Updates:

  • SEC whistleblower program: We last covered the SEC’s whistleblower program in our November 2016 newsletterunder “Give a Little Whistle—SEC Whistleblower Program Update.” Some more updates:
    • On December 9, 2016, the SEC announced that it had granted an award of $900,000 (“nearly $1 million”) to a whistleblower “whose tip enabled the SEC to bring multiple enforcement actions against wrongdoers.” This was the second whistleblower award within one week. The SEC said that, with this award, “[m]ore than $136 million has been awarded to 37 whistleblowers who voluntarily provided the SEC with original and useful information that led to a successful enforcement action.”
    • On December 5, 2016, the SEC announced that it had granted an award of approximately $3.5 million to a person “for coming forward with information that led to an SEC enforcement action.” The SEC said that “since issuing its first award in 2012 . . . SEC enforcement actions from whistleblower tips have resulted in more than $874 million in financial remedies.”
    • On November 14, 2016, the SEC announced that it had granted an award under its whistleblower program of more than $20 million to a person who “promptly came forward with valuable information that enabled the SEC to move quickly and initiate an enforcement action against wrongdoers before they could squander the money.” The SEC said that the $20 million award was the third-highest award issued to date under its whistleblower program.
    • On November 15, 2016, the SEC’s Office of the Whistleblower delivered its Fiscal Year 2016 annual report to Congress.
    • On October 24, 2016, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a risk alert titled “Examining Whistleblower Rule Compliance.” In the alert, the OCIE advised investment advisers and broker-dealers that in upcoming inspections the OCIE will be looking for illegal restrictions on individuals communicating with the SEC about potential securities law offenses in violation of Dodd-Frank and the SEC’s whistleblower program. The OCIE said that SEC examiners will focus on compliance manuals, codes of ethics, employment agreements, and severance agreements. The alert cited recent SEC actions (Blue Linx, etc.) involving restrictive language in severance agreements.
  • On November 9, 2016, the DOJ announced that futures trader Navinder Singh Sarao pleaded guilty to “spoofing” and manipulating the futures market in connection with, among other things, the 2010 “Flash Crash,” when the Dow Jones Industrial Average plunged 600 points in five minutes. We discussed Sarao’s role in the “Flash Crash” in connection with the CFTC’s whistleblower program in our May 2015 newsletter under “Whistle While You Work: April Showers Bring Big Whistleblower Awards, Some to Compliance Officers.”
  • On October 10, 2016, Bloomberg reported that the SEC administrative trial against self-described “Diva of Distress” Lynn Tilton (Tilton) commenced before an SEC administrative law judge. The SEC originally brought charges on March 31, 2015, against Tilton and her investment firms Patriarch Partners LLC and related Patriarch limited liability companies for fraud and breach of fiduciary duty for hiding from investors the poor performance of loan assets in three collateralized loan obligation funds they managed. On April 1, 2015, Tilton brought suit in the Southern District of New York to enjoin the SEC’s administrative proceedings and challenge their constitutionality, which eventually resulted in the Second Circuit denying Tilton’s challenge on June 1, 2016, on lack of subject matter jurisdiction and exhaustion of remedies grounds. We covered Tilton’s original challenge in our April 2015 newsletter under “Wherefore Art Thou Due Process? SEC Administrative Hearings Under Attack.”
  • On October 4, 2016, the U.S. Supreme Court heard oral argument in Shaw v. U.S. regarding the question presented of whether proving a scheme to defraud a bank in violation of 18 U.S.C. § 1344(1) requires proving an intent that the bank be the victim of the fraud. For a summary of the oral argument, see the article titled “Supreme Court Considers the Necessary Intent for Bank Fraud” in Manatt’s October 2016 Financial Services Law newsletter. We discussed this case and the Supreme Court’s grant of certiorari in our June 2016 newsletter under “Eye on the Supreme Court—Corruption and Fraud Edition.”

New rulemaking/advisories:

  • On October 26, 2016, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to financial institutions on cyber events and cyber-enabled crime. FinCEN said that the advisory was meant “to assist financial institutions in understanding their Bank Secrecy Act (BSA) obligations regarding cyber-events and cyber-enabled crime” and “also highlights how BSA reporting helps U.S. authorities combat cyber-events and cyber-enabled crime.” The areas covered in the advisory are (1) “Reporting cyber-enabled crime and cyber-events through Suspicious Activity Reports (SARs)”; (2) “Including relevant and available cyber-related information (e.g., Internet Protocol (IP) addresses with timestamps, virtual-wallet information, device identifiers) in SARs”; (3) “Collaborating between BSA/Anti-Money Laundering (AML) units and in-house cybersecurity units to identify suspicious activity”; and (4) “Sharing information, including cyber-related information, among financial institutions to guard against and report money laundering, terrorism financing, and cyber-enabled crime.” For a detailed discussion of FinCEN’s advisory, see Manatt partner David Gershon’s November 10, 2016, news alert titled “FinCEN: Cyber Events Should Be Reported via SARs.”
  • On October 19, 2016, the Board of Governors of the Federal Reserve System (Federal Reserve), Office of the Comptroller of the Currency (OCC), and Federal Deposit Insurance Corporation (FDIC) (collectively, “Agencies”) released a joint Advance Notice of Proposed Rulemaking (ANPR) titled “Enhanced Cyber Risk Management Standards.” The ANPR said that the Agencies are considering establishing enhanced standards to increase the operational resilience of “large and interconnected entities under their supervision and those entities’ service providers” and to reduce the impact of a cyber event on those entities. The ANPR addresses five categories of cyber standards: (1) cyber risk governance; (2) cyber risk management; (3) internal dependency management; (4) external dependency management; and (5) incident response, cyber resilience, and situational awareness. The Agencies said they “are considering implementing the enhanced standards in a tiered manner, imposing more stringent standards on the systems of those entities that are critical to the functioning of the financial sector.” The ANPR requests that comments be submitted by January 1, 2017. For a detailed discussion of the ANPR, see Manatt partner David Gershon’s November 10, 2016, news alert titled “Federal Regulators Seek Comments on Proposed Cybersecurity Rulemaking.”
  • On October 2, 2016, the DOJ’s National Security Division published a memo titled “Guidance Regarding Voluntary Self-Disclosures, Cooperation, and Remediation in Export Control and Sanctions Investigations Involving Business Organizations” that sets out a policy framework for negotiated resolutions with companies involved in criminal economic sanctions and export control investigations.

Talks about town: In addition to the talks by government officials referenced elsewhere in this newsletter, other government officials were making the rounds:

  • On December 7, 2016, Assistant Attorney General Leslie R. Caldwell spoke about cybercrime enforcement at the Center for Strategic and International Studies in Washington, D.C. In addition, on December 8, 2016, Attorney General Loretta E. Lynch and Homeland Security Secretary Jeh Johnson, together with Chinese State Councilor and Minister of the Ministry of Public Security Guo Shengkun, co-chaired the third U.S.-China High-Level Joint Dialogue on Cybercrime and Related Issues.
  • On November 18, 2016, outgoing SEC Chair Mary Jo White (who announced on November 14, 2016, that she was stepping down from her position as SEC Chair effective January 2017) spoke at the New York University School of Law Program on Corporate Compliance and Enforcement in New York. Also on November 14, 2016, SEC Chair White gave the opening remarks at the first-ever Fintech Forum in Washington, D.C.
  • On November 17, 2016, Jamal El-Hindi, Deputy Director of FinCEN, spoke at the 2016 ABA/ABA Money Laundering Enforcement Conference in Washington, D.C.