Following up on our earlier report that Mary Jo White, the chair of the Securities and Exchange Commission, will step down at the end of the Obama administration, news of other departures within the SEC has begun to spread.  The latest is Keith Higgins, head of the Division of Corporation Finance, who announced his plans to leave the SEC in January.  According to Sarah N. Lynch at Reuters, Higgins was oversaw the adoption of many rules pursuant to the 2012 Jumpstart Our Business Startups (JOBS) Act.

CEO treeOther top SEC officials who have recently announced their planned departures include: Stephen Luparello (Trading and Markets Division Director), Mark Flannery (Chief Economist), Matthew Solomon (Chief Litigation Counsel), and James Schnurr (Chief Accountant).

According to Lynch, Andrew Ceresney (SEC Enforcement Director), who worked alongside White prior to joining the SEC, both in private practice and at the U.S. Attorney’s Office in New York City, declined to comment on any plans to leave the SEC.

As we noted previously, these departures will continue to pave the way for President-Elect Trump to to deregulate the financial sector.

According to Tatyana Shumsky at the Wall Street Journal, the Securities and Exchange Commission has increased efforts to regulate the use of accounting metrics that do not conform to the U.S. Generally Accepted Accounting Principles, known as non-GAAP.  The SEC’s endeavor began through its division of corporation finance, which issued new compliance guidelines and sent more non-compliance letters to companies than it had in the past.  More recently, the SEC’s enforcement division is getting involved and has been probing companies on their non-GAAP financial reporting practices, as reported by the WSJ.  Indeed, according to Michael Maloney, chief accountant of the SEC’s enforcement division is looking into violations of rules governing non-GAAP metrics.  “It is a focus in within the division, we are looking closely at it,” Mr. Maloney told the American Institute of CPAs conference in Washington on Tuesday, as reported by Shumsky.

money and calculatorThe takeaway for companies that use non-GAAP metrics in their financial reporting is that the SEC has signaled their intent to increase regulation and enforcement in this area.  Be sure your compliance team has reviewed your non-GAAP financial reporting practices, particularly in light of the SEC’s division of corporate finance’s new compliance guidelines, which can be found here: https://www.sec.gov/divisions/corpfin/guidance/nongaapinterp.htm

The latest post-election domino has fallen.  Mary Jo White, the chair of the Securities and Exchange Commission, will step down at the end of the Obama administration.  White announced her departure on Monday, paving the way for Trump to implement his plan to deregulate the financial sector. In addition to replacing White, Trump will be able to fill two openings on the five-member commission, according to Renae Merle of the Washington Post.  Thus, it is clear that Trump will be able to reshape the direction of the SEC and quickly pursue a path towards deregulating Wall Street.

Board

Financial institutions, firms, brokers, counsel, and investors should all keep a close eye on potential replacements that Trump is considering, as they will have an immediate impact on securities regulation, or lack thereof.  It is now abundantly clear that the regulatory landscape is about to undergo a major shift.  Stay tuned.

Consistent with the ongoing guidance/requirements from the SEC and FINRA, all firms must have and enforce data security policies and procedures.  Even the best policies and procedures may, however, not protect the firm in every instance.  So what do you do if there is a breach?19196909_s

One of the most important things to determine is what law governs.  In other words, if you have clients in all 50 states, it is possible that there are 50 different data breach laws that may be implicated.  Fox Rothschild LLP has a free app, Data Breach 411, which provides an overview of state data breach laws.

Knowing what you need to know is imperative when assessing a data breach.

 

 

On Monday, September 12, 2016, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced that a “Supervision Initiative” will take place across the country.

OCIE staff will conduct focused RIA examinations of firms employing or contracting with supervised persons, who have a disciplinary history.  OCIE plans to evaluate the effectiveness of RIA compliance programs, supervisory oversight practices, and disclosures to clients and prospective clients, concentrating on the potential risk disclosures arising from financial arrangements initiated by supervised persons with a disciplinary history.  OCIE’s justification for this targeted examination is its belief that firms, who hire those with disciplinary histories, are more likely to have future disciplinary issues arising from these individuals’ conduct.

Frankly, this announcement should come as no surprise to anyone.  The SEC has made it abundantly clear over the years it does not like people who have disciplinary histories working for regulated entities.  However, the SEC always seems to fail to consider that, for a significant part of the securities industry, disciplinary histories have become the norm given the ease where people may make complaints against registered persons, and how expensive and difficult the regulators have made fighting unfounded allegations.  Numerous registered persons have had to make the difficult choice of agreeing to resolve disciplinary charges simply because the price of fighting them would be too great.

Conveniently, the SEC ignores this fact and instead will seek to further stigmatize many hard working and honest members of the securities community.

 

The SEC has repeatedly included issues around social media in its annual exam priorities for investment advisers. With the SEC’s recent release of a final rule on the subject, the SEC has taken that “exam priority” to the next level.

Under this new rule, investment advisers will have to complete an additional component to their annual Form ADV filed with the SEC. In doing so, investment advisers will have to disclose their addresses for Twitter, Facebook and LinkedIn. So what’s the point?

By requiring this disclosure, the SEC can better focus on each examined firm’s use of social media. Undoubtedly, the SEC will use this information when framing its examination of individual firms.

The SEC can also use this information on an ongoing basis to assess what firms are putting out there on social media. The industry has to assume that the SEC will be doing more with this information than just tucking it away for examination purposes.Core Values

This new rule should incentivize you to review your social media policy, assuming that you have one. If you do not have one, you need to have one prepared.

