatory; they expect counsel to be frank and transparent, although they do not need to roll over. • Joint representations of individuals and corporations can be suspect when the corporation and individuals appear to have differing interests that are not completely aligned. Prosecutors may become concerned that the information they are receiving is tainted. B. The SEC Division of Enforcement will be “Innovative” and “Aggressive” • SEC Chair Mary Jo White characterized the Division of Enforcement as having become “innovative” and “appropriately aggressive” when it comes to enforcement actions. • For the first time, Chair White indicated that she supports the establishment of a uniform fiduciary standard for brokers and investment advisers when providing personalized investment advice about securities to a retail customer (and such other customers as the Commission may by rule provide). She set forth several considerations: o The fiduciary duty standard needs to be defined, but it should be principles-based and rooted in the Investment Adviser Act standard; o Clear guidance will be necessary regarding the scope of the standard, especially with respect to fees, compensation, and principal transactions. o The SEC is going to need more funding in order to get out and examine more registered investment advisers, and will continue to press Congress for more funding for the agency. However, Ms. White noted that the SEC will need to “move to a program of third-party compliance exams” for advisers, although the SEC needs to flesh this out through discussions amongst commissioners as to a number of aspects 2 HEARD AT THE SIFMA CONFERENCE including who should perform such exams and what criteria should be applied. Thirdparty exams would not replace the adviser exams performed by the SEC’s Office of Compliance Inspections and Examinations. Given resource constraints, the SEC will most likely continue relying on risk-based oversight. • Chair White emphasized that broker-dealer firms should prioritize cybersecurity. • Enforcement Division Director Andrew Ceresney identified the following as SEC enforcement priorities: (i) complex financial instruments, including the structuring, sales, and their valuations; (ii) investment advisers; (iii) insider trading; (iv) market structure; and (v) the Foreign Corrupt Practices Act (“FCPA”) where the Division will interpret broadly the definition of “anything of value.” • As to insider trading, while he views U.S. v. Newman as important, he described the standard set by the U.S. Court of Appeals for the Second Circuit as more applicable to criminal prosecutions brought by the DOJ. In his view, the SEC need only demonstrate that the tippee should have known of the benefit obtained by the tipper, and, unlike the Newman decision, not actual knowledge. Also, the SEC can bring cases in circuits other than the Second Circuit. • Mr. Ceresney indicated that the SEC is trying to coordinate more on multi-jurisdictional cases. • Mr. Ceresney warned that fines are increasing and, while they should not be a cost of doing business, they should be large enough to have an impact. He noted that the size of the firm matters, but is just one factor. He further noted that cases involving internal controls issues have a different framework of fines than fraud cases. In joint FCPA cases, the SEC gets the disgorgement and the DOJ gets the penalties. • With respect to the SEC’s new policy on admissions of violations in the context of settled enforcement proceedings, Mr. Ceresney made clear that, once the Enforcement Division has determined to seek such admissions in a case, they will not entertain any negotiations as to that term ─ i.e. offering to pay a higher penalty to avoid having to make admissions will not be the subject of negotiation. o Some of the priority enforcement initiatives highlighted by Mr. Ceresney for investment advisers and broker-dealers include: (1) principal trading without proper disclosure; (2) Volcker rule compliance; (3) undisclosed revenues of investment advisers; (4) fees and expenses cases; (5) custody rule; (6) market structure ─ exchanges, ATSs and high frequency traders; and (7) continued focus on insider trading. C. CFTC is Ramping Up Enforcement Actions Before Administrative Panels • Aitan Goelman, the Director of the CFTC’s Division of Enforcement, identified as priorities for CFTC enforcement: (1) the integrity of benchmark rates; (2) high frequency trading; and (3) Ponzi cases. • Mr. Goelman noted that resources remain a large issue for his agency’s enforcement efforts. The ranks of the 178 lawyers in his Division prior to the enactment of Dodd-Frank have been reduced to 150. Nevertheless, Mr. Goelman noted that they expect to increase their enforcement activities by bringing more cases as administrative 3 HEARD AT THE SIFMA CONFERENCE proceedings before Administrative Law Judges (following the SEC’s trend), and will redouble their efforts to work with criminal authorities. • Regarding penalties, Mr. Goelman indicated that they will take into account the collateral consequences of their enforcement remedies and may, as a result, seek smaller penalties. Other factors in determining penalties are a party’s intent, the degree of harm caused by the conduct and whether remediation was instituted. D. The “Tone at the Top” at Member Firms Plays a Large Role in FINRA’s Enforcement and Market Regulation Activities • Rick Ketchum, Chairman and CEO of FINRA, observed that the problems FINRA identifies are generally related to the culture of member