Securities Regulation and Enforcement

Posted on 12-18-2018

By: David L. Kornblau and Gerald W. Hodgkins


The enforcement and regulatory priorities of the Securities and Exchange Commission (SEC) have begun to come into focus now that SEC Chairman Jay Clayton has been in office for nearly a year and a half. Courts have also issued decisions that will significantly affect future securities enforcement moving forward. This article discusses the U.S. Supreme Court’s recent decision holding that the SEC’s longstanding process for appointing Administrative Law Judges (ALJs) is unconstitutional; the SEC’s focus on cybersecurity, cryptocurrencies and initial coin offerings, retail investors, whistleblowers, and fiduciary rule reform; waivers of attorney work protection resulting from oral presentations to the SEC staff; and the statute of limitations for SEC enforcement actions.

Constitutionality of the Appointment Process for SEC ALJs

On June 21, 2018, the U.S. Supreme Court held in Lucia v. SEC that SEC ALJs were appointed in violation of the Appointments Clause of the Constitution. 1

Under the Appointments Clause, federal “officers” must be appointed by the President, with the advice and consent of the Senate, while Congress may vest the appointment of “inferior officers . . . in the President alone, in the Courts of Law, or in the Heads of Departments.” 2 Historically, SEC ALJs (like the ALJs of other federal agencies) were formally hired by the federal Office of Personnel Management, with the hiring decision made by the SEC’s Chief ALJ. 3

Resolving a circuit split, the Supreme Court, 7-2, found that ALJs are inferior officers because, in conducting hearings and rendering initial decisions in SEC enforcement actions, they exercise significant authority. Justice Elena Kagan, writing for six members of the Court, also held that the respondent in the case is entitled to a new hearing before a different, properly appointed ALJ or before the SEC itself. The Court did not decide whether the SEC cured the constitutional defect when it “ratified” the prior appointment of its ALJs on November 30,2017. 4

This decision has thrown the SEC’s administrative adjudication system into disarray. In August 2018, the SEC vacated all prior opinions in pending administrative proceedings and ordered that respondents in 194 pending proceedings be given the opportunity for a new hearing before an ALJ who did not previously participate in the matter, unless the parties expressly agreed to keep the previously assigned ALJ. See Order, Exchange Act Release No. 83907 (August 22, 2018); Notice from the Chief Administrative Law Judge, Administrative Proceedings Rulings Release No. 5954 (August 23, 2018); Notice from the Chief Administrative Law Judge, Administrative Proceedings Rulings Release No. 5954 (August 23, 2018). The SEC subsequently assigned 168 proceedings to four different ALJs, with approximately 30 to 50 cases reassigned to each ALJ. See Order, Administrative Proceedings Rulings Release No. 5955 (September 12, 2018).

Some respondents may elect not to incur the expense and burden of a retrial, particularly when the newly assigned ALJ will be aware of the prior decision by one of his or her fellow ALJ’s ruling against the respondent. For cases that will be retried, the ALJs will have to hold hearings and issue new initial decisions by at most 120 days after the reassignment, unless the Commission extends the deadlines. See Order, Exchange Act Release No. 83907 (August 22, 2018). In the meantime, to avoid further overburdening the ALJs, the Commission may bring few, if any, new enforcement actions in the administrative forum.

On the other hand, it appears unlikely that respondents will be able to reopen ALJ proceedings that have become final, including the expiration of all deadlines for appeal. In Lucia , the Court emphasized the importance of “timely” challenges to ALJ appointments. 138 S. Ct. at 2055.


Cybersecurity has been an important priority of the SEC’s Division of Enforcement for several years. In September 2017, the Division of Enforcement formed a specialized Cyber Unit to investigate data protection failures at financial institutions, hacking and account intrusions in connection with insider trading, market manipulation schemes or other forms of securities fraud, and securities law violations involving digital assets (discussed in more detail below). The Cyber Unit also is pursuing market manipulation schemes involving false information spread through electronic and social media, misconduct using the dark web, cyber-related threats to trading platforms and other critical market infrastructure, and more traditional-offering frauds that tout cryptocurrency businesses.

