Nov. 6, 2023
Good morning and thank you, Jim [Burns], for that introduction. I am pleased to be part of the 2023 conference on SEC Regulation Outside the United States to deliver the Fifth Annual Scott Friestad Memorial Lecture.
I had the privilege of working with Scott Friestad at the Securities and Exchange Commission for nearly a dozen years. I arrived at the SEC in October 2006 to serve as counsel to Commissioner Paul Atkins. This was about 18 months after Scott had been promoted to Associate Director in our Division of Enforcement. At the time, each Commissioner had three counsels and, in our office, each one of us handled a third of the Enforcement recommendations.
I was first introduced to Scott by one of my fellow counsels – Dan Gallagher, who would later serve as an SEC Commissioner from 2011 to 2015. From time to time, Scott’s enforcement cases would be assigned to me. Scott would patiently explain the enforcement process as well as the limitations on what enforcement could do. Most importantly, Scott stressed the need to exercise appropriate judgment and discretion in exercising the Commission’s enforcement authority.
Subsequently, I returned to the executive staff in 2013 as counsel to Commissioner Michael Piwowar. Once again, I worked with Scott on enforcement recommendations from his group. It was during this period that I became aware of his illness and I was greatly saddened by his passing in 2018. My favorite memory of Scott is crossing paths on the way to or from getting lunch in Union Station, where Scott was often accompanied by his close friends and co-workers Tom Sporkin, Greg Faragasso, and John Polise.
With Scott’s legacy in mind, it would be appropriate to share some thoughts about the use of the Commission’s enforcement authority. These remarks reflect my individual views as a Commissioner of the SEC and do not necessarily reflect those of the full Commission or my fellow Commissioners.
The focus on enforcement, however, should not be viewed as diminishing a variety of important SEC issues facing global market participants. For example, foreign investment advisers have faced numerous hurdles in registering with the SEC, the pending move to T+1 settlement in the equity markets raises potential mismatches with foreign jurisdictions that will need to be resolved, and some of the SEC’s shortened filing deadlines may present challenges for those in foreign time zones.
The legal system of the United States has its roots in the laws of England. Most notably, the Magna Carta, issued in 1215, expressed the idea that a country should be governed by the rule of law. The declaration that “no free man shall be seized, imprisoned, dispossessed, outlawed, exiled or ruined in any way, nor in any way proceeded against, except by the lawful judgment of his peers and the law of the land” runs through key parts of the U.S. Constitution, including the Fourth, Fifth, Sixth, Seventh, Eighth, and Fourteenth Amendments.
As the civil regulator for the federal securities laws, the SEC invokes the sovereign power of the United States in administering and enforcing such laws and the regulations thereunder. Indeed, enforcement is one of the SEC’s major activities and the Division of Enforcement is one of its largest operating units. The Enforcement staff, which consists of more than 1,300 individuals, conducts investigations into possible violations of the federal securities laws and litigates the Commission’s civil enforcement proceedings. The U.S. Congress has given the SEC a robust set of investigatory tools and the power to seek a variety of remedies, including injunctions, disgorgement, bars, and civil penalties.
The power and role of the SEC in carrying out enforcement actions cannot be understated. For example, the legal standard for a government regulator like the SEC to issue an administrative subpoena is “official curiosity.” Unlike criminal prosecutors and the police, civil regulators do not need to have any evidence, akin to probable cause, before issuing subpoenas. According to a 1950 decision of the U.S. Supreme Court, administrative agencies have a “power of inquisition” whereby they can “investigate merely on suspicion that the law is being violated, or even just because it wants assurance that it is not.” This is a low threshold and, thus, the protection against potential abuse is largely left to the discretion and judgment of the investigating agency.
While it is important for government regulators to pursue bad actors, the ease at which an official investigation can be launched suggests that there ought to be objective and articulable standards to guide the exercise of such power by enforcement staff.
