Subject to Inquiry

Subject to Inquiry


Government Investigations and White Collar Litigation Group
Compliance, Securities and Commodities

Pitfalls to Avoid in Investment Adviser Compliance Programs: SEC OCIE Risk Alert

On November 19, 2020, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a risk alert, OCIE Observations: Investment Adviser Compliance Programs, to provide the industry with insights regarding their findings in their examinations relating to Rule 206(4)-7 under the Investment Advisers Act of 1940 (“Advisers Act”) or the Compliance Rule.
Continue Reading

Compliance, Financial Institution Regulation, Securities and Commodities, Uncategorized

OCIE Finds Supervision Failures at Multiple-Branch Office Investment Advisers

On November 9, 2020, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced the results of its examination of nearly 40 SEC-registered investment advisers that operate multiple branch offices (the “Risk Alert”). Most of the firms examined conducted their advisory business out of at least 10 branch offices. OCIE observed a wide range of deficiencies across the advisers it examined, largely stemming from failures to implement policies and procedures designed to ensure compliance with the Advisers Act at branch offices. The Risk Alert serves as a warning, and reminder, to firms operating multiple branches of the need for careful attention to the unique risks posed by this model.

Continue Reading

Financial Institution Regulation, Securities and Commodities, Uncategorized

Yet Another Mutual Fund Fee Issue or “Death by a Thousand Cuts”: FINRA Sweep of Rights of Reinstatement Waivers

What is the Issue?

It may not be “death by a thousand cuts” but it may feel like it, as yet another mutual fund fee issue is being raised by the regulators. FINRA issued a “targeted examination letter” focused on Rights of Reinstatement (“RoR”) due to customers in certain mutual fund sales and purchases. RoRs involve fee waivers or rebates due to customers who redeem or sell shares in a fund and subsequently reinvest some or all of the proceeds from the sale/redemption in the same share class of that fund or another fund within the same fund family subject to stated terms and conditions. Interestingly, the time period between the sale/redemption and subsequent purchase of qualifying shares is determined by the fund issuers and described in the prospectuses or statement of additional information (“SAI”) and can vary from 90 days to 120 days, but can be as long as 365 days.[1] The waivers or rebates may involve a front-end sales charge waiver (often, but not always, involving A shares) or a rebate of all or part of a contingent deferred sales charge fee (“CDSC”) (for example, with C share transactions).

Continue Reading


FCA Bans Three People From Working in Financial Services Industry, for Non-Financial Misconduct

On 5 November, the Financial Conduct Authority, the UK’s financial services regulator, permanently banned three men convicted of non-financial criminal offences from ever working in the financial services industry, on the basis that they do not meet criteria defining a fit and proper person.

For details about this latest development and implications for the industry, please see our alert.


Ready or Not…Government Contractor Cybersecurity Requirements Roll Out This Month

The Department of Defense is rolling out new regulations over the next five years to set progressive steps toward mandatory cybersecurity certification for government contractors. The first set of requirements goes into effect Nov. 30.

Click here to learn what contractors must do now to ensure they are eligible for award of new contracts, task orders, delivery orders or option terms.

Compliance, Securities and Commodities

2020 NASAA Fintech and Cyber Security Symposium – A Download of Key Comments

On October 27, the North American Securities Administrators Association[1] held its 2020 symposium on Fintech and Cybersecurity. A key theme of the symposium was the impact that the pandemic has had on fintech, cybersecurity, and regulating the financial markets  –  given that regulators and securities industry professionals are largely working from home. The panelists also discussed new technological innovations that are likely to impact both the fintech industry and cybersecurity.

Continue Reading

Compliance, Enforcement and Prosecution Policy and Trends, Securities and Commodities

The SEC Speaks 2020: Enforcement Panel Signals Full Speed Ahead Regardless of the Pandemic

Senior officials from the U.S. Securities and Exchange Commission Division of Enforcement convened at a virtual The SEC Speaks conference panel to discuss fiscal year 2020 enforcement results and report on enforcement priorities. To no one’s surprise, the impact of the pandemic on enforcement was a significant part of the discussion.

Read our alert for key takeaways from the panel presentation, which discussed investigative adjustments within the enforcement program, the use of data analytics to combat fraud, the SEC’s whistleblower program, the impact of SEC v. Liu on investigations and litigation, creditworthy cooperation and what to expect in future enforcement.

