Just this week, the Securities and Exchange Commission announced its enforcement results from fiscal year 2022. The Commission recovered a record $6.4 billion in penalties and disgorgement from companies and individuals. The announcement touted the 760 total enforcement actions in FY 2022—a nine percent increase from the year before—and summarized areas of innovation and growth within the Enforcement Division. Two such areas are familiar refrains that are worth highlighting: (1) the SEC leveraging its investigative process—emphasizing its use of data analytics—to identify suspicious activity; and (2) its penalties against “gatekeepers” (i.e., individuals and companies who owe a heightened duty of trust and responsibility to clients and investors).

 Data analytics expand the breadth of potential SEC enforcement actions. In July 2022, the SEC charged nine individuals with three separate alleged insider trading schemes. All three cases originated from the Market Abuse Unit, which uses automated data analysis to identify suspicious trades and potential sources of material nonpublic information. Two of the July charges were typical: corporate officers and fiduciaries sharing insider information gained by virtue of their employment. The third, however, involved a former FBI trainee secretly viewing a binder of merger documents from his then-romantic partner, who worked as an attorney for one of the entities. While the inner workings of the SEC’s data analysis program are not public, it was robust enough to identify that atypical violation and flag it for investigation. The SEC appears poised to continue identifying similar behavior for investigations in FY 2023.

Gatekeepers have been put on notice—again. In FY 2022, the SEC charged multiple auditors, lawyers, and transfer agents with failing to live up to their heightened duty of trust and responsibilities. Large auditing firms faced charges stemming from improper professional conduct and failing to comply with fundamental U.S. auditing requirements. Two individual attorneys were charged with violation of Section 17(a) of the Securities Act after attempting to defraud investors through material misstatements of fact and misrepresentations regarding the law. Finally, a recidivist transfer agency and transfer agent were caught doing business together while still subject to a Commission-imposed bar on associating. Although the outcomes and penalties varied across the cases in FY 2022, the SEC has once again declared open season on gatekeepers who breach their fiduciary duties towards their clients, disobey Commission orders, or violate the securities laws.

Companies and general counsel should heed the warnings from the SEC’s recent announcement and take appropriate action in FY 2023. Our recommendations include:

  • Data matters: The SEC’s emphasis on incorporating “data analytics” is really just a modern example of the Commission’s enforcement program’s long-standing tenet of leveraging its investigative process to ferret out securities laws violations. It is not just the SEC; the DOJ has recently made similar statements. Companies should seek to incorporate data analytics into their own compliance programs to understand the potential red flags the available data may wave to the enforcement agencies, who are developing their own data-driven identification and enforcement regimes.
  • Gatekeepers should be minding the gate: After trumpeting FY 2022’s “highest penalty ever ordered” against a major audit firm, the SEC is likely to continue to search out and investigate fraudulent, deceptive, and negligent behavior amongst those who owe a duty to clients and investors. Although this renewed focus on gatekeepers is a familiar tune—similar warnings sounded after the passage of the Securities Investor Protection Act in the ‘70s and Sarbanes-Oxley Act in the ‘00s—attorneys and other professionals should take their cue from the Commission and follow their beat. To that end, attorneys, auditors, and transfer agents must continue to hone their compliance practices to ensure that they are satisfying the heightened obligations to clients. Furthermore, clients and in-house counsel should confirm that their auditors and outside counsel are following best practices.