Outside the Cyber Unit, the SEC’s Division of Enforcement is also focused on whether public companies have adequately disclosed cyber-related incidents and risks. In February 2018, the SEC issued guidance on public companies’ obligations with respect to cybersecurity risk and incidents with a focus on disclosure controls and policies and procedures addressing insider trading on the basis of material non-public information about cybersecurity risk and incidents. 5

Although the SEC has been expressing concerns about cyber- related disclosure by public companies for several years, it wasn’t until April 2018 that the SEC brought an enforcement action against a public company for failing to make timely and adequate disclosure about a data breach. The SEC’s action against Altaba (formerly known as Yahoo!) centered around the company’s SEC disclosure after a December 2014 intrusion in which Russian hackers stole usernames, email addresses, phone numbers, birthdates, encrypted passwords, and security questions and answers for millions of user accounts. The SEC alleged that although Yahoo!’s senior management and legal department were aware of the breach, Yahoo! failed to properly investigate the circumstances of the breach and to adequately consider whether the breach needed to be disclosed to investors, which did not happen until more than two years after the intrusion. The SEC charged the company with negligence- based securities fraud, and the company agreed to pay a $35 million penalty and consented to a cease-and-desist order. 6

This settlement highlights significant risks facing public companies. The SEC has indicated repeatedly that the agency will not second-guess good-faith disclosure decisions. Nevertheless, it is clear from the Yahoo! case that there will be some circumstances when the SEC will take enforcement action against a company it believes had poor procedures and controls around cyber-incident disclosure and an unsatisfactory response to a cyber-incident.

On October 16, 2018, the SEC issued an investigative report addressing “cyber-related frauds perpetrated against public companies.” See Report of Investigation, Exchange Act Release No. 84429 (October 16, 2018). In the report, the Commission identifies two common schemes referred to as “business email compromises” (or “BECs”) that have been used to defraud companies: (i) emails from fake executives and (ii) emails from fake vendors, where both seek money transfers. The report also advises companies on how they can implement sufficient internal accounting controls regarding cyber-related threats.

Cryptocurrencies and Initial Coin Offerings

Practitioners advising participants in the cryptocurrency markets must be vigilant about advising them about regulatory risks. Citing the explosive growth of these markets, the SEC and state securities regulators have intensified their efforts to police so-called initial coin offerings (ICOs) under the federal securities laws. Market participants use ICOs to raise capital for businesses and projects. These offerings typically allow individual investors to exchange currency (such as U.S. dollars or cryptocurrencies) for a digital asset labeled a coin or token. Virtual coins or tokens are made possible by blockchain technology, which distributes secure electronic ledgers over vast computer networks and permits peer-to-peer transactions using self-enforcing smart contracts. ICOs raised approximately $6.2 billion in 2017 and approximately $7.1 billion in 2018.

While maintaining that ICOs can in theory be effective sources of capital for innovative projects, the SEC and other regulators have generally sounded an alarm about these transactions. Last summer, the agency warned investors about “potential scams involving stock of companies claiming to be related to, or asserting they are engaging in, Initial Coin Offerings,” and urged particular caution before investing in celebrity-backed ICOs. 7 In January 2018, SEC Chairman Clayton admonished market gatekeepers—securities lawyers, accountants, underwriters, and dealers—to provide sound guidance as to whether certain ICOs are regulated by the federal securities laws. 8 In March, the SEC advised investors trading digital assets online to ask questions before using online trading platforms and to make sure they are registered with the SEC. 9 In May, the agency went so far as to create a mock bogus ICO website that directs gullible investors to investor education tools and tips. 10 Also in May, state and provincial securities regulators in the United States and Canada announced a coordinated series of enforcement actions to crack down on fraudulent ICOs, cryptocurrency-related investment products, and those behind them. 11

