After weeks of headlines dominated by Equifax’s cyber breach affecting 143 million consumers and the breach of the SEC’s own EDGAR system, the SEC recently announced the creation of (i) a Cyber Unit to target cyber-related misconduct and (ii) a Retail Strategy Task Force to strengthen its protection of retail investors. Securities industry organizations and public companies should interpret these initiatives as a commitment to deterring fraud in the age of technology and protecting Main Street investors.
The New Cyber Unit
The Cyber Unit will leverage the Enforcement Division’s cyber-related expertise to target hot areas of misconduct, including:
- Market manipulation schemes spread through electronic and social media
- Hacking to obtain material nonpublic information
- Intrusions into retail brokerage accounts
- Violations involving blockchain technology and initial coin offerings
The Cyber Unit seeks to promote information sharing, risk monitoring, and incident response efforts throughout the agency. As one SEC representative stated: “Cyber-related threats and misconduct are among the greatest risks facing investors and the securities industry... The Cyber Unit will enhance our ability to detect and investigate cyber threats through increasing expertise in an area of critical national importance.”
The New Retail Strategy Task Force
The SEC’s Retail Strategy Task Force will prioritize strategies that target misconduct impacting retail investors, generally those who purchase securities for their own personal account.
The Retail Strategy Task Force “will develop proactive, targeted initiatives to identify misconduct impacting retail investors,” including the sale of unsuitable structured products and microcap pump-and-dump schemes. The task force aims to leverage data analytics and utilize enforcement personnel around the country to protect the “most vulnerable market participants.”