firms. He noted that there is too much pressure to get products to the market. • Mr. Ketchum expressed support for imposing a uniform fiduciary standard of the best interests of the client across all products and activities, with brokers being required to provide a disclosure document to clients similar to the SEC’s Form ADV for investment advisers. • He agreed that regulatory coordination between the various regulators needs to get better. FINRA regularly meets with the SEC and the Federal Reserve, and he indicated that examinations will be better coordinated among those agencies. FINRA also coordinates with European and Asian regulators. • Mr. Ketchum highlighted failure to supervise as a radar issue for firm Compliance officers and General Counsel, and noted the need for clear and specific supervisory responsibilities, without discouraging compliance participation and involvement in the firm’s business. • As to Cybersecurity programs. Mr. Ketchum indicated that they need to include: (i) the board and senior management; (ii) risk assessments on an ongoing basis and prioritizing risks; and (iii) technical approaches including entitlements, encryption, and penetration tests. • He expects a new version of FINRA’s Broker Recruitment Compensation proposed rule to be published shortly. • As to FINRA’s Comprehensive Automated Risk Data System (CARDS), Mr. Ketchum described it as necessary for FINRA to be able to react more quickly to sales practice abuses and fraud. o CARDS would allow FINRA to collect, on a standardized, automated, and regular basis, account information, as well as account activity and security identification information that a broker-dealer maintains as part of its books and records. o Mr. Ketchum and Thomas Gira, FINRA’s Executive Vice President for Market Regulation, both indicated that is unclear whether CARDS will proceed in its latest iteration. 4 HEARD AT THE SIFMA CONFERENCE • J. Bradley Bennett, FINRA’s Executive Vice President of Enforcement, identified the following areas of focus for enforcement activities against: o Broker-dealers becoming involved in schemes to avoid registration of securities that include the liquidation of Rule 144 securities; o Registered persons engaged in stealing from customers or in forgeries; o Microcap and penny stock frauds, which Mr. Bennett noted as increasing and becoming more prevalent at higher-quality firms; o Conflicts of registered persons arising out of outside business interests. • Mr. Bennett noted that FINRA had a 27-0 win record in disciplinary hearings, and a 24-0-1 win record on appeals in 2014. • He cautioned firms to avoid “check the box” compliance and noted the importance of Forms U-4 and U-5 disclosures and consistency in self-reporting to avoid the appearance of forum shopping. • Mr. Bennett indicated that FINRA sanctions guidelines are being reviewed by the National Adjudicatory Counsel (“NAC”), and that there may be significant changes. • When asked about FINRA’s view of the SEC’s “broken window” policy, Mr. Bennett noted that there is “no such thing” in the FINRA context, because all FINRA rules are important from an investor-protection standpoint. • Mr. Bennett said that FINRA has moved away from sweep examinations over the last three years; more recent examinations are case- or firm-based. In conducting examinations, the FINRA staff “focuses on the narrative” (i.e., what is the business purpose of the activity?). According to Mr. Bennett, 99% of FINRA enforcement matters involve “blocking and tackling”; for larger, one-off matters, the “narrative counts.” • On the FINRA examination side, Michael Rufino, Executive Vice President and Head of FINRA Member Regulation—Sales Practice, noted that conflicts of interest remain an examination priority. Member firms should consider the “tone at the top” (including with respect to conflict management), compensation, and disclosures. In order to assess conflicts of interest, firms should consider conducting several types of internal risk reviews, including inquiries that are within and across business lines, reviews across affiliates, and reviews of associated persons. • Mr. Rufino noted that member firms should focus on the importance of the firm’s Compliance Department in the daily operations of a broker-dealer. Compliance should be considered a benefit, not a cost. • With respect to IRA rollovers, Mr. Rufino indicated that there is a current lack of mechanisms for indicating that the rollover is the result of a solicitation. • Mr. Rufino indicated that he anticipates the issuance of a concept release on licensing examinations by the end of the year. • As to FINRA rule-making, Phillip Shaikun, FINRA’s Associate General Counsel, indicated that FINRA is undertaking retrospective rule reviews that are designed to determine whether existing rules are continuing to meet the related regulatory 5 HEARD AT THE SIFMA CONFERENCE objectives. He suggested that members should make their voices heard with respect to policy-making and that economic impact analysis is informing FINRA’s rule-making. o FINRA has been conducting two rule reviews over the last year: (1) gifts and gratuities/noncash compensation (i.e., should FINRA raise the limit above $100 and/or revise its guidance with respect to educational meetings?); and (2) communications rules (i.e., should FINRA simplify disclosure requirements?). o The retrospective reviews consist of an assessment phase and an action phase. The assessment phases have been completed with respect to both reviews; FINRA issued two