The key legal issue for the SEC in this area is whether digital tokens sold in ICOs constitute securities within the definition in the federal securities statutes. If these instruments were deemed not to be securities, the SEC would not have jurisdiction to regulate them or take action against those who sell them fraudulently. Through a series of enforcement actions and public statements by Chairman Clayton and other senior SEC officials, the agency has asserted broad jurisdiction over ICOs, taking the position that most if not all of them involve the sale of a type of security known as an investment contract. 12

The SEC’s position has generated considerable debate. The contours of investment contracts are determined by a test announced by the Supreme Court 72 years ago in SEC v. W.J. Howey Co., 328 U.S. 293, 301 (1946), decades before the creation of the internet or blockchain-based technology. Under the Howey test, an investment contract is an investment of money in a common enterprise with a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others. On September 11, 2018, a federal district court denied a motion to dismiss an indictment in a criminal securities fraud case involving an ICO, holding that a reasonable jury could find that the virtual currencies at issue satisfy the Howey test. 13 The scope of the SEC’s regulatory and enforcement authority over digital assets is likely to be the focus of litigation, and potentially legislation, for years to come.

As of today, the SEC has brought 22 cryptocurrency enforcement actions. In most of the actions, the Commission charged issuers of digital coins or tokens with securities fraud or failure to comply with registration requirements under the Securities Act of 1933. In September 2018, for the first time, the SEC brought cryptocurrency-related enforcement actions against investment companies or advisors. In one of these actions, the SEC assessed a $200,000 fine against a hedge fund manager that invested in cryptocurrencies for allegedly failing to register as an investment company. See Order, In the Matter of Crypto Asset Management and Timothy Enneking, Securities Act Release No. 10544 (September 11, 2018). On the same day, the SEC ordered disgorgement of $471,000 from an ICO “superstore” and its two owners and assessed a fine of $45,000 against each of the owners for allegedly acting as unregistered securities broker-dealers. See Order, In the Matter of TokenLot, Lenny Kugel, and Eli L. Lewitt, Securities Act Release No. 10543 (September 11, 2018).

The Financial Industry Regulatory Authority (FINRA), the industry self-regulatory authority for securities brokers, also recently filed its first disciplinary action involving cryptocurrencies. On September 11, 2018, FINRA filed a litigated action alleging that a former Massachusetts broker unlawfully engaged in an unregistered distribution of a security by selling a digital token called HempCoin and made materially false statements and omissions regarding its business. See Complaint, Dep’t of Enforcement v. Timothy Tilton Ayre, Disciplinary Proceeding No. 2016049307801 (September 11, 2018).

The SEC’s Retail Investor Initiative

On several occasions shortly after becoming SEC Chairman, Jay Clayton described retail investor protection as one of his primary focuses as head of the agency. Five months after he was sworn in, the SEC announced in September 2017 the establishment of a retail strategy task force to leverage data analytics and technology to identify large-scale misconduct affecting retail investors. At the time, SEC Division of Enforcement Co-Director Steven Peikin said, “Protecting the welfare of the Main Street investor has long been a priority for the Commission. By dedicating additional resources and expertise to developing strategies to address misconduct that victimizes retail investors, the division will better protect our most vulnerable market participants.” To create the task force, the Division re-deployed existing staff from other areas to work on the new initiative. The task force members were not expected to work on specific enforcement cases, but, instead, to develop ideas and strategies to identify larger-scale misconduct particularly harmful to retail investors.

