Almost from the very outset of COVID-19 in early 2020, investors and others have filed pandemic-related securities suits and other claims against companies and their executives. Even though the initial outbreak is now nearly 27 months in the past, claims activity continues. In the latest development, a grand jury has returned an indictment against a health care company’s former CEO concerning statements the CEO made in April 2020 about the company’s ability to profit from sales of COVID-19 rapid tests. The SEC filed a parallel enforcement action against the company and the CEO as well.
Continue Reading DOJ, SEC Press COVID 19-Related Charges Against Health Care Company, CEO
SEC Enforcement Action
Public Company SEC Enforcement Activity Declined in FY 2021
According to the latest report from the NYU Pollack Center for Law & Business in conjunction with Cornerstone Research, SEC Enforcement Activity against publicly traded companies and their subsidiaries declined in fiscal year 2021 (which ended on September 30, 2021) relative to recent years as well as relative to fiscal year 2020. Monetary recoveries were in aggregate greater in FY 2021 relative to FY 2020. The report, entitled “SEC Enforcement Activity: Public Companies and Subsidiaries: Fiscal Year 2021 Update” can be found here. Cornerstone Research’s November 17, 2021 press release about the report can be found here.
Continue Reading Public Company SEC Enforcement Activity Declined in FY 2021
SEC’s Whistleblower Protections Extend Beyond Just Employees
While the most common type of whistleblower may be a disgruntled employee, others can be whistleblowers, too. And as a recent SEC enforcement action highlights, interfering with these others’ attempts to communicate with the SEC can violate the agency’s whistleblower protection rules. In an amended complaint filed on November 4, 2019 in a pending SEC enforcement action, the agency alleges that the defendant company and one of its principals violated the SEC’s whistleblower rules by requiring the company’s investors to enter agreements in which the investors agreed not to contact the SEC or other regulatory enforcement authorities. The SEC alleges that these actions violated the agency’s whistleblower rules. A copy of the SEC’s November 4, 2019 press release about the amended complaint can be found here.
Continue Reading SEC’s Whistleblower Protections Extend Beyond Just Employees
Guest Post: The SEC/Musk/Tesla Settlement: The Dawning of a New Era of SEC Internet Enforcement
As I detailed in a post at the time (here), on Thursday last week, the SEC filed a securities fraud enforcement action against Tesla Chairman and CEO Elon Musk in connection with his now infamous tweets, in which he said he had “secured” funding to take the company private at a substantial premium over the company’s then-current share price. On Saturday, September 29, 2018, the SEC announced in a press release (here) that it had reached a settlement of the action with Musk, as well as in a separate action against Tesla filed simultaneously with the settlement. In the following guest post, John Reed Stark, the President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, takes a look at the SEC’s enforcement actions and settlements with Musk and Tesla and provides his insight about what these developments may signify as far as the SEC’s enforcement posture regarding communications on the Internet. A version of this article originally appeared on the Securities Docket. I would like to thank John for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is John’s article.
Continue Reading Guest Post: The SEC/Musk/Tesla Settlement: The Dawning of a New Era of SEC Internet Enforcement
SEC Files Securities Fraud Suit Against Elon Musk Over Take-Private Tweets
Elon Musk’s August 7, 2018 Tweets, in which he had “secured” funding to take Tesla private at a substantial premium over the then-current share price, have already produced a storm of controversy and a series of securities class action lawsuits against him and the company. The Tesla CEO’s now-infamous Tweets have now also led to a SEC enforcement action against him, in which the agency alleges that Musk’s statements in the Tweets were “false and/or misleading” because “he did not have an adequate basis in fact for making these assertions.” The agency seeks injunctive relief, disgorgement, civil penalties, and a bar prohibiting Musk from serving as an officer or director of any public company. The SEC’s complaint against Musk can be found here. The SEC’s September 27, 2018 press release about the enforcement action can be found here.
