Enforcement Co-Directors Take Issue with Disgorgement Time Limits
The SEC doesn’t like having to comply with the statute of limitations when it comes to disgorgement. Division of Enforcement co-directors Stephanie Avakian and Steven Peikin, in testimony before a panel of the House Committee on Financial Services, made clear that, in some cases, five years may not be long enough.
The co-directors, who also discussed Division efforts regarding cybersecurity, cryptocurrencies and other matters, tied their concerns regarding disgorgement time limits to the Supreme Court’s June 2017 Kokesh v. SEC decision, which held that disgorgement rulings are subject to a five-year statute of limitations, just like civil money penalty decisions are (ACA Insight, 6/12/17).
"The Kokesh decision has already had a significant impact across many parts of the Division," Avakian and Peikin said in their testimony. "Many securities frauds are complex and can take significant time to uncover and investigate. Some egregious fraud schemes – including, for example, the one perpetrated by Charles Kokesh himself – are well concealed and are not discovered until investors have been victimized over many years."
This is not to say that the Division is not continuing to return investor dollars that were found to have been misappropriated. The SEC returned $1.07 billion in disgorgement to harmed investors in fiscal year 2017, the co-directors said.
"The SEC’s plea is that Congress pass a law to overturn Kokesh," said Stern Tannenbaum partner Aegis Frumento. "Given the state of dysfunction in Washington right now, the odds of that happening are pretty slim. It was a pretty safe ask, which will likely not be answered."
Kokesh appealed to the Supreme Court following an October 2016 ruling against him by a federal appellate court. The appeals stemmed from an earlier jury trial verdict that had found Kokesh guilty of misappropriating money collected by two of his advisory firms from 1995 to 2009 (ACA Insight, 5/4/15), and assessed sanctions that included $34.9 million in disgorgement. The SEC’s original complaint was filed with the district court in October 2009.
In a unanimous ruling by the Supreme Court in favor of Kokesh, the high court found that disgorgement, as applied by the agency, meets the legal definition of a "penalty," and is therefore subject to the same five-year statute of limitations as civil money penalties.
"In certain cases, Kokesh threatens to severely limit the recovery available to harmed investors," the Enforcement co-directors said before the House panel. "Wrongdoers should not benefit because they succeeded in concealing their misconduct. While we appreciate the need for clear statutes of limitations, we are concerned with an outcome where some investors must shoulder additional losses – and the fraudulent actor is able to keep those ill-gotten gains – because those investors were tricked early in a scheme rather than later."
In Kokesh, they said, Kokesh was found liable of having defrauded his firm’s advisory clients out of approximately $35 million in client funds over many years, but because of the Supreme Court ruling "kept more than 80 percent of the money he stole, and his victims will get no recovery of those funds."
As for the future, Avakian and Peikin said that they are "redoubling our efforts to uncover, investigate and bring cases as quickly as possible. Our enforcement actions have the highest impact, and our litigation efforts are most effective, when we bring cases close in time to the alleged wrong conduct. But no matter how quickly we work, it is likely that Kokesh will have a significant impact on our ability to enforce the federal securities laws and obtain recovery for harmed investors in long-running frauds."
The co-directors told the House panel that the Division "formalized" its work in cybersecurity in FY 2017 with the creation of a cyber unit, which they said "demonstrates the priority that we place on combatting cyber-related threats to investors and our markets." It is the first new unit created in the Division since specialized units were first formed in 2010.
The cyber unit, they said, focuses its efforts on the following key areas:
Market manipulation schemes involving false information spread through electronic and social media;
Hacking to obtain material nonpublic information, and trading on that information;
Violations involving distributed ledger technology and initial coin offerings (ICOs);
Misconduct perpetrated using the dark web;
Intrusions into online retail brokerage accounts; and
Cyber-related threats to trading platforms and other critical market infrastructure.
"Cyber-related matters are an area where we have sought to utilize the full range of tools and remedies available to the Commission," Avakian and Peikin said. "Our work in this field reflects a careful balancing of the need to protect investors from risks inherent in new technologies against the need to allow innovation to take place."