Shortly after creating the task force, Peikin’s Co-Director of Enforcement, Stephanie Avakian, provided in a speech the following list of problematic behavior that would be among the focuses of the task force:

  • Investment professionals steering customers to mutual fund share classes with higher fees, when lower-fee share classes of the same fund are available
  • Abuses in wrap-fee accounts, including failing to disclose the additional costs of “trading away” (sending a trade order to another broker or dealer for execution) or trading through unaffiliated brokers, and purchasing alternative products that generate additional fees
  • Investors buying and holding products like inverse exchange-traded funds for long-term investment
  • Problems in the sale of structured products to retail investors, including a failure to fully and clearly disclose fees, mark-ups, and other factors that can negatively impact returns
  • Abusive practices like churning, which is excessive trading that generates large commissions at the expense of the investor

In May 2018, the SEC touted its Share Class Selection Disclosure Initiative—a follow-on from a 2016 initiative of the SEC’s National Exam Program—as an example of its retail investor enforcement efforts. The Share Class Selection Disclosure Initiative can best be described as a leniency program for investment advisors that self-disclose before June 12, 2018, instances of receiving compensation for recommending or selecting more expensive mutual fund share classes for their clients when identical and less-expensive share classes were available, without disclosing this conflict of interest. This program is anticipated to result in numerous enforcement actions against self-reporting investment advisors in the second half of 2018. 14

Eight months into the retail strategy task force’s existence, no other enforcement cases besides the Share Class Selection Disclosure Initiative have been specifically linked by the SEC to the task force’s efforts. Nevertheless, practitioners who represent broker-dealers and investment advisors should anticipate in 2018 announcements by the SEC of multiple enforcement actions stemming from the task force’s work. It is likely that these cases will come in waves given the task force’s focus on trends rather than one-off instances of misconduct.

SEC Whistleblower Program

The SEC’s whistleblower program, created following the enactment of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) in 2010, provides monetary awards to individuals who voluntarily provide information that leads to SEC enforcement actions resulting in monetary sanctions of over $1 million. Qualifying whistleblowers receive 10-30% of the monetary sanctions collected by the SEC. By September 2018, the SEC had awarded more than $326 million to 59 whistleblowers since issuing its first award in 2012. In March 2018, the SEC announced its highest-ever whistleblower awards, with two whistleblowers sharing a nearly $50 million award and a third whistleblower receiving more than $33 million.

In addition to establishing an awards program, the Dodd-Frank Act expanded protections for whistleblowers and broadened prohibitions against retaliation. This generally means that employers may not discharge, demote, suspend, harass, or in any way discriminate against an employee in the terms and conditions of employment because the employee reported conduct that the employee reasonably believed violated the federal securities laws. The SEC has brought three enforcement actions against employers who allegedly retaliated against whistleblowers, most recently in December 2016.

In February 2018, the U.S. Supreme Court held in Dig. Realty Trust, Inc. v. Somers, 138 S. Ct. 767 (2018), that the Dodd-Frank Act prohibits retaliation against whistleblowers only if the whistleblowers reported suspected wrongdoing directly to the SEC. The Court invalidated an SEC rule, promulgated in 2011, which also purported to apply Dodd-Frank anti-retaliation protections to employees who report potential violations only to their employers.

The primary significance of Digital Realty is its impact on the process available to employees with whistleblower-retaliation claims. Because employees who report internally, but not to the SEC, are now excluded from Dodd-Frank protection, their recourse is limited to state-law claims or private actions under another federal law, the Sarbanes-Oxley Act of 2002 (Sarbanes- Oxley). Under Sarbanes-Oxley, a whistleblower must file a retaliation claim first with the Occupational Safety and Health Administration (OSHA) within days of becoming aware of the retaliation and can file in federal court only if OSHA does not rule within 180 days. Under Dodd-Frank, by contrast, a whistleblower can go straight to federal court to allege retaliation and has a much longer statute of limitations— at least six years and in some cases as long as 10 years. In addition, under Sarbanes-Oxley, prevailing whistleblowers are entitled to reinstatement, back pay, and special damages (including litigation fees and costs), while under Dodd-Frank they can win reinstatement and double back pay, but no special damages other than litigation fees and costs. Following the Digital Realty decision, a potential whistleblower who believes that he or she might be the subject of retaliation for reporting internally possible securities law violations will need to communicate his or her concerns directly to the SEC before or simultaneously with reporting to their employer if the employee wants to preserve all potential rights of action against a retaliating employer.