Anti-Money Laundering

FinCEN Rule Ends AML Program Exemption for Banks that Lack a Federal Regulator

On September 15, 2020, the Financial Crimes Enforcement Network (“FinCEN”) published a Final Rule bringing banks that lack a federal functional regulator further under its purview. The rule subjects these institutions to minimum standards for anti-money laundering (“AML”) requirements, including a BSA officer, AML policies and procedures, and regular employee training, among other obligations. It also extends Customer Identification Program and beneficial owner requirements to these banks.

The banks subject to this new rule include state-chartered, non-depository trust companies; non-federally insured credit unions; private banks; and other non-federally regulated banks.

The Rule, in accordance with the May 11, 2016 Customer Due Diligence Final Rule, requires minimum standards for AML programs “to ensure that all banks, regardless of whether they are subject to Federal regulation and oversight, are required to establish and implement written AML programs, including conducting ongoing customer due diligence, and to identify and verify the identity of the beneficial owners of their legal entity customers.”

FinCEN issued this rule because the gap in AML coverage between banks with and without a Federal functional regulator “presented a vulnerability to the U.S. financial system that could be exploited by bad actors . . . .” Accordingly, by implementing this Rule, FinCEN stated in its press release that it has eliminated the existing AML program exemption for banks without a Federal functional regulator in an effort to “ensure [BSA] coverage across the banking industry.”

The Rule will take effect on November 16, and institutions will have 180 days from the day the Final Rule was published to comply with it. Banks subject to the new rule must act now to ensure they have a robust and compliant AML program in place to meet the Rule’s requirements by the compliance deadline of March 15, 2021.

Securities and Commodities

Still Standing: SEC Disgorgement Survives with Limitations

In Liu v. SEC, the Supreme Court answered the question that remained following its 2017 opinion in Kokesh v. SEC:  “whether, and to what extent, the SEC may seek ‘disgorgement’ in the first instance through its power to award ‘equitable relief’” in a federal district court action under Section 21(d)(5) of the Securities Exchange Act of 1934 (15 U.S.C. § 78u(d)(5)).  Liu v. SEC, No. 18-1501 at 1.  In an opinion written by Justice Sotomayor (who also wrote Kokesh), the Court held that disgorgement, properly tailored, was an equitable remedy available in federal court SEC enforcement actions.  Liu, however, leaves the scope of the disgorgement remedy uncertain—as well as whether the five-year statute of limitations interpreted in Kokesh continues to apply to disgorgement claims that are properly tailored as “equitable relief” under the framework set forth in Liu.

In Kokesh, the Supreme Court determined that the five-year statute of limitations for penalties, 28 U.S.C. § 2462, applied not only to civil monetary penalties but also when the SEC sought disgorgement of a wrongdoer’s ill-gotten gains.  SEC v. Kokesh, 137 S. Ct. 1635, 1639 (2017).  That decision rested on the Court’s recognition of three features of disgorgement that the Court observed in SEC enforcement actions: (1) disgorgement was imposed as a consequence of violating a public law, an offense against the United States, and not an individual; (2) disgorgement was imposed for punitive purposes to deter wrongdoers, with the amount of disgorgement often exceeding the amount of net profits; and (3) disgorgement was not compensatory because disgorged funds are paid to the Treasury.  Id. at 1643-44.  In the Kokesh Court’s view, these three qualities of disgorgement confirmed that the disgorgement remedy was a penalty subject to the five-year statute of limitations.  Although § 2462 is a different provision from Section 21(d)(5), Kokesh called into question whether disgorgement was within Section 21(d)(5)’s authorization of “any equitable relief that may be appropriate or necessary for the benefit of investors.”  15 U.S.C. § 78u(d)(5).  The Court recognized this potential tension in Kokesh, but explicitly refused to address “whether courts possess authority to order disgorgement in SEC enforcement proceedings or . . . whether courts have properly applied disgorgement principles in this context,” thus setting the stage for LiuSee id. at 1642 n.3.

To determine whether disgorgement was “equitable relief” for purposes of Section 21(d)(5), the Supreme Court in Liu analyzed whether disgorgement was within “those categories of relief that were typically available in equity.”  Liu at 5.  Surveying multiple cases involving equitable relief, the Court recognized that (1) equity had long authorized courts to strip wrongdoers of their ill-gotten gains, but (2) courts had only been authorized to strip net profits from wrongdoers to avoid converting an equitable remedy into a punitive sanction.  Id. at 6.  The Court also noted that Section 21(d)(5) stated the purpose of the equitable remedy was “for the benefit of investors,” suggesting that Congress intended the funds recovered through disgorgement to be returned to those who were harmed.  Id. at 14-15.  The rule itself that the Supreme Court crafted in Liu is thus clear:  Section 21(d)(5) authorizes the SEC to seek, and a court to order, “a disgorgement award that does not exceed a wrongdoer’s net profits and is awarded for victims.”  Id. at 1.