A key concept under the rule of law is that similarly situated people should be treated similarly. However, when there is a low threshold to launching an investigation that lacks sufficient guardrails, the potential for abuse increases. For instance, it would be inappropriate to single out otherwise lawful financial products that might be viewed disfavorably. Targeting lawful, but disfavored, products and conduct with investigations and administrative subpoenas based on the “official curiosity” standard runs the risk of turning the SEC into a merit regulator – which was an approach that the U.S. Congress did not take in enacting the federal securities laws.
At times, it may be appealing to set regulatory policy through enforcement actions. But the SEC ought to be reluctant to pursue that approach, especially when it effectively creates new definitions or interpretations that affect conduct not previously deemed unlawful. If there are regulatory provisions that are unclear and/or ambiguous, the Commission and its staff can and should provide clarity to market participants, which can occur in the form of rules, interpretations, guidance, and no-action letters. This clarity should be provided before resorting to enforcement actions. The SEC’s enforcement efforts should be limited to enforcing the rules as written, and should not create novel and innovative interpretations that broaden the scope of these rules and the Commission’s jurisdiction over markets and their participants.
In addition, U.S. law generally requires that, when engaging in rulemaking, a federal agency must give notice of the proposed rulemaking and solicit comment from interested parties on the proposed rule. This process has been described as “notice and comment.”
However, enforcement actions are not subject to notice and comment. The only individuals involved in the discussions are the enforcement staff, the defendants, and their counsel. The language of enforcement orders is negotiated among them, and the full context of those discussions may not be included. While some may view an order as providing guidance on the SEC’s views, it may be difficult to ascertain how the order might apply to other situations as it is limited in scope to the facts and circumstances of the specific case. Thus, using enforcement actions as a method to set regulatory policy means that the public is denied a chance to provide input.
Today, I want to discuss three areas where insufficient clarity may result in a lack of understanding, and potentially fair notice, of novel interpretations that the SEC has undertaken in recent enforcement actions. These areas are: (1) the scope of the definition of a dealer under the Securities Exchange Act of 1934; (2) cryptocurrencies; and (3) off-channel communications by broker-dealers.
Definition of a “Dealer” Under the Securities Exchange Act
Section 3(a)(5)(a) of the Exchange Act defines a dealer as, “any person engaged in the business of buying and selling securities for his own account, through a broker or otherwise.” If a person is a dealer, then that person must register with the SEC as a dealer and become a member of a self-regulatory organization like FINRA unless an exception otherwise applies. In addition, the person must become a member of SIPC, adhere to a comprehensive regulatory regime, including the net capital rule and Consolidated Audit Trail reporting, and be subject to examination by the SEC and FINRA. For individuals, the compliance costs could be disproportionately large relative to their financial activity.
Traders are specifically excluded from the dealer definition and are defined as “a person who buys and sells securities for his or her own account, either individually or in a fiduciary capacity, but not as part of a regular business.” Thus, it is important for a person to know whether he or she is a dealer and, if so, whether an exception like the trader exclusion is applicable.
In August 2022, the Commission filed a case against Crown Bridge Partners, LLC (“Crown Bridge”) and its two members, who were brothers, alleging that they “engaged in the buying and selling large volumes of penny stocks for their own account.” Crown Bridge would purchase convertible notes from penny stock issuers, hold the notes for a period of time, and subsequently convert the notes into unrestricted, newly issued shares of stock at a discount to the prevailing market price and resell those shares into the market.
In an effort to comply with the registration requirements under the Securities Act of 1933, Crown Bridge conducted its activities in accordance with Rule 144. This rule provided Crown Bridge with a safe harbor from the statutory definition of being an “underwriter,” which allowed the firm to resell shares from converted notes without the need to register the resales under the Securities Act.
