Recently, SEC Commissioner Hester Peirce delivered this speech. Peirce never mentioned the Foreign Corrupt Practices Act, but so much of the speech is FCPA relevant.
Indeed, Peirce touches upon topics discussed for years on FCPA Professor such as: the seeming emphasis by government of quantity of enforcement over quality of enforcement; the timing of SEC enforcement actions at the end of a fiscal year as a form of “earnings management;” how the SEC should use other avenues short of enforcement actions to address new and emerging issues (I’ve long believed that the SEC should have used a Section 21(a) Report of Investigation, rather than enforcement actions, to address internship and hiring practice issues); the importance of due process in enforcement; how enforcement agencies should not expand the law through enforcement just because they can; and how issuers and others subject to SEC enforcement settle for simple reasons of risk aversion.
In the speech, Peirce stated:
“[SEC Chair Jay Clayton] understands the importance of vigorous enforcement in protecting investors and building the environment in which capital formation can take place. He does not, however, view enforcement statistics as the measure of the agency’s success. I share the Chairman’s commitment to strong enforcement of our securities laws, without making raw numbers the measure of our success.”
I am here today, though, to talk about the small part of our enforcement work that is controversial. Some of you may have read an article earlier this week that suggested that I have “a penchant for saying, ‘No,’ when it comes to [the Commission’s] enforcement work.” The article noted that my “yes” votes are above 85 percent, but my 15 percent no rate is higher than the rate at which any other Commissioner votes against recommendations from the Enforcement Division. Without touching on any particular enforcement matter, I hope today’s remarks will help to explain the why behind my no’s.
I will discuss the overarching philosophy for our enforcement program, some factors that guide my consideration of enforcement recommendations, and several practices that give me pause when I am reviewing enforcement actions.”
Under the heading “The Danger of Playing to the Numbers,” Peirce stated:
“Enforcement is not an end goal for the Commission; it is a last resort in getting to that goal. Of course, this begs the question, “What is the end goal?” The end goal is fulfilling our mission—protecting investors, facilitating capital formation, and maintaining fair, orderly, and efficient markets.
To appropriately calibrate our enforcement program, we must spend our limited enforcement resources wisely. We cannot bring an enforcement action every time we discover a violation, nor should we. The current hiring freeze makes the need for careful use of resources even more pressing than it normally is. We cannot bring every case under the sun, but must focus on the cases that will actually make a difference. This careful approach to enforcement is what we owe taxpayers, investors, and all of the participants in our capital markets.
In the past, we sometimes have taken a less resource-conscious approach — a more-is-always-better approach. From 2013 to 2016, for example, the SEC embraced a “broken windows” philosophy of enforcement. This philosophy was well-intentioned — punish the small violations to make sure that people are always on their toes and to demonstrate that the SEC is serious about enforcement. Punishing every small violation, however, means casting discretion aside in favor of making the SEC look tough. Violations are not all equally serious. I agree with Commissioner Michael Piwowar, who notes: “If every rule is a priority, then no rule is a priority.”
An enforcement program that pursues every minor violation might appear, at first glance, to be a successful one. Under such an approach, the raw number of enforcement actions is likely to be high. A key metric to gauge success becomes the number of enforcement actions. By holding up raw numbers as the measure of success, the broken- windows-era SEC felt pressure to exceed its previous year’s enforcement actions. It was an arms race as our lawyers rushed to settle a case or sprint to the courthouse — or the administrative law judge — to file the next action, especially as the SEC’s fiscal year end neared: our own version of earnings management.
The numbers did climb. In 2013, the SEC brought 686 enforcement actions with monetary sanctions of $3.4 billion. Of these actions, 132 involved simple filing matters, in which a company was deregistered for being delinquent in their Commission filings. Deregistering delinquent filers is important, but giving these types of matters the same weight as a complex accounting fraud in a count of enforcement actions is misleading. As former SEC Commissioner Dan Gallagher observed at this same conference five years ago, “Numbers alone don’t tell the full story of the Enforcement Division’s work, let alone put it into its proper context.” Fast forward to 2016 — the final year of the SEC’s “broken windows” era. That year, the SEC brought 868 enforcement actions with monetary sanctions of $4 billion. Again though, we have to delve deeper into the numbers to understand what happened. Of these 868 enforcement actions, 404 actions — 47 percent — resulted from the following: first, “follow-on” administrative proceedings seeking bars based on the outcome of Commission actions or actions by criminal authorities; second, proceedings to deregister public companies that were delinquent in their Commission filings; and third, actions brought as part of the Commission’s voluntary, self-reporting program that targeted misstatements and omissions in municipal bond offering documents. Again, the goal is not to suggest that any particular matter was not important, but that the numbers do not necessarily tell much of a story on their own.