However, while the Court held that Section 21(d)(5) granted a court the power to order disgorgement in an SEC enforcement action, it set limitations on that power, stating that the traditional principles of equity imposed a limit on what the SEC could obtain through disgorgement.  Id. at 12.  In setting these limitations, however, the Court offered little guidance regarding how its interpretation of the disgorgement remedy is to be practically applied.  Specifically, the Liu decision left the resolution of three critical questions to the lower courts:  (1) how to determine what the “net profits” of a fraudulent scheme are and what expenses may be deducted from the proceeds of the scheme to arrive at the “net profits” subject to disgorgement; (2) whether and under what circumstances disgorged funds may be deposited with the Treasury or whether the funds must be disbursed to victims in every instance; and (3) under what circumstances a defendant can be ordered to disgorge another’s ill-gotten gains.  See id. at 12.

The rule articulated in Liu—that disgorgement is limited to net profits awarded for victims—is easy to state and appears to be firm.  Yet the Court’s discussion of the questions above makes clear that the rule does not establish a bright line, making it uncertain how the courts will apply Liu going forward, inviting the “great mischief” that Justice Thomas recognized in his dissent.  See id. at 6 (Thomas, J., dissenting).  For instance, while the Court held that “legitimate expenses” must be deducted from the proceeds of an unlawful undertaking before disgorgement could be ordered, the Court also held there was an exception for schemes where a business’s entire profit was attributable to wrongdoing.  Id. at 11-12.  Courts must therefore ascertain “whether expenses are legitimate or whether they are merely wrongful gains under another name.”  Id. at 19 (quotation marks omitted).  The Court also confronted the SEC’s practice of holding multiple defendants jointly and severally liable for disgorgement, a practice that was at odds with traditional equitable principles.  Id. at 10.  However, despite acknowledging a general rule against joint and several liability at equity, the Court did not set a firm rule prohibiting a court from entering an order disgorging from one defendant profits that accrued to another.  Instead, the Court recognized that the common law permitted liability for partners engaged in concerted wrongdoing, opening the door for “some flexibility to impose collective liability.”  Id. at 18.  The Court did not provide significant guidance to the lower courts to determine when joint liability might be appropriate, essentially directing courts to undertake a case-by-case analysis given “the wide spectrum of relationships between participants and beneficiaries of unlawful schemes.”  Id.  Lastly, although the SEC is required “to return a defendant’s gains to wronged investors for their benefit,” the Court ultimately offered no guidance regarding how a court should evaluate a potential claim by the SEC in instances where “the wrongdoer’s profits cannot practically be disbursed to the victims,” because such an order was not before the Court.  Id. at 16-17.  Liu left the question whether an order to pay funds to the Treasury can ever be consistent with equitable principles to the lower courts.

Liu’s impact may be more significant than recognizing that Section 21(d)(5) authorizes disgorgement and setting bounds on that remedy.  It is possible to read the decision to suggest that the Court’s holding in Kokesh no longer applies to disgorgement that is consistent with equitable principles.  The Liu Court’s holding that the SEC may only obtain net profits and as a general rule disgorgement should be paid to the injured limits the remedy authorized by Section 21(d)(5) in a way that eliminates two of the reasons the Kokesh court relied on to conclude that disgorgement was a penalty.  The Kokesh court observed that disgorgement was often punitive because (1) the amount of disgorgement exceeded net profits and (2) disgorgement was not compensatory because disgorged funds were paid to the Treasury.  But under Liu, neither of these features of disgorgement is authorized under Section 21(d)(5).  Indeed, the Liu decision acknowledges that the disgorgement remedy it approves is different from its understanding of disgorgement in Kokesh, noting that in Kokesh it considered a “version of the SEC’s disgorgement remedy that seemed to exceed the bounds of traditional equitable principles.”  Liu at 12 (emphasis added).  Therefore, although the Court did not reach the question, Liu could support the argument that Kokesh’s holding with respect to the statute of limitations applied only to non-equitable disgorgement, which under Liu is not an authorized form of disgorgement.  Thus, under this reading, properly tailored disgorgement under Liu would no longer be subject to the five-year statute of limitations.