Having taken apparent care with its regulatory obligations for the resales of shares under the Securities Act, it is unclear whether Crown Bridge also assessed whether it needed to register as a dealer under the Exchange Act. Had the members of Crown Bridge searched the SEC’s website, they might have come across a document posted as the “SEC’s Guide to Broker Dealer Registration.” The Guide notes that individuals who buy and sell securities for themselves generally are considered traders and not dealers. The Guide says that the following individuals and business may need to register as a dealer depending on a number of factors: a person who holds themselves out as being willing to buy or sell a particular security on a continuous basis; a person who runs a matched book of repurchase agreements; or a person who issues or originates securities that he also buys and sells. The Guide also includes a list of questions one should ask themselves to determine whether they are acting as a dealer, including:
- Do you advertise that you are in the business of buying or selling securities?
- Do you do business with the public – either retail or institutional?
- Do you make a market in, or quote prices for both purchases and sales of, one or more securities?
- Do you provide services to investors, such as handling money and securities, extending credit or giving investment advice?
- Do you write derivative contracts that are securities?
It would be understandable if Crown Bridge, after reviewing the Guide, were to conclude that their conduct did not require them to register with the Commission as a dealer since they were using their own money and did not provide services to clients or do business with the public.
Nonetheless, the SEC sued Crown Bridge for unregistered dealer activity. The case was ultimately settled. Was fair notice of this interpretation given to market participants? Would there have been better ways to communicate the SEC’s views prior to instituting an enforcement action? Questions and challenges to this approach have been raised. The Crown Bridge case is only one of a number of similar cases brought by the SEC in recent years, some of which are currently pending in the judicial system.
Let’s turn to one of the most discussed areas of the U.S. federal securities laws when someone mentions regulation by enforcement: cryptocurrencies and digital assets. For years, market participants have expressed concern about a lack of regulatory guidance in the crypto space. Let’s be clear about it – enforcement actions are not well-suited for providing guidance. By their very nature, enforcement actions are post hoc actions. However, one of the primary responsibilities of a regulator is to set clear expectations on permitted and prohibited conduct in advance so that law-abiding market participants can comply ex ante.
Accordingly, the Commission should consider proposing rules or issuing interpretive guidance with respect to cryptocurrencies and digital assets. It’s unfortunate that, despite the large number of rule proposals issued by the SEC during the last two years, cryptocurrency was not among them. A responsible regulator considers how the laws and rules apply to new types of securities and then develops or modifies those provisions so that the regulatory requirements can be satisfied.
Importantly, the federal securities laws only apply when the instrument at issue is a security; therefore, providing clarity on the jurisdictional status is imperative. What is, and what is not, a security can be a difficult analysis – not just for market participants, but also for the courts who must analyze the investment contract test described by the U.S. Supreme Court in a 1946 decision. In SEC v. W.J. Howey Co., the U.S. Supreme Court held that an investment contract means a contract, transaction, or scheme whereby a person invests money in a common enterprise and is led to expect profits from the efforts of the promoter or a third party.
The SEC could have proactively contributed to the creation of a body of law regarding cryptocurrencies and digital assets. Unfortunately, the SEC did not take this approach and instead is pursuing a case-by-case approach through enforcement actions. As a result, it will take years to reach any type of legally-binding precedent, as matters will need to wind their way through the courts before reaching the court of appeals level.
The third area is the large number of off-channel communications cases that have been brought over the last two years under Section 17(a) of the Exchange Act and Rule 17a-4(b)(4) thereunder. This rule requires broker-dealers to create, and preserve in an easily accessible place, originals of all communications received and copies of all communications sent relating to the firm’s business. This is an area where market participants, regulators, and investors might have benefitted had the SEC issued additional guidance on what is included in the phrase “communications…relating to the firm’s business.” The world is very different from a technological perspective today than it was when these rules were first adopted in 1997.
There was a time not too long ago when employees, for the most part, physically sat in offices and spoke to their co-workers in person. Almost all communications, as Bloomberg columnist Matt Levine points out, were informal and not recorded and the SEC, therefore, only had access to a limited portion of communications by brokerage firms. None of those verbal communications were business records that were required to be maintained.