reports in December 2014 in which they found that the relevant rules were meeting their investor protection objectives, but could be improved if they were more aligned consistent with the economic effects of the rules. The action phases are underway. • As to Research matters, Mr. Shaikun emphasized that FINRA members need to pay close attention to the definition of “research” in FINRA’s proposed Equity Research Rule and proposed Debt Research Rule. He stated that research can come from the trading desk, representatives, and others, and not just research analysts. He explained that FINRA does not feel comfortable basing exemptions on where information is coming from; thus, FINRA did not include in the rules categorical exemptions for desk commentary, for example. • Mr. Shaikun also warned that disclaimers on documents stating that a document is not intended to be research are not determinative as to whether that document is research. Whether something is considered research is based on a review of the content. • In response to a discussion regarding recent matters focused on “idea dinners,” Mr. Shaikun stated that it is perfectly acceptable for registered persons to go to idea dinners. But, he emphasized that if individuals are participating in events in settings where there may be a risk or temptation to disseminate research, these types of events need to be specifically addressed by the firm’s Compliance Department, including in policies and procedures. • During a discussion of the recent fines imposed by FINRA in connection with the planned Toys “R” Us IPO, Mr. Shaikun stated FINRA’s view that it was clear cut that lines had been crossed. FINRA is working on FAQs to address questions resulting from that matter, and he added that FINRA would speak with anyone that needs guidance or still has questions after the FAQs are issued. He explained that this area is very contextdriven and, thus, FINRA is not going to create any safe harbors or clear lines that define exactly when the solicitation period begins. He stated that FINRA sees this as an area that involves a continuum of risk, rather than an area where clear lines can be drawn. Thus, there can be concerns with communications that occur before a company expresses that they are interested in engaging in an IPO, but the risk increases when a company indicates its intent to engage in an IPO. FINRA intends to provide factors that will help firms determine the various risk levels. 6 HEARD AT THE SIFMA CONFERENCE • Thomas Gira, FINRA’s Executive Vice President for Market Regulation suggested that members should “keep [their eyes] on the technology ball.” Some firms have siloed technology systems, but those firms should “right-size” their technology infrastructures. He noted the following items on FINRA’s radar: o Broker-dealers that are working in tandem with customers at multiple broker-dealers to manipulate trading. FINRA is starting a pilot program with a limited number of firms to monitor such activities. o 2015 will be the “Year of Best Execution.” Among other things, FINRA is looking at broker-dealers that have a high percentage of “not held” orders (market or limit orders for which broker-dealers have both time and price discretion). Such orders should not be considered a “get out of jail free” card. • Other issues on FINRA’s radar include: o Certain market access issues including: (i) failure to aggregate customer limits across a firm, (ii) failure to enforce or implement proprietary trading limits, (iii) procedures for changing limits, and (iv) written escalation procedures. o Algorithmic trading, including: (i) implementation and enforcement of appropriate written supervisory procedures, procedures for kill switches, and effective monitoring; (ii) checks for inadvertent manipulation or collusion or purposeful manipulation across markets and products; (iii) testing; and (iv) independence from traders of testing and monitoring functions. o Order Audit Trail System (OATS) violations, with Mr. Gira noting that these violations are often caused by bad data, which firms should promptly correct. E. Cybersecurity Will Continue to be a Top Priority for all Regulators and Firms • In this environment, it is less and less likely that a company can control the announcement of a security breach at the organization. • Laws and regulations on privacy and cybersecurity continue to trail technology developments. Panelists discussed rumors that the SEC is currently working on a new Reg. S-P but it has not been released or circulated publicly. • New York State Attorney General Eric Schneiderman announced in January that he would propose legislation in Albany to overhaul New York State’s data security law. The bill would broaden the scope of information that companies would be responsible for protecting; require stronger technical and physical security measures for protecting information; and create a safe harbor for companies who meet certain security standards, incentivizing them to adopt tough measures to protect personal data. • The new European Union (“EU”) General Data Protection Regulation (“GDPR”) in development would apply to data controllers in the EU or outside the EU if activities are aimed at offering goods and/or services to individuals in the EU, and envisages three types of data: personal data, anonymous data, and pseudonymous data. GDPR includes novel enforcement mechanisms, including allowing enforcement organizations “acting in the public interest” to go to court on behalf of individuals to seek damages and remedies 7 