On the other hand, there are strong reasons to believe that Liu did not alter the prevailing understanding of Kokesh’s holding and that the five-year statute of limitations continues to apply to all SEC enforcement actions in federal court seeking disgorgement.  Kokesh decided whether the disgorgement remedy was limited by § 2462, whereas Liu interpreted Section 21(d)(5), two different statutes with different language, and thus an interpretation of one should not control the other.  Liu also did not disturb the first reason that the Court gave in Kokesh for concluding that disgorgement was a penalty: that SEC disgorgement is imposed as a consequence for violating public laws, an offense against the United States, and not an individual.  The Court in Kokesh acknowledged that, even though disgorgement might serve “compensatory goals in some cases,” the fact that it had punitive purposes suggested disgorgement was a penalty for purposes of § 2462.  Thus, because Liu does not contradict or qualify Kokesh’s holding that disgorgement’s punitive character arises from the fact it is imposed as a consequence for a violation against the United States, there is an argument that disgorgement should continue to be limited by the five-year statute of limitations.

It is also not clear whether Liu will have a limiting effect on the SEC’s ability to obtain disgorgement in administrative proceedings.  A separate statute, Section 21C(e) of the Exchange Act, grants the SEC the authority to obtain “an order requiring accounting and disgorgement” in an administrative cease-and-desist proceeding.  25 U.S.C. § 77h-1(e).  As Justice Thomas observed in his dissent, “[i]t is unclear whether the majority’s new restrictions on disgorgement will apply to these proceedings as well,” creating the possibility that the SEC could obtain greater disgorgement of funds in administrative proceedings than in a litigated action in federal court.  See Liu at 7-8 (Thomas, J., dissenting).

Liu states a simple holding, that the SEC’s power to order disgorgement is limited to net profits awarded for victims.  Nevertheless, the holding leaves ample room for debate on how it impacts Kokesh, and how the SEC, litigants, and the courts will apply Liu to claims of disgorgement.  For sure, the industry can expect the SEC to reasonably advance the argument that Liu eliminated the concerns the Supreme Court identified in Kokesh and that disgorgement consistent with the principles of equity is no longer punitive and thus not subject to the five-year statute of limitations.

McGuireWoods is a national leader in securities enforcement defense. The firm’s securities enforcement and litigation team is part of an experienced and respected Government Investigations and White Collar Litigation Department that has been twice recognized as a Law360 Practice Group of the Year. We are comprised of former senior SEC and FINRA enforcement attorneys and litigators, as well as high-level federal prosecutors, and are experienced at managing every stage of complex regulatory investigations. Our team builds upon decades of experience of practicing before government agencies and regularly represents financial firms, audit committees, public companies, and their members, professionals and executives in internal and government criminal and civil investigations.

McGuireWoods’ Appeals and Issues practice team includes seven former U.S. Supreme Court clerks and handles hundreds of appeals in state and federal appellate courts each year. The National Law Journal named McGuireWoods to its prestigious 2018 Appellate Hot List honoring leading firms that achieved success before the U.S. Supreme Court and federal appeals courts.


If you have any questions or would like more information on the issues discussed in this piece, please contact the authors above, or any of the following McGuireWoods LLP lawyers:

Securities & Enforcement Team:

Atlanta: Cheryl L. Haas
Los Angeles: Molly M. White
New York: William E. Goydan, Noreen Kelly and Helen J. Moore
Pittsburgh: Alexander M. Madrid
Raleigh: Aline M. McCullough
Richmond: Anitra T. Cassas
Washington, D.C.: Emily P. Gordy, Louis D. Greenstein and E. Andrew Southerling

Supreme Court Team:

John D. Adams
Kathryn M. Barber
Gilbert C. Dickey
Matthew A. Fitzgerald
Benjamin L. Hatch
Andrew G. McBride
Brian D. Schmalzbach

Fraud, Deception and False Claims

Supreme Court to Resolve CFAA Circuit Split

Following an FBI sting, police sergeant Nathan Van Buren was convicted under the federal Computer Fraud and Abuse Act (“CFAA”) for selling license plate information obtained from a police database. The Eleventh Circuit upheld his conviction. In April, the Supreme Court granted certiorari in Van Buren v. United States, No. 19-783, to address a circuit split more than a decade in the making. At issue in Van Buren is the scope of the CFAA, specifically, whether a person who is authorized to access information on a computer violates the CFAA if he accesses that information for an improper purpose or misappropriates the information. The Court’s holding will have broad implications on both criminal and civil computer fraud liability.