Recently, the SEC has not prioritized actions against employers based on actions to impede employees from reporting possible misconduct to the SEC, in violation of Rule 21F-17(a) (17 C.F.R. § 240.21F-17) under the Securities Exchange Act of 1934, as amended. From April 2015 to January 2017, the agency brought nine such actions based on provisions in voluntary separation agreements or employment policies and procedures that (1) required a departing employee to waive recovery of incentives for reporting misconduct in exchange for receiving monetary separation payments or other consideration; (2) prohibited a departing employee from voluntarily cooperating with the government; (3) prohibited a departing employee from disparaging the employer, without an exception for whistleblowing activity; and (4) required broad non- disclosure obligations on current and departing employees, without exceptions for whistleblower activity. 15 Nonetheless, if the SEC believes that companies have not learned the lessons of these prior actions, the agency could bring more cases in this area. Employment law practitioners should therefore keep them in mind when drafting separation agreements and employment policies and procedures.

Finally, in June 2018, the SEC proposed amending its whistleblower rules. Proposed Rule Amendments, SEC Release No. 34-83557 (June 28, 2018). One of the proposed amendments would allow the agency to decrease the size of an award if it determines that the award would otherwise be too large to advance the goals of the whistleblower program. Another proposed amendment would allow whistleblowers to receive awards when the information they provide leads only to a deferred prosecution agreement or a non-prosecution agreement rather than a civil action or an administrative proceeding. More than 3,000 comments were submitted concerning the proposed amendments. The SEC has not announced when it will issue the final rule amendments.

Fiduciary Rule Reform

Attorneys representing financial institutions or their customers should take notice that in April 2018 the SEC proposed new rules and guidance concerning the standards of conduct for broker-dealers and investment advisors. The more than 1,000- page proposal addresses whether investment advisors and broker-dealers should have identical or different standards of conduct vis-à-vis their retail customers. While investment advisors owe their clients a fiduciary duty, broker-dealers are currently bound by a lesser standard of care centering on the concept of suitability. Under the SEC’s proposal, the standard of care for broker-dealers when providing services to retail customers would become higher than it is today, but still not as stringent as the standard for investment advisors. The SEC also proposed rules intended to clarify the existing fiduciary duty standard for investment advisors and to require additional disclosure to retail customers of both broker- dealers and investment advisors. In addition, the proposal would prohibit broker-dealers from using certain terminology, such as financial advisor, when describing themselves and their services.

The package proposed by the SEC has four key parts.

First, the SEC proposed a rule, which it called Regulation Best Interest, that would heighten the standard registered broker- dealers need to meet when recommending investments to their retail customers. Under this rule, all broker-dealers and associated persons of broker-dealers would be obligated to act in the best interest of their retail customers when offering investment advice. As the SEC described the rule, it would mandate that broker-dealers not prioritize their financial interests before or over those of their retail customers. According to the proposed rule, broker-dealers and associated persons would satisfy this best interest standard through:

  • Reasonable written disclosures to their retail customers about material facts regarding the scope and terms of their relationship and any material conflicts of interest pertinent to a given investment recommendation
  • The exercise of “reasonable diligence, care, skill, and prudence” by having a reasonable basis for making investment recommendations that account for potential risks and rewards in the context of the overall investment profile of the retail customer in question
  • The implementation and enforcement of written policies and procedures that can identify and—at a minimum—disclose or eliminate (a) material conflicts of interest associated with investment recommendations and (b) material conflicts of interest that arise from financial incentives associated with investment recommendations

At the same time, the SEC stated that the best interest duty would not rise to the level of fiduciary duty and that it is not proposing a uniform standard for broker-dealers and investment advisors in light of their differing relationship types and models for recommending investments.