Continue Reading SEC Files Securities Fraud Suit Against Elon Musk Over Take-Private Tweets
Guest Post: Key Takeaways From the SEC Morgan Stanley Cybersecurity Case
As I noted in a recent post, on June 8, 2016, the SEC, in what one commentator called “the most significant SEC cybersecurity-related action to date,” announced that Morgan Stanley Smith Barney LLC had agreed to pay a $1 million penalty to settle charges that as a result of its alleged failure to adopt written policies and procedures reasonably designed to protect customer data, some customer information was hacked and offered for sale online. In the following guest post, John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, takes a look at the circumstances at the company that led to this enforcement action and reviews the important lessons that can be learned from what happened. A version of this article originally appeared on CybersecurityDocket. I would like to thank John for his willingness to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this site’s readers. Please contact me directly if you would like to submit a guest post. Here is John’s guest post.Continue Reading Guest Post: Key Takeaways From the SEC Morgan Stanley Cybersecurity Case
Guest Post: SEC’s Regulatory Action Against R.T. Jones: Did the Other Cybersecurity Shoe Just Drop?
On September 22, 2015, in what has been described as the SEC’s first cybersecurity-related enforcement action, the SEC announced that it had entered a settlement St. Louis-based investment advisor R.T. Jones Capital Equities Management, Inc., based on charges that the company had failed to establish the required cybersecurity policies and procedures in advance of a breach that compromised the personally identifiable information (PII) of approximately 100,000 individuals, including thousands of the firm’s clients. A copy of the SEC’s order related to the settlement can be found here.
In the following guest post, David Wohl and Paul Ferrillo of the Weil Gotshal law firm take a look at the SEC’s settlement with R.T. Jones and examine the implications of the settlement, and of the recent guidance from SEC’s Office of Investor Education and Advocacy, for future regulatory action, from the SEC and other agencies. A version of the guest post previously was published as a Weil client alert.
I would like to thank David and Paul for their willingness to publish their article on this blog. I welcome guest post submissions from responsible authors on topics of interest to this site’s readers. Please contact me directly if you would like to submit a guest post. Here is David and Paul’s guest post.
****************************************
Just days after the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued its second round of cybersecurity guidance for its upcoming examinations of registered investment advisers and broker-dealers,[i] the SEC settled an administrative proceeding on cybersecurity issues arising out of a breach at a registered investment adviser, R.T. Jones Capital Equities Management, Inc. (“R.T. Jones”).[ii] As a result of the settlement, R.T. Jones was censured and fined $75,000. On the heels of the recent OCIE guidance and following a year of major cybersecurity breaches (especially at financial institutions),[iii] this proceeding is instructive on a number of points, especially on the question “What happens when you don’t adopt policies and procedures to safeguard client data?”
Continue Reading Guest Post: SEC’s Regulatory Action Against R.T. Jones: Did the Other Cybersecurity Shoe Just Drop?
D&O Insurance: No Coverage for Enforcement Action Because Claim First Made When SEC Subpoena Served Before Policy Inception
A recurring D&O insurance coverage issue involves the question of whether or not a subpoena constitutes a claim, as I have noted on prior posts (for example, here). When this issue comes up, the dispute is usually over whether or not there is coverage under the policy for the costs of responding to the …
SEC Files Enforcement Action Over Internal Controls Reporting: A Sign of Things to Come?
One of the noteworthy features of the Sarbanes-Oxley Act was the legislation’s creation of the requirement for reporting companies to provide a certification from management regarding the company’s internal controls. This requirement has not been the focus of a great deal of attention since the legislation was enacted in 2002. However if the administrative actions …
A Closer Look at Judge Rakoff’s Rejection of the SEC’s Settlement with Citigroup
In a strongly worded November 28, 2011 opinion (here), Southern District of New York Judge Jed Rakoff rejected the proposed $285 million settlement of the enforcement action that the SEC brought against Citigroup Capital Markets. But while he emphatically rejected the proposed settlement, his opinion may also suggest how the SEC might salvage…