But is it enough? "Real cyber-related violations involve using deeply embedded software code in proprietary systems – like order entry systems, order matching and reporting systems, trading systems – to engage in autonomous theft that never leaves a trace," said Frumento. "The types of cyber-crimes I worry about are those in which a large firm’s systems or even the public trading platforms are rigged to steal fractions of a point of value from many customers, or from few customers on very large trades, such that the loss to any one customer is too small to notice, but profits reaped in the aggregate are huge and hiding in plain sight."
"It is all well and good to worry about Russian or Chinese hackers engaging is such activity, but I think the reality will end up being much simpler," he said. "Like most bank heists in the past, the easiest way to accomplish this will be through an inside job at a major firm. I don’t think the SEC is prepared for those kinds of violations. Nothing in its recent statements suggests otherwise."
"We will likely see a greater use of self-reporting initiatives as an enforcement mechanism by the SEC, particularly in areas on which the Enforcement Division has placed a high priority such as the protection of retail investors," said Mayer Brown partner Matthew Rossi. "The SEC perceived its previous Municipalities Continuing Disclosure Cooperation Initiative as a success and the Division of Enforcement has now launched the Share Class Selection Disclosure Initiative (ACA Insight, 2/26/18). These kinds of initiatives are an attempt by the Enforcement Division to address what it perceives as industry-wide problems while conserving its investigative resources by providing specific incentives for self-reporting. The Division of Enforcement may find these initiatives particularly attractive at a time when its resources and budgets are reduced or remain static."
Cryptocurrencies, blockchains and ICOs
The co-directors noted that the agency issued a report regarding ICOs in July 2017. That report addressed the applicability of existing federal securities laws to the offer and sale of virtual tokens created and distributed on a blockchain. In the report, "the Commission applied longstanding securities law principles to conclude that this virtual token constituted an investment contract and therefore was a security, and to reiterate the fundamental principle that the federal securities laws apply – including those relating to offers, sales and trading – regardless of whether the security is certified or issued on a blockchain."
Actions that the Division took in regard to ICOs and cryptocurrencies were also mentioned by Avakian and Peikin. Among them were:
A November 2017 joint statement with OCIE regarding the unlawful promotion of ICOs by celebrities and others;
A January 2018 joint statement with the CFTC in which the two agencies advised market participants that "when they engage in fraud under the guise of offering digital instruments – whether characterized as virtual currencies, coins, tokens, or the like – the SEC and the CFTC will look beyond form, examine the substance of the activity, and prosecute violations of the federal securities and commodities laws;"
A March 2018 joint statement with the Division of Trading and Markets alerting investors that if they use online trading platforms for trading digital assets, they may not have the protections provided by the federal securities laws and SEC oversight; and
A number of enforcement actions for alleged ICO-related violations of registration requirements, as well as when "technology is merely a veneer for an alleged fraud."
Other areas of testimony by Avakian and Peikin included:
Retail investor focus. The SEC has long made protecting retail investors a priority, and the agency under Clayton has, if anything only reinforced that priority. The co-directors told the House panel about the creation of a Retail Strategy Task Force that will focus on developing "effective strategies and techniques to identify, punish and deter misconduct that most affects everyday investors."
Holding individuals accountable. "Since May 2017, a significant number of the Commission’s enforcement actions have also involved charges against one or more individuals," Avakian and Peikin said, adding that these have involved charges against top executives of large companies and firms, "including CEOs, CFOs, presidents and senior partners. The Commission also has charged individuals in several cyber-related matters."
Imposing effective sanctions. The co-directors said that the Enforcement Division "does not take a formulaic or statistics-oriented approach to determining what sanctions we will recommend in a particular matter." Instead, they said, they look at the individual facts and circumstances. "We often work with [the Division of Economic and Risk Analysis] to provide critical analysis in recommending appropriate sanctions. This allows the Commission to pursue the package of available remedies that is most appropriate in the matter at hand."
Frumento suggested that there may be less behind these initiatives than meets the eye. "What does it mean to have a focus on retail investors?" he asked. "It generally means going after little-known firms and small-time players for easily prosecuted violations. Holding individuals accountable, therefore, does not mean punishing the CEO of a major firm – it means throwing some penny-ante scam artist out of the business. In fact, the SEC’s priorities line up pretty well with the agendas of the major securities firms, who would just as soon eliminate small firms, or will at least derive competitive advantages from having the spotlight of enforcement activity shine brightly upon them."