Second, the SEC proposed an interpretation designed to “reaffirm—and in some cases clarify—certain aspects of the fiduciary duty that an investment adviser owes to its clients” under Section 206 of the Investment Advisers Act of 1940. The proposed interpretation notes that investment advisors have “an affirmative duty of utmost good faith and full and fair disclosure of all material facts” to their investors. The SEC describes the investment advisor’s fiduciary duty as both a duty of care—which encompasses a duty to provide advice in the customer’s best interest, a duty to seek best execution, and a duty to act and provide advice and monitoring over the course of the relationship—and a duty of loyalty.

Third, the SEC proposed a new rule that would require investment advisors and broker-dealers to provide their retail customers with a relationship summary through completion of a short-form document called Form CRS. The form would include information regarding the “relationships and services the firm offers, the standard of conduct and the fees and costs associated with those services, specified conflicts of interest, and whether the firm and its financial professionals currently have reportable legal or disciplinary events.” Retail investors would be provided Form CRS at the beginning of a relationship with an investment advisor or broker-dealer and would receive updated information in light of any material changes. The SEC has also made available proposed sample relationship summaries for investment advisors, broker-dealers, and dual registrants to be used for illustrative purposes.

And fourth, as part of the package, the SEC has also proposed a new rule that would restrict broker-dealers and their employees from using the terms “adviser” or “advisor” as part of their name or title in communications with investors unless they are registered as investment advisors. The SEC has also proposed new rules that would require broker-dealers, investment advisors, and any associated persons to disclose in communications with retail customers the firm’s registration status with the SEC and an associated person’s relationship with the firm.

The public comment period for the proposed rules ended on August 7, 2018. A total of 3,842 comments were submitted, including by other regulators (FINRA and the New York State Department of Financial Services) and industry groups (Securities Industry and Financial Markets Association).

If these proposed rules are ever adopted, it probably will not happen until 2019 at the earliest. Nevertheless, practitioners who advise broker-dealers, investment advisors, or their clients should stay alert for developments with these proposals because the proposed rules, if adopted, will require new disclosure obligations for financial institutions in the retail space and will prohibit broker-dealers from using certain terminology, which could force some financial institutions to change their marketing materials. 16

Work Product Waivers from Presentations to the SEC

A December 2017 decision, SEC v. Herrera, 324 F.R.D. 258 (S.D. Fl. 2017), serves as an important reminder to white-collar practitioners concerning the risk of privilege waivers resulting from oral presentations to the SEC staff (or to any government agency). The SEC and Department of Justice (DOJ) often expect companies under investigation to provide detailed information from internal investigations to receive credit for cooperation. Such disclosures may help companies receive leniency but can also increase exposure in related private litigation. Deciding whether to provide the government with attorney work product, and if so how much and in what form, are difficult judgment calls.

In Herrera, a federal magistrate judge ruled that the law firm Morgan, Lewis & Bockius had waived work product protection for interview notes and memoranda when its attorneys provided the SEC staff with “oral downloads” of interviews the firm had conducted in an internal investigation of accounting irregularities. The court found that even though the law firm had not given the SEC staff the actual witness notes and memoranda, the staff had received the “functional equivalent” through oral summaries of the interview materials. The court therefore instructed Morgan Lewis to produce the notes and witness memoranda to former executives litigating an SEC enforcement action. The court also ordered Morgan Lewis to file for in camera review copies of any other notes and memoranda reflecting work product information it provided to the SEC and DOJ about witness interviews.

While Herrera surprised many practitioners who handle government investigations, it is consistent with prior precedent, which also held that substantive oral disclosures regarding witness interviews to a government agency can waive work product privilege. These cases suggest that waiver is more likely to be found where:

  • Attorneys give proffers of certain facts from witness interviews.
  • Interview notes and memoranda are read or relayed in “substantial” part during the oral download.
  • The oral download is very detailed and witness-specific.
  • The oral download uses the same words as the interview memoranda or notes.