Computers are ever-present today. And it’s hard to imagine conducting our business or personal affairs without them. That was not so true when Congress enacted the CFAA in 1986. Designed as an anti-hacking measure, the statute was intended “to provide additional penalties for fraud and related activities in connection with . . . computers.” Computer Fraud and Abuse Act of 1986, Pub. L. No. 99-474, 100 Stat. 1213. As relevant in Van Buren, the CFAA makes it a criminal offense to “intentionally access a computer without authorization or exceed authorized access, and thereby obtain. . . information from any protected computer.” 18 U.S.C. § 1030(a)(2)(C). A private right of action also exists for parties that are damaged by a violation of this section. Id. § 1030(g). The statute defines “exceeds authorized access” as “access[ing] a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.” Id. § 1030(e)(6). This is not particularly clear. Perhaps more troubling, section 1030(a)(2)(C) lacks any intent requirement, like “the intent to defraud” found in other parts of the CFAA.

On appeal, Van Buren argued that his conduct did not violate the CFAA because he was authorized to access the license plate information in the police database by virtue of his position as a police officer. Even if his purpose for accessing the information was inappropriate, he did not exceed his authorized access within the meaning of the statute. The Eleventh Circuit rejected this argument. Relying on the court’s prior decision in United States v. Rodriguez, it held that misusing a database that the defendant may lawfully access can still constitute computer fraud. Van Buren, 940 F.3d 1192, 1208 (11th Cir. 2019) (citing Rodriguez, 628 F.3d 1258 (11th Cir. 2010)).

In upholding Van Buren’s conviction, the Eleventh Circuit acknowledged the federal circuit split over the proper scope of the CFAA. The First, Fifth, Seventh and Eleventh Circuits have each adopted a broad interpretation of the statute. An individual authorized to access a computer for certain purposes violates the CFAA by using information gained for an improper purpose. In other words, the purpose of the access and the use of the information control. In United States v. John, for instance, the Fifth Circuit found that a bank employee entitled to access customer account information violated the CFAA when she provided that account information to third parties to incur fraudulent charges. The court reasoned that the bank employee exceeded her authorized access because her use of the account information was not a permitted use and was contrary to the bank’s policies. 597 F.3d 263, 270-273 (5th Cir. 2010).

In contrast, the Second, Fourth and Ninth Circuits do not consider mere misuse of information that an individual is authorized to access a violation of the statute. In adopting this narrower interpretation, the Ninth Circuit relied on the history of the CFAA as an “anti-hacking statute” while also noting the vast expansion of federal criminal law that would accompany a broader interpretation and the parade of horribles that could follow. Specifically, the court noted that “the computer gives employees new ways to procrastinate, by g-chatting with friends, playing games, shopping or watching sports highlights. Such activities are routinely prohibited by many computer-use policies, although employees are seldom disciplined for occasional use of work computers for personal purposes. Nevertheless, under the broad interpretation of the CFAA, such minor dalliances would become federal crimes.” United States v. Nosal, 676 F.3d 854, 860 (9th Cir. 2012).

The Supreme Court has not previously addressed the CFAA. However, over the past decade, the Court has narrowed federal fraud jurisdiction on multiple occasions overturning high profile convictions in the process. In Skilling v. United States, the Court cabined the federal honest services fraud statute to schemes involving bribery or kickbacks. 130 S. Ct. 2896 (2010). As justification for this limiting construction, the Court cited vagueness concerns and the rule that “ambiguity concerning the ambit of criminal statutes should be resolved in favor of lenity.” Id. at 2932 (quoting Cleveland v. United States, 121 S. Ct. 365, 373 (2000)). Notably, the rule of lenity was relied upon by all three circuits that have adopted a narrow construction of the CFAA.

Later, in McDonnell v. United States, the Court limited what qualifies as an “official act” under the federal bribery statute. 136 S. Ct. 2355 (2016). And most recently, the Court overturned the Bridgegate convictions holding that “a property fraud conviction cannot stand when the loss to the victim is only an incidental byproduct of the scheme.” Kelly v. United States, 140 S. Ct. 1565, 1573 (2020). It remains to be seen whether the apparent ambiguity in the CFAA will receive a similar fate.

McGuireWoods’ Government Investigations & White Collar Litigation Department is a nationally recognized team of nearly 60 attorneys representing Fortune 100 and other companies and individuals in the full range of civil and criminal investigations and enforcement matters. Our team is comprised of a deep bench of former senior U.S. officials, including a former Deputy Attorney General of the United States, former U.S. Attorneys, more than a dozen federal prosecutors, and an Associate Counsel to the President of the United States. Strategically centered in Washington, D.C., our Government Investigations & White Collar Litigation Department has been honored as a Law360 Practice Group of the Year and earned the trust of international companies and individuals through our representation in some of the most notable enforcement matters over the past decade.

We use cookies to enhance your experience of our website. By continuing to use this website, you agree to the use of these cookies. For more information and to learn how you can change your cookie settings, please see our policy.