HEARD AT THE SIFMA CONFERENCE even without consent. In addition, noncompliance with the GDPR can lead to harsh penalties—up to 5% of annual worldwide turnover. • The U.S. Department of Justice has created a cybersecurity unit to identify legal impediments to better cybersecurity. • The SEC is investigating victims of “hacking” for lack of internal controls or timely disclosure. F. Anti-Money Laundering Issues Stay on the Radar • Now is the time to plan for implementation of the Financial Crimes Enforcement Network’s (“FinCEN”) proposed regulations regarding Customer Due Diligence Requirements for Financial Institutions (available at http://www.fincen.gov/statutes_regs/files/CDDNPRM-Final.pdf). • DOJ, SEC, and FinCEN are increasingly focusing on the compliance culture at financial institutions, including anti-money laundering (“AML”) compliance. • The SEC is starting to focus on broker-dealers that file few to no SARs and is starting to ask why that is the case. • AML Compliance Officers are increasingly facing personal liability in AML enforcement cases. The days when the regulators focused mainly on the financial institution are gone. • OFAC compliance continues to be a hot topic yielding high dollar settlements for OFAC compliance issues. G. FINRA Discussed New Developments in FINRA Arbitrations • Richard W. Berry, FINRA’s Executive Vice President and Director of Dispute Resolution (“DR”), said that FINRA DR currently is focusing on several issues including, among other things: (1) arbitrator diversity and treatment, (2) customer service, and (3) use of technology in the arbitration context, such as member firm use of the enhanced DR Portal (currently, only 15 member firms are using the DR Portal). • New FINRA Rule SR-FINRA-2014-020 (July 2014) prohibits member firms and associated persons from compensating a customer for (or conditioning a settlement offer on) an agreement to consent to (or not oppose) the firm’s or an associated person’s request to expunge dispute information from the relevant CRD filing. Mr. Berry noted that, despite the new rule, there has not been any real change with respect to the frequency that expungement requests are granted—only with respect to the “thought going into the rulings.” • Mr. Berry stated that FINRA DR is seeking to expand its pool of public arbitrators, in light of the recent rule proposal respecting arbitrator classification (SR-FINRA-2014-028), which would serve to narrow the pool of public arbitrators. Mr. Berry noted that FINRA DR generally searches for or seeks public arbitrators through several mediums: (1) meetings of relevant organizations, (2) target advertisements in publications, and (3) direct mail. FINRA DR also is considering expanding its recruitment staff to assist with this effort. 8 HEARD AT THE SIFMA CONFERENCE • Mr. Berry indicated that in 2014, arbitration case filings were up by 3% and customer claims were up by 12%, while 31% of claims were intra-industry. Through February 2015, 2,900 cases have been filed. • Harry T. Walters, a Managing Director at Morgan Stanley and a member of the FINRA DR Task Force, noted that the Task Force (appointed in July 2014) met in October 2014 and February 2015. The Task Force is considering several possible enhancements to the arbitration forum, including with respect to the following items: forum access, arbitrator classification and recruitment, case management (both substantive and procedural), explained awards, expungement, attracting large cases (so far only nine out of 200 eligible cases have taken advantage of the process), improving the process for small claims, mediation, and education about the arbitration process and transparency. The Task Force is expected to produce a deliverable this summer. Mr. Ketchum highlighted the Task Force in his remarks, and indicated that FINRA is recruiting arbitrators from more than 100 groups of women and minorities. 9 Authors: Michael J. Missal Nicole A. Baker michael.missal@klgates.com +1.202.778.9302 nicole.baker@klgates.com +1.202.778.9018 Stephen G. Topetzes Shanda N. Hastings stephen.topetzes@klgates.com +1.202.778.9328 shanda.hastings@klgates.com +1.202.778.9119 Stavroula E. Lambrakopoulos K. Susan Grafton stavroula.lambrakopoulos@klgates.com +1.202.778.9248 susan.grafton@klgates.com +1.202.778.9498 Erin Ardale Koeppel Andras P. Teleki erin.koeppel@klgates.com +1.202.778.9420 andras.teleki @klgates.com +1.202.778.9477 Anchorage Austin Beijing Berlin Boston Brisbane Brussels Charleston Charlotte Chicago Dallas Doha Dubai Fort Worth Frankfurt Harrisburg Hong Kong Houston London Los Angeles Melbourne Miami Milan Moscow Newark New York Orange County Palo Alto Paris Perth Pittsburgh Portland Raleigh Research Triangle Park San Francisco São Paulo Seattle Seoul Shanghai Singapore Spokane Sydney Taipei Tokyo Warsaw Washington, D.C. Wilmington K&L Gates comprises more than 2,000 lawyers globally who practice in fully integrated offices located on five continents. The firm represents leading multinational corporations, growth and middle-market companies, capital markets participants and entrepreneurs in every major industry group as well as public sector entities, educational institutions, philanthropic organizations and individuals. For more information about K&L Gates or its locations, practices and registrations, visit www.klgates.com. This publication is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in regard to any particular facts or circumstances without first consulting a lawyer. © 2015 K&L Gates LLP. All Rights Reserved.