If a waiver is found based on oral downloads to the government, the scope of the waiver is potentially broad. For example, in Herrera , the parties settled the scope of the waiver after the court’s decision, but before the settlement was reached. The court had planned to hold an evidentiary hearing on the issue, which would have included testimony from the attorneys who had given the presentation to the SEC and any other attorneys from their firm who “provided summaries, downloads, or excerpts of work-product witness interviews to the SEC or DOJ.”

To minimize the risk of a waiver from factual presentations to the government, practitioners should consider the following practical tips:

  • Provide a list of witnesses interviewed and documents reviewed, rather than providing and attributing specific statements to any individual witness
  • Avoid as much as possible making witness-specific references
  • Use hypothetical language, such as what witnesses would say if asked about identified topics, rather than repeating actual witness statements
  • Avoid relying on interview notes or memoranda during the presentation and use separate talking points that minimize potential litigation risk if a court subsequently ordered them to be produced to an adversary
  • If interview memoranda have to be used during the presentation, rely on only final versions
  • Limit explicit references to witness statements and include them within a more general, thematic presentation
  • Draft interview notes and memoranda carefully and precisely and include only facts to avoid revealing strategy and legal analysis if work product protection is waived

The Statute of Limitations for SEC Enforcement Remedies

Attorneys who handle SEC enforcement investigations and litigation should carefully consider whether the agency’s claims are barred by the statute of limitations. Last year, in Kokesh v. SEC, 137 S. Ct. 1635 (2017), the U.S. Supreme Court held that an SEC claim for disgorgement of ill-gotten gains operates as a penalty and is therefore subject to 28 U.S.C.S. § 2462, the five- year statute of limitations applicable to federal government enforcement actions seeking civil penalties. The Court reasoned that SEC disgorgement awards, which sometimes exceed the defendants’ ill-gotten gains, are not merely remedial, because they do not “simply restore the status quo” and “leave[] the defendant worse off.” 17 Prior to Kokesh , the SEC had long taken the position that its disgorgement claims could reach back in time indefinitely.

Even before Kokesh , most courts had held that SEC suspensions and bars are punitive in nature and thus are subject to the five-year statute of limitations. Such bars and suspensions can end the careers of registered securities professionals or public company officers and directors. Kokesh appears to have removed any doubt that those remedies, like disgorgement, are punitive, and that the SEC may commence an action to impose them only within five years of the conduct at issue. 18

Now there is a serious question whether even SEC claims for injunctions are also governed by the five-year limitations period. For decades, most courts had agreed with the SEC’s view that there was no time limit on injunctive actions because they are remedial in nature. But post- Kokesh , the courts have split on this issue. In SEC v. Collyard, 861 F.3d 760 (8th Cir. June 29, 2017), one court of appeals held that an injunction was not a penalty under Kokesh , because it was imposed to protect the public, was based on the likelihood of future violations, and was not imposed to deter others from violations or to punish the violator. On the other hand, two district courts have dismissed SEC injunction claims as time-barred under Kokesh . 19

The bottom line is that, in light of Kokesh , all SEC enforcement actions may now be subject to a five-year statute of limitations. If the underlying facts in an investigation are approaching the five-year mark, expect the SEC staff to request a tolling agreement and rigorously consider whether it’s in your client’s best interests to sign it.

Market Outlook

The total number of number of SEC enforcement actions filed in the agency’s 2018 fiscal year (which ended on September 30) increased slightly over the prior year. Absent extraordinary market events that trigger a significant increase in enforcement activity, we would expect the overall level of SEC enforcement to continue at a similar level in 2019.

We anticipate an uptick in the number of SEC enforcement actions over the rest of the year, particularly in the agency’s priority areas of ICOs and retail investors. Historically, the SEC has filed a larger number of actions as it approaches the end of its fiscal year on September 30. As a consequence of the Supreme Court’s Digital Realty decision in February narrowing the rights of whistleblowers who report their concerns to their employers but not to the SEC, we expect close scrutiny of whether more whistleblowers go to the SEC. On the regulatory front, in light of the considerable public commentary and debate on the SEC’s proposed fiduciary rule reform and whistleblower rule amendments, we do not expect final rules until 2019 at the earliest.