While following the “broken windows” approach, perhaps the SEC should have changed its name to the “Sanctions” and Exchange Commission, because it acted like a branch of the U.S. Attorney’s Office for the Southern District of New York. Maybe this approach is natural for a prosecutor, although in the criminal context, discretion is important too. In any event, in contrast to prosecutors, the SEC has a range of tools — some of which are easier, less disruptive, cheaper, and faster to use than enforcement — to address problems it identifies.
An enforcement philosophy that pursues minor violations with the same vigor as it does major violations causes major problems. First, it diverts resources from high priority issues. The unsurprising result of the broken windows approach — one that aligned perfectly with our metrics of choice — was that the SEC brought a lot of enforcement actions with lots of penalties. But the end goal is better functioning markets and investor protection, and I worry that, for fear of depressing the numbers, we might have avoided important matters that would have been time-consuming to pursue.
Second, an enforcement-first approach sends the message to regulated entities and others that picking up the telephone to ask the SEC a question about how to comply is risky; why draw attention to yourself by asking a compliance question of an agency that thinks every foot fault is enforcement-worthy?
Third, a broken windows approach provides bad incentives for Commission staff. It rewards enforcement staff for the number, rather than the quality of cases. It nudges staff to recommend charging some violation — even a minor one — rather than closing an investigation without bringing an enforcement action. It encourages compliance personnel to measure themselves by the number of enforcement referrals they make.
Fourth, such an approach contributes to an unhealthy capital formation environment. Companies considering an initial public offering (“IPO”) have one more reason not to conduct an IPO. Why should companies expose themselves to a potential enforcement action based on a slight misstep in complying with the extensive public company ruleset?
Fifth, an enforcement program that insists on pursuing minor violations imposes unwarranted costs on companies and individuals. The effects of an investigation or proceeding on a private party can be devastating. Boards and managers of companies under investigation are distracted from company business, and company funds go to attorneys, rather than to productive uses. For the individual under investigation, professional careers, reputations, and personal relationships can suffer. As the SEC’s canons of ethics put it: “The power to investigate carries with it the power to defame and destroy.” This price is too high for violations that are minor. The SEC must do its job, but we should save our enforcement program — with the great weight it carries — for violations of a sufficiently serious nature to warrant the expense to us and to those whom we pursue.
Today, the SEC, no longer measuring its success by tallying up enforcement statistics, is making a more concerted effort to bring only meaningful enforcement actions.
As I consider enforcement matters before the Commission, one of the things I think about is whether we are using our enforcement resources wisely. Was there a meaningful violation? Is this a matter that could have been handled by OCIE or that another foreign or domestic authority is already handling? Would a rulemaking, an interpretive release, or an investor alert be a more appropriate response to an issue?
When I believe that we ought not to have spent our Enforcement Division’s time and effort on a matter, I am likely to vote against it. The Commission — which is better positioned than the staff to dispassionately consider resource allocation on a Commission-wide basis — generally is asked to weigh in only once the staff has a recommended settlement in hand or when the staff is recommending litigation. Votes at this late stage can nevertheless serve as guidance for future staff decisions.”
Under the heading “Taking the High Road, Even It It Is The Hard Road,” Peirce stated:
“Due process considerations also play an important role in informing how I vote on enforcement recommendations. I have had the privilege of serving as an SEC Commissioner now for four months, and in that time, have focused on a number of areas in which the Commission needs to be vigilant. I want to ensure that the Commission is known for taking a vigorous, but careful enforcement approach.
The Constitution states that “[n]o person shall…. be deprived of life, liberty, or property, without due process of law.” Given the power and reach of the Commission, due process is of paramount importance. The rules should be clear, so that individuals know in advance the actions that constitute violations. In enforcing the rules, the SEC should be even-handed and sensible. An unwavering commitment to due process is particularly important in light of the continued growth in the volume and complexity of the securities rulebook.
Following due process principles is rarely costless, comfortable, or convenient for a regulator, but doing so speaks volumes of the agency’s integrity and helps to bolster the agency’s standing in the markets, the courts, and the minds of the American people. In short, an agency that adheres to basic principles of due process will be more effective at carrying out its mission. For this reason and because I took an oath to uphold the Constitution, due process considerations weigh heavily in my determinations about how to vote on enforcement matters.
