One of the most eye-catching items in the recently released 2017 Annual Report of the Enforcement Division of the Securities and Exchange Commission (SEC or the Commission) is the significant decline in enforcement activity from 2017. The report, issued on November 15th and summarizing the agency’s activity from October 1, 2016 to September 30, 2017, has drawn scrutiny from numerous commentators, who view the decline as the result of an ideological shift from the aggressive, prosecutorial style of enforcement of ex-Chairwoman Mary Jo White to a more restrained approach under new Chairman Jay Clayton. However, the SEC insists that despite this shift, it is not “slowing down.”[1] Instead, the SEC has identified new target areas that financial industry professionals should keep in mind.

By the Numbers

The numbers reported by both the Commission as well as independent researchers suggest that vigorous enforcement activity typical of White’s tenure is on the wane. The SEC reported that for fiscal year 2017, it filed 114 fewer actions than it did last year, dropping from 868 cases to 754.[2] The Commission also reported that while the percentage of actions charging individual defendants rose this year from 61% to 73%, total monetary sanctions against all types of targets decreased by 7%.[3] The Commission collected over $4 billion in disgorgement and penalties in 2016 as compared to nearly $3.8 billion in 2017, a difference of almost $300 million.[4]

A number of researchers analyzed the SEC’s enforcement patterns during the first and second halves of 2017, and identified a decrease in actions against corporate entities, but not against individuals. This shift began shortly after Clayton commenced his term in May. A joint report by the New York University Pollack Center for Law & Business and Cornerstone Research concluded that, in 2017, the Commission filed 62 new actions against public companies and their subsidiaries, compared with 92 in 2016.[5] Only 17 of the 62 actions in 2017 were filed in the second half of the year, after Clayton took office.[6] However, according to Professor Urska Velikonja of the Georgetown University Law Center, enforcement against individuals has remained relatively steady from 2016 to 2017, and throughout both halves of this year.[7]

Professor Velikonja also noted that the decline in the number of actions against public companies after Clayton’s arrival resulted in a corresponding reduction in monetary penalties. In the second half of 2017, as corporate entities were charged less frequently, the number of monetary penalties imposed on them declined by over 40%.[8] These penalties included both civil fines and disgorgement orders. With regard to fines, over 30% of the total is attributable to one particular settlement that the SEC entered into with State Street Bank and Trust Company and its subsidiaries ($32.3 million of $140 million).[9] Similarly, with regard to disgorgement, over 70% of the amount ordered emanated from another single settlement with Telia AB ($457 million out of $625 million).[10] Excluding these single-action settlement amounts, the second half of the year’s monetary penalties are even lower, amounting to just $107.7 million in fines and $168 million in disgorgement. With respect to individuals, disgorgement orders and civil fines were similar in both halves of the year, and relatively consistent with trends during previous years.[11]

A Shift in Enforcement Strategy

Commentators attribute this decline to a shift in policy under the Commission’s new leadership. Under White, the Commission was known for a “broken windows” approach, pursuing Wall Street firms, public companies, and individuals for all types of misconduct, from intentional wrongdoing and filing violations, to minor compliance errors. Now, with Clayton in charge, analysts predict that the Commission will continue to target individuals and file fewer actions against public companies.

This continued pursuit of individuals, coupled with restraint towards companies, is consistent with the Commission’s most recent priorities statement, as well as with President Donald Trump’s targeting of the so-called regulatory state. The annual report states that under Clayton, pursuit of individuals will be the rule rather than the exception.[12] One justification for this strategy is deterrence. According to the report, successful actions against individuals are more likely than corporate cases to send messages against similar misconduct, and uproot recidivists from the marketplace.[13]

There are other possible reasons for this shift in focus towards individual targets. One is the rationale that it is unfair to hold corporations liable for wrongdoing because shareholders ultimately end up footing the bill, a view held by Clayton. Another reason is both budgetary and political. The President’s initial budget proposal to Congress for fiscal year 2018 essentially froze the SEC’s budget at $1.6 billion and eliminated the agency reserve fund established by the Dodd Frank Act. At a securities conference in October, Enforcement Co-Director Steven Peikin noted that the Commission’s strategy is necessary to accommodate the new fiscal environment, stating, “it may be the case that we have to be selective and bring a few cases to send a broader message rather than sweep the entire field.” Passed by the House of Representatives in September, the budget is awaiting passage by the Senate.

A Look Ahead

Given this shift, what types of enforcement cases should industry professionals expect? Even after Clayton’s arrival, the SEC has continued to pursue offering fraud,[14] pump-and-dump schemes,[15] and insider trading.[16] Cases such as these can be expected to remain the norm, as they have traditionally formed the backbone of the SEC’s enforcement program. However, this fall, the Enforcement Division shed additional light on its future direction by announcing the creation of two new operations—the Retail Strategy Task Force and the Cyber Unit—designed to enhance investor protection and combat cyber-related threats, respectively, two of the SEC’s key priorities.[17] Although neither of these priorities are entirely new, they represent the Commission’s emphasis on efficiency by consolidating resources and employing new technologies. The introduction of these new units portends an eventual uptick in cases involving retail investors and cyber issues.

Through the Retail Strategy Task Force, the Division aspires to more effectively identify harm to retail investors by monitoring trade data. To do so, the Task Force will utilize data analytics and machine learning.[18] The Task Force will refer any suspected wrongdoing to the Division’s investigative staff for further review. The Division has cautioned that the Task Force will look for misconduct in institutions of all sizes. According to Enforcement Co-Director Stephanie Avakian, while “retail” refers to Ponzi schemes and microcap fraud, it also touches on misguided tactics at the “intersection of investment professionals and retail investors.”[19] So far, this category has included a wide variety of abuses of the advisor-customer relationship, including inadequate fee disclosures and unsuitable recommendations or trading decisions.[20]

In connection with the creation of the new Cyber Unit, the Commission has promised to more aggressively police security breaches, treating at least some cyber transactions as purchases or sales of securities that fall within the reach of the federal securities laws. The Enforcement Division will target individual hackers, as well as registered entities that fail to safeguard nonpublic information, and public companies that fail to disclose cyber-related risks. The SEC has also cautioned that under certain circumstances, digital tokens offered and sold by “virtual” organizations are securities, and thus are subject to the federal securities laws.[21] As such, issuers must register offers of these tokens unless an exemption applies, as must the securities exchanges where the tokens are traded. Interestingly, the Commission announced the Cyber Unit just five days after disclosing a hack of its own EDGAR filing system in September, which allowed access to nonpublic information and facilitated improper gains.[22]

Although the SEC’s enforcement program has lost some of its vigor, it has certainly not ground to a halt. Instead, the Division has streamlined its agenda, swapping its former sweeping approach for a narrower focus that is in step with the political moment.