The question becomes, what is considered to be a business communication? A paragraph from one SEC settlement order says that “a senior executive of [the Firm’s] broker-dealer entity exchanged text messages with over two dozen other [Firm] employees, including superiors and at least five employees who reported to him.” In a separate order, a paragraph reads, “a managing director and head of trading communicated by text message and WhatsApp with at least 14 other [Firm] employees, including at least five whom he supervised.” Notable is that neither of these paragraphs discloses the content of the communications the firms are alleged to have sent that ultimately caused a violation of recordkeeping provisions.
If co-workers text each other about having lunch – is that a business record? What if they discuss business at lunch but the text message makes no mention of the business to be discussed? Ensuring that the SEC’s rulebook evolves with technological developments would help management and compliance professionals know what standards they need to meet and will help prevent enforcement actions going forward.
The civil penalties associated with these settled actions have been astonishing, particularly since no investor harm has been identified. In September 2022, the Commission announced civil penalties against a small number of firms for $1.1 billion. Given the size of these amounts, perhaps there should have been more transparency on how the penalty amounts were calculated. The penalties are not the only cost to the firms entering into settlement agreements, because detailed undertakings were also included and those will impose significant costs as well.
“With great power comes great responsibility.” Regulators with enforcement power would do well to remember that. Effective deterrence requires persons to understand what conduct is prohibited. The mere fact that the law might allow the SEC to do something, does not mean that the SEC should. Regulators should be expected to exercise appropriate judgement in carrying out its investigative and sanctioning authority and to have an articulable basis for those decisions. Simply citing “official curiosity” should not be sufficient for jumping to enforcement actions when laws are unclear or have been reinterpreted.
Determining whether a person’s conduct violates the federal securities laws should not be akin to the Hogwart’s sorting hat from Harry Potter, where one’s fate is predicted, sometimes wrongly, based on which rule or law the SEC plans to enforce in a way that it has not been interpreted before. Market participants should not be engaged in a game of chance – waiting for rules to be retroactively reinterpreted to include their conduct and then being subject to an investigation years later. The SEC requires disclosures and transparency from market participants. Perhaps the SEC owes that same level of transparency to the market with respect to how it interprets its own rules. That transparency will help ensure the rules are applied fairly and evenly to everyone or – as inscribed on the U.S. Supreme Court building nearly 720 years after the Magna Carta – “equal justice under law.”
Thank you for listening and enjoy the rest of the conference.
 United States v. Morton Salt. Co., 338 U.S. 632 (1950).
 5 U.S.C. §§ 551-559.
 17 CFR § 240.15c3-1.
 15 U.S.C. 78c(a)(5)(A) and (B).
 See SEC v. Actus Fund Management, LLC., No. 1:23-cv-111233 (D. Mass.); SEC v. Almagarby, No. 21-13755 (11th Cir.); SEC v. Keener, No. 22-14237 (11th Cir.), SEC v. LG Capital Funding, LLC, No. 1:22-cv-03353 (E.D.N.Y), SEC v. Carebourne Capital L.P., No. 21-cv-02114 (D. Minn.), SEC v. Morningview Financial, LLC, 1:22-cv-08142 (S.D.N.Y), SEC v. Fife, No. 1:20-cv-05227 (N.D. Ill.), SEC v. Fierro, No. 3:20-cv-02104 (D.N.J.), SEC v. GPL Ventures LLC, No. 1:21-cv-06814 (S.D.N.Y.), SEC v. River North Equity LLC, No. 1:19-cv-01711 (N.D. Ill.), and SEC v. Long, No. 1:23-cv-14260 (N.D. Ill).
 Securities and Exchange Commission v. W. J. Howey Co., 328 U.S. 293 (1946).
 See Spider-Man (1962); Voltaire; Winston Churchill (1906). Take your pick.