The first issue I am watching is rulemaking by enforcement. Due process starts with telling individuals in advance what actions constitute violations of the law. Enforcement is a faster and more convenient approach to establishing obligations than rulemaking given how cumbersome and time-consuming the rulemaking process is under the Administrative Procedure Act (“APA”). However, the APA’s obstacles to rulemaking are intentional; before imposing a new regulatory burden, an agency must take a set of steps designed to ensure that there is a problem that needs fixing and that the agency’s solution is appropriate. As tempting as it can be, it is wrong to try to do an end run around the APA by using the enforcement process to make policy. Instead, the Enforcement Division only should bring actions based on established legal obligations.
A related issue to which I am paying attention is the degree to which our enforcement process is being used to push the bounds of our authority. Congress sets the parameters within which we may operate, and we ought not to stray outside those boundaries through, for example, overly broad interpretations of “security” or extraterritorial impositions of the law. Our canons of ethics specifically caution us against exceeding “the proper limits of the law” and argue for us remaining “consistent with the statutory purposes expressed by the Congress.” The practice of attempting to stretch the law is a particular concern when it occurs in settled enforcement actions. Often, given the time and costs of enforcement investigations, it is easier for a private party just to settle than to litigate a matter. The private party likely is motivated by its own circumstances, rather than concern about whether the SEC is creating new legal precedent. However, the decision made by that party about whether to accede to an SEC’s proposed order can have far-reaching effects. Settlements — whether appropriately or not — become precedent for future enforcement actions and are cited within and outside the Commission as a purported basis for the state of the law. Quite simply, a settlement negotiated by someone desperate to end an investigation that is disrupting or destroying her life should not form the basis on which the law applicable to others is based.
The third issue I am watching is the length of SEC investigations. It is harder for people to defend themselves against older charges, and the psychological toll of prolonged investigations can be heavy. The Commission is sometimes asked to vote on matters that involve conduct a decade or more in the past. Granted, there are many factors contributing to the age of investigations, including many factors beyond the SEC’s control. The SEC might not learn of bad conduct for years, especially if the violators are actively trying to hide it. It can take years to conduct investigations, which often involve many documents and complex facts. Also, as I previously noted, the SEC has limited resources and unlimited potential demand for those resources. At times an important investigation gets pushed to the back burner to make room so an even more pressing enforcement action can move to the front burner. Sometimes, however, Commission staff have been reluctant to close investigations because of an understandable fear of missing something or appearing to have too light of an enforcement touch. Closing an investigation that does not uncover a substantial violation without bringing an enforcement action is sometimes viewed as a failure instead of the right result. In the meantime, individuals and entities under SEC investigation endure years of uncertainty. While I am pleased that thanks to the leadership of Steve and Stephanie, the Commission is making great strides at shortening the enforcement timeline, there is more progress to be made.
These are some of the process issues to which I pay attention. More generally, it is important that we ensure that the parties against whom we are bringing enforcement actions have had a full and fair opportunity to present their side of the story. In this vein, it is helpful to read the Wells submissions and white papers that parties in enforcement actions generally have the opportunity to submit.”
Under the heading “Ensuring That Our Enforcement Program Does Not Cause Harm,” Peirce stated:
“Another consideration underlying some of my no votes is whether our enforcement action will have unintended consequences. Choices about which remedies to impose or which individuals to pursue can have ramifications that the Commission needs to take into account.
Civil penalties against corporations are another area of concern and a reason that I have voted against some enforcement recommendations. I can best explain my concerns on this issue by telling you a quick story, which as you can guess, has happened many times in real life. In our story, employees of a U.S. publicly-listed company commit accounting fraud. At first, the fraud goes undetected and raises the company’s share price, but then, the fraud is exposed and the share price tumbles down. The SEC opens an investigation. The SEC charges the company, but the responsible individuals at the company are not charged, because the evidence is difficult to marshal in support of individual liability. The investigation leads instead to a recommendation that the SEC enter into a settlement with the company, which will pay a hefty corporate penalty. Of course, the company’s shareholders are the ones who will actually pay the penalty. After being the victims of the fraud that has led to an SEC investigation, shareholders are now paying a corporate penalty to resolve the matter. The responsible individuals have twice forced the shareholders to pay for their wrongdoing. The SEC needs to be extremely careful in how and when it imposes corporate penalties to avoid making an already bad situation worse for shareholders.”
FCPA Institute - Minneapolis (June 20-21, 2019)
A unique two-day learning experience ideal for a diverse group of professionals seeking to elevate their FCPA knowledge and practical skills through active learning. Learn more, spend less. CLE credit is available.