David L. Kornblau is a partner and the chair of the Securities Enforcement practice group at Covington & Burling LLP, where he represents clients in sensitive and complex investigations, related litigation, and internal investigations. Mr. Kornblau’s clients include investment banks, public companies, stock exchanges, asset management firms, senior executives, portfolio managers, and traders. As a former senior SEC enforcement official and SEC trial lawyer, Mr. Kornblau uses his in-depth knowledge of the agency’s internal workings and personnel to help clients successfully navigate potentially damaging investigations. Gerald W. Hodgkins is a partner at Covington & Burling LLP with a broad regulatory enforcement practice focused on representing financial institutions, public companies, audit firms, and individuals in investigations and enforcement actions brought by the key financial regulators. Mr. Hodgkins has extensive experience in matters pertaining to the SEC and in matters involving broker-dealer and investment adviser regulation, public company accounting, and U.S. anti-corruption law. Assistance provided to the authors by Sharon Kim, Covington & Burling LLP.

To find this article in Lexis Practice Advisor, follow this research path:

RESEARCH PATH: Capital Markets & Corporate Governance > Market Trends > Corporate Governance & Continuous Disclosure > Practice Notes

For more information on cybersecurity disclosures and recommendations for enhancing cybersecurity-related disclosures, see


> Capital Markets & Corporate Governance > Market Trends > Corporate Governance & Continuous Disclosure > Practice Notes

For guidance in finalizing and launching initial coin offerings, see


> Capital Markets & Corporate Governance > Market Trends > Equity > Practice Notes

For a discussion on the SEC’s fiduciary rule and Regulation Best Interest, see


> Capital Markets & Corporate Governance > Market Trends > Investment Management > Practice Notes

For a review of the work product doctrine, see


> Corporate Counsel > Ethics for In-House Counsel > Work Product Doctrine > Practice Notes

For details on the SEC’s whistleblower program under the Dodd-Frank Act, see


> Capital Markets & Corporate Governance > Corporate Governance and Compliance Requirements for Public Companies > Compliance Controls > Practice Notes

1. Lucia v. SEC, 138 S. Ct. 2044 (2018). 2. U.S. Const. Art. II, § 2, Cl 2. 3.See 5 U.S.C.S. § 1302; 5 C.F.R. § 930.204. 4.See Press Release, Securities and Exchange Commission, SEC Ratifies Appointments of Administrative Law Judges (Nov. 30, 2017), available at 5. 6. 7.See SEC Alert, Aug. 28, 2017, available at and SEC Alert, Nov. 1, 2017, available at 8. 9. 10. 11. 12.See Joint Statement by SEC and CFTC Enforcement Directors, Jan. 19, 2018, which is available at; SEC Chairman Jay Clayton, Statement on Cryptocurrencies and Initial Coin Offerings (Dec. 11, 2017), which is available at; SEC Report of Investigation on The DAO, Release No. 81207, July 25, 2017, which is available at 13. UnitedStates v. Zaslavskiy, 2018 U.S. Dist. LEXIS 156574 (E.D.N.Y. Sept. 11, 2018). 14. 15. 16. 17.Kokesh, 137 S. Ct. at 1645. 18.See Saad v. SEC, 873 F. 3d 297 (D.C. Cir. 2017) (Kavanaugh, J., concurring) (“After the Supreme Court’s decision in Kokesh . . . our precedents characterizing expulsions or suspensions as remedial are no longer good law.”). 19.See SEC v. Cohen, 2018 U.S. Dist. LEXIS 121164 (E.D.N.Y. July 12, 2018); SEC v. Gentile, 2017 U.S. Dist. LEXIS 204883 (D.N.J. Dec. 13, 2017).