You should also monitor the information that your firm is putting out there on social media. Does it confirm with SEC rules? Rest assured. If you are not minding the store, the SEC will.

Back in April, the Securities and Exchange Commission sought public comments on modernizing certain business and financial disclosure requirements in Regulation S-K.  In their Concept Release, the SEC noted that some investors and interest groups have “expressed a desire for greater disclosure of a variety of public policy and sustainability matters, stating that these matters are of increasing significance to voting and investment decisions.”

48936020 - man pointing at the brown picture of oil industry components and green eco energy arranged in circle, earth in the centre, concept of environmentIn response to the SEC’s request for comment, numerous environmental groups pressed the SEC to require disclosure of environmental, social, and governance risks in companies’ public filings.  According to Law360’s Juan Carlos Rodriguez, last week the Sierra Club, Greenpeace, Friends of the Earth and several other groups urged the SEC to create uniform environmental, social, and governance (“ESG”) disclosure requirements for companies, which would enable investors to identify companies that reflect their values.

However, as Rodriguez noted in his article, there were others who cautioned the SEC against going too far with ESG disclosures.  For example, the American Fuel & Petrochemical Manufacturers advised the SEC that “Such supplemental discussion beyond the bounds of mandated disclosure enriches the public discussion of ESG issues, but may not be material and should not be conflated with disclosures made pursuant to Regulation S-K according to the longstanding principles of financial relevance and materiality upon which the securities markets rely.”

The takeaway here is that the SEC will likely begin to require ESG disclosures from companies in their public filings.  Rodriguez explained that the SEC’s investor advisory committee has noticed a “significant and growing” number of investors who rely on sustainability and other public policy disclosures to better understand a company’s long-term risk profile.  Thus, while it is unclear what those ESG disclosure requirements will be, it is likely that some additional regulations and disclosures will be forthcoming, so plan accordingly.

To read more, please visit: http://www.law360.com/environmental/articles/820522

The SEC recently created a new position associated with cybersecurity; senior adviser to the chair for cybersecurity (Christopher R. Hetner). Mr. Hetner has an extensive background in information technology and, in particular, cybersecurity.

19196909_sAccording to the SEC, Mr. Hetner will be responsible for (i) coordinating cybersecurity efforts across the SEC; (ii) engaging with external stakeholders; and (iii) enhancing SEC mechanisms for assessing broad-based market risk. This appointment could have a wide-ranging on the industry.

As we know, the SEC has made cybersecurity an exam priority over the last few years. The SEC is also actively conducting cybersecurity investigations and undertaking enforcement actions where appropriate. According to Chairperson White, the SEC is looking to bolster its risk-based approach. So what does this mean on a day-to-day basis?

Understand that the SEC has just upped the stakes. By retaining an industry expert who is solely focused on data-security related issues, the industry must be prepared for the SEC and FINRA to come after firms regardless if the firm sustains a breach or clients suffer harm as a result. Firms with weak or no data-security programs will surely be targeted.

Are you prepared to handle this even more focused mission of the SEC? If not, you need to more fully review you systems and procedures, both internally and externally facing. Are you testing your systems and procedures on a regular basis? If not, you better start.

The SEC is prepared; are you?

If you thought the SEC and FINRA were serious about elder issues, welcome to the Alabama, Indiana and Vermont. Each has focused on elder abuse issues.

These states will have mandatory reporting to state officials in instances involving the disabled or those over 65 years of age. They will also allow advisors to cease disbursing funds from clients and providing advisors with immunity associated with doing so. So what does this all mean?

For one, states are starting to run on the coattails of federal regulators who have made elder issues an examination priority in recent years. In addition, such state laws should be a wake-up call for brokerage and advisory firms who service elder clients.money and calculator

The actions of these states should force you to ask yourself; what is my firm doing to prevent, detect and report elder abuse. Although a FINRA proposed rule does not require reporting, its goal is the same because it would allow advisors to designate a third-party to who they can inform of suspected problems.

In the absence of reporting requirements, firms should consider having clients aged 65 or above designate a trusted family member or friend when the advisor suspects that the client may be the subject of some abusive conduct. At that point, you may have a group approach to address suspected abuse.

Firms may also want to consider requiring these elder clients to designate a trusted family member or friend to receive copies of account statements. This way, someone who is “independent” can check an account for irregular activity as well.

Whether you are required to address elder abuse or not, firms should make sure that they are taking special care with their elder clients. Federal regulators and now states are focused on the issue. Are you doing anything to make sure your firm does not get into an elder abuse nightmare?

Anyone in a professional service business, like being a stock broker, have been faced with a client who decides to make a stupid decision. But the issue we all face is when that decision results in the client losing money; who is to be held accountable.whistleblower

Fortunately, the law does not require you to stop a client from making a stupid decision with their investments. As long as a broker-dealer’s advice was suitable and the investment advisor’s advice is in keeping with the fiduciary duty, you should not be held accountable.

But this does not mean a client who has now lost money won’t try to hold you accountable for letting them make a stupid business decision. So how do you protect yourself?

The best way to protection yourself is to send the client a letter or email at the time that the client makes the bad decision. The communication should detail why you think it is a bad decision and the potential ramifications associated with that decision.

At a minimum, you should make a note in your file, either electronic or in hard copy, that the client made the bad decision and that you (presumably) advised against it.

The law should protect you from stupid clients, but make sure you protect yourself. Contemporaneous communication to the client and notation to the file may save you millions of dollars in the future.