The SEC has announced its fiscal 2022 Enforcement stats, which hit new records. According to the press release, during the year, the SEC filed 760 total enforcement actions, representing a 9% increase over the prior year. That total included 462 new, or “stand-alone,” enforcement actions, which “ran the gamut of conduct, from ‘first-of-their-kind’ actions to cases charging traditional securities law violations.” The SEC also recovered a record $6.4 billion in civil penalties, disgorgement and pre-judgment interest in SEC actions, an increase of 68% from $3.8 billion in the prior year. Civil penalties, at $4.2 billion, were also the highest on record. The press release emphasized that the increase in penalties is intended to “deter future misconduct and enhance public accountability.” In a number of cases, the SEC “recalibrated penalties for certain violations, included prophylactic remedies, and required admissions where appropriate” to make “clear that the fines were not just a cost of doing business.” According to Director of Enforcement Gurbir Grewal, the SEC doesn’t “expect to break these records and set new ones each year because we expect behaviors to change. We expect compliance.” Interestingly, disgorgement, at $2.2 billion, declined 6% from last year. As reported by the WSJ, Grewal, speaking at a recent conference, highlighted the fact that the SEC imposed more penalties than disgorgements, which, in his view, “demonstrated that ‘the potential consequences of violating the law are significantly greater than the potential rewards.’… He added that the SEC ordered more than twice as much in disgorgements as it did in penalties for the five fiscal years before the last one. ‘So while disgorgement was slightly down from the prior year…it is the first time that the amount ordered to be paid in penalties has been double the amount ordered to be paid in disgorgement,’ he said. ‘The increased penalty-to-disgorgement ratio nonetheless demonstrates that the risk-reward calculation is not what it was even a few years ago.’”

The press release also highlighted the high priority the SEC places on public company disclosures, with Enforcement focusing on the pursuit of issuers (and their employees) that make materially inaccurate disclosures, as well as auditors “who violate applicable laws and rules in connection with such disclosures.” The SEC cited as examples charges against Boeing and its former CEO for misleading statements issued after the crashes of two 737 MAX airplanes and charges against Compass Minerals International.


In the action against the Boeing Company, Boeing agreed to pay $200 million to settle charges that it made materially misleading statements following two airplane crashes, including statements assuring the public that the 737 MAX airplane was “as safe as any airplane that has ever flown the skies.” Grewal stated that Boeing and its former CEO “put profits over people by misleading investors about the safety of the 737 MAX all in an effort to rehabilitate Boeing’s image following two tragic accidents that resulted in the loss of 346 lives and incalculable grief to so many families….But public companies and their executives must provide accurate and complete information when they make disclosures to investors, no matter the circumstances. When they don’t, we will hold them accountable, as we did here.” (See this PubCo post.)

In the case against Compass Minerals, the SEC alleged that Compass misrepresented the impact of a technology upgrade at one of its salt mines, which the company had claimed would lead to cost savings, but actually led to increased costs and below-expectation results. Central to the case, however, was the purported failure of the company’s disclosure controls that resulted in the misleading statements: “statements to investors were not reviewed by personnel who were sufficiently knowledgeable about both Compass’s operations and its disclosure obligations.” The company was also charged with failing to disclose the potential financial risks arising out of the company’s contamination of a river in Brazil with excessive discharges of mercury, a failure the SEC also attributed to inadequate disclosure controls. (See this PubCo post.)

In addition, the SEC stressed the importance of individual accountability, noting that, in fiscal 2022, more than two-thirds of the SEC’s stand-alone enforcement actions involved at least one individual defendant or respondent, including executives such as the former CEO of Boeing. The SEC also highlighted the use of SOX 304 clawbacks against several senior executives at public companies, which required them to “return bonuses and compensation following misconduct at their firms, even though the executives were not personally charged with the misconduct.”

The SEC has also pursued several cases relating to inadequate cybersecurity and ESG, applying “time-tested principles concerning materiality, accuracy of disclosures, and fiduciary duty.” Among the cases this year was an action against Vale S.A., a publicly traded (NYSE) Brazilian mining company and one of the world’s largest iron ore producers.


