Last week, the Securities and Exchange Commission announced an award payout of between $475,000 and $575,000 to a former company officer who reported information about an alleged securities fraud. While this is by no means the largest of the 15 payouts the SEC has made since the inception of the whistleblower program in fiscal year 2012 (the SEC awarded approximately $14 million to a whistleblower in October 2013, and roughly $30 million to a foreign whistleblower almost a year later), it is the first time that the SEC provided a whistleblower bounty award under the new program to an officer who learned about the alleged fraud through another employee, rather than firsthand.
Companies should take notice of a new fraud scheme that has been making the rounds, targeting businesses that regularly make wire transfers. Known as the “Business E-mail Compromise,” or BEC, this scam targets employees responsible for wiring money, instructing them under false pretenses to wire large sums to fraudulent accounts. The Federal Bureau of Investigation estimates that the scam has claimed over 2,000 victims and resulted in losses totaling nearly $215 million since October 2013. In one version of the BEC fraud, the e-mail accounts of high-level business executives (CEO, CFO, CTO, etc.) are compromised by the creation of spoof e-mail addresses. The imposters then use the compromised executive’s e-mail account to send a request for a wire transfer to a second employee within the company who is responsible for processing such requests. This version of the scheme has been referred to as “CEO Fraud” or the “Business Executive Scam.” In another variation of the scam, businesses which have a long-standing relationship with a particular supplier or vendor (i.e. a landlord) receive a spoofed e-mail purportedly from that vendor directing the business to wire funds for invoice payment to an alternate, fraudulent account. This version of the scheme has been referred to as “The Bogus Invoice Scheme” or “The Supplier Swindle.”
On February 24, 2015, the SEC announced that it had reached an agreement with Goodyear Tire & Rubber Co. (“Goodyear”) for Goodyear to disgorge more than $16 million to settle FCPA charges stemming from its Kenyan and Angolan subsidiaries. This settlement is notable because it focuses on bribery involving private companies as opposed to official corruption, which is typically prosecuted by the SEC. While the FCPA’s anti-bribery provisions apply only to improper payments to foreign officials, the SEC charged Goodyear with violations of the FCPA’s books and records provisions, which have no such requirement and instead require a company to keep records that “accurately and fairly reflect the transactions and dispositions of the assets of the issuer” and to “devise and maintain a system of internal accounting controls” sufficient to ensure the integrity of the company’s financial records. This use of the books and records provisions is important because it signals the SEC’s intent and ability to use the FCPA to bring broad, far-reaching enforcement cases that have the potential to ensnare any public company.
Securities and Exchange Commission leadership and staff members addressed the public on February 20-21 at the annual “SEC Speaks” conference in Washington, D.C. Common themes among the numerous presentations included the Commission’s increasing use of data analytics, the Commission’s focus on gatekeepers such as accountants and attorneys, and the Commission’s still incomplete rulemakings mandated by both the Dodd-Frank Wall Street Reform and Consumer Protection Act and the Jumpstart Our Business Startups Act.
In an amicus brief filed earlier this month in Berman v. Neo@Ogilvy LCC, the SEC asked the Second Circuit to defer to the Commission and hold that individuals who report misconduct internally are covered by the anti-retaliation protections of the Dodd-Frank Act of 2002, regardless of whether they report the information to the SEC.
We first heard about the SEC’s increased focus on high-frequency trading in June 2014 when the SEC announced its desire to promulgate new rules on high frequency trading to address the lack of transparency in dark pools and alternative exchanges and to curtail the use of aggressive, destabilizing trading strategies in vulnerable market conditions. However, the SEC and other regulators may not need to rely on new rules to regulate high frequency trading. The United States Commodity Futures Trading Commission special counsel Greg Scopino recently published an article in the Connecticut Law Review arguing that certain high frequency trading tactics violate federal laws against spoofing and wash trading.
On February 3, 2015, the U.S. Securities and Exchange Commission released a Risk Alert addressing cybersecurity issues at brokerage and advisory firms, along with suggestions to investors on ways they can protect themselves and their online accounts. FINRA issued a similar, more extensive “Report on Cybersecurity Practices” on the same day.
The National Exam Program Risk Alert, “Cybersecurity Examination Sweep Summary” summarizes cybersecurity practices and policies of 57 registered broker-dealers, and 49 registered investment advisers based on examinations conducted by the SEC’s Office of Compliance Inspections and Examinations (“OCIE”). These findings should be reviewed by CISOs and CIOs who have responsibility for cybersecurity protection because they highlight best practices and areas ripe for improvement. It is reasonable to assume that both the SEC and FINRA will expect firms to review the findings and tailor their own internal assessments and practices to improve their cybersecurity posture, accordingly. They also underscore that the simplest cyber-related scams (phishing, fraudulent e-mail scams, etc.) are still remarkably successful.
On February 4, 2015, the First Circuit affirmed the summary dismissal of a shareholder derivative suit, which brought Nevada state claims for breach of fiduciary duty, waste of corporate assets, unjust enrichment, and entitlement to contribution or indemnification against Smith & Wesson and its officers and directors. Plaintiff alleged Smith & Wesson made false and misleading statements when it overstated its sales projections and earnings guidance while demand collapsed and the Company had excessive inventory. During the course of the litigation, the suit was transferred to the federal District Court of Massachusetts, which granted summary dismissal, upholding the independence of a Special Litigation Committee and the reasonableness of its conclusion not to pursue a claim against defendants. Because Nevada adopted Delaware state law, the First Circuit applied Delaware law to make its ruling.
Today, the Securities and Exchange Commission (“SEC” or “Commission”) announced the terms of a settlement with four of the Respondents in In the Matter of BDO China Dhaua CPA Co., Ltd. The four Respondents are the China affiliates of the “Big Four” international accounting firms —Deloitte Touche Tohmatsu Certified Public Accountants Ltd., Ernst & Young Hua Ming LLP, KPMG Huazhen (Special General Partnership), and PricewaterhouseCoopers Zhong Tian CPAs Limited. The settlement resolves an administrative proceeding brought by the Commission against Respondents pursuant to Rule 102(e) of the SEC’s Rules of Practice over requests made by the SEC for the production of audit work papers located in China.
A federal court’s recent dismissal of Securities Exchange Act claims against the auditor of a Chinese company prompted us to examine the state of recent U.S. civil securities litigation against accounting firms that audited China-based companies that were listed on US exchanges.