The charges against Vale S.A. alleged that it made “false and misleading claims about the safety of its dams prior to the January 2019 collapse of its Brumadinho dam. The collapse killed 270 people, caused immeasurable environmental and social harm, and led to a loss of more than $4 billion in Vale’s market capitalization.” The SEC alleged that Vale “fraudulently assured investors that the company adhered to the ‘strictest international practices’ in evaluating dam safety and that 100 percent of its dams were certified to be in stable condition.” Significantly, these statements were contained, not just in Vale’s SEC filings, but also, in large part, in its sustainability reports. According to Grewal, “[m]any investors rely on ESG disclosures like those contained in Vale’s annual Sustainability Reports and other public filings to make informed investment decisions….By allegedly manipulating those disclosures, Vale compounded the social and environmental harm caused by the Brumadinho dam’s tragic collapse and undermined investors’ ability to evaluate the risks posed by Vale’s securities.” Notably, the press release regarding the case refers to the SEC’s Climate and ESG Task Force formed last year in the Division of Enforcement “with a mandate to identify material gaps or misstatements in issuers’ ESG disclosures, like the false and misleading claims made by Vale.” (See this PubCo post.)

For fiscal 2022, whistleblower awards were the second highest on record, both in the number of individuals receiving awards (103 awards) and the total dollar amounts awarded ($229 million).


Under the SEC’s whistleblower program, the SEC may “make monetary awards to eligible individuals who voluntarily provide original information that leads to successful SEC enforcement actions resulting in monetary sanctions exceeding $1 million and certain successful related actions.” Awards must be in the range of 10% to 30% of the monetary sanctions collected. In 2022, the SEC adopted two new amendments to the whistleblower rules affecting changes that had been adopted in 2020 regarding awards under related programs and award amounts. According to SEC Chair Gary Gensler, the amendments would “help enhance the whistleblower program. The first amendment expands the circumstances in which a whistleblower who assisted in a related action can receive an award from the Commission for that related action rather than from the other agency’s whistleblower program. The second amendment concerns the Commission’s authority to consider and adjust the dollar amount of a potential award. Under today’s amendments, when the Commission considers the size of the would-be award as grounds to change the award amount, it can do so only to increase the award, and not to decrease it. (See this PubCo post and this PubCo post.)


It’s worth noting that a recent academic paper and a recent lengthy article in Bloomberg were highly critical of the SEC’s whistleblower program. The academic paper observed that the SEC receives an average of 49 whistleblower tips every workday, and examined the “role played by private whistleblower attorneys in the tip-sifting process.” The author concluded that “tipsters represented by lawyers significantly outperform unrepresented ones, repeat-player lawyers outperform first-timers, and lawyers who used to work at the SEC outperform just about everybody. The upshot is that the SEC and CFTC have effectively privatized the tip-sifting function that is at the core of the WBPs. Private lawyers have likely extracted hundreds of millions of dollars in fees and expenses from these programs, with a disproportionate share going to a concentrated group of well-connected, repeat players. Unlike traditional plaintiffs’ side securities attorneys and attorneys who represent clients seeking government payments in many other contexts, private whistleblower lawyers operate free from virtually all public accountability, transparency, or regulation.” (See also this article in the WSJ.) Similarly, a Bloomberg Law investigation found that the SEC whistleblower program “often ignores its own rules, shields much of its work from the public, and has been a financial boon for law firms that hired former agency officials.”

According to the press release, the SEC protects whistleblowers by “pursuing individuals or entities who take steps to impede, or retaliate against them for, their whistleblowing,” including charges for overly restrictive confidentiality agreements (see, an earlier case, this PubCo post) and for “impeding an employee from communicating with the SEC regarding potential misconduct.”


In April, the SEC issued an Order in connection with a settled action charging a co-founder and officer of NS8, Inc., a privately held fraud-detection technology company, with violating the whistleblower protections of the Exchange Act. The SEC alleged that, after an NS8 employee raised concerns to the co-founder about a possible securities law violation, he took action to limit the employee’s access to the company’s IT systems. The SEC charged that these actions impeded the employee’s ability to communicate with the SEC in violation of Rule 21F-17(a) and imposed a $97,000 civil penalty. SEC Commissioner Hester Peirce dissented, contending that the SEC’s Order “does not explain what, precisely, Mr. Hansen did to hinder or obstruct direct communication between the NS8 Employee and the Commission.” (See this PubCo post.)

The press release also addressed investigations in parallel with criminal law enforcement, trial wins, use of the enforcement toolkit (including data analytics), meaningful cooperation, gatekeepers, crypto, private funds, regulated entities, market abuses, complex products, public finance abuse, the Foreign Corrupt Practices Act and penalties, undertakings and admissions. Attached to the press release is a 20-page addendum that identifies each action during the period