Blog

The SEC’s Annual Fall Festival: Three Lessons for Financial Services Companies

Every year, autumn brings hayrides, changing leaves, family gatherings, sweater weather, the chance to savor a cup of black tea by a roaring fire—and a raft of Securities and Exchange Commission (SEC) enforcement actions as government lawyers sprint to close out cases by the last day of the agency’s fiscal year (September 30, for those who celebrate).

This year was no different. In the late summer/early fall rush, the SEC filed dozens of cases against individuals and companies. Unsurprisingly, many of these cases involved alleged misconduct by SEC registrants, including investment advisers and broker-dealers.

What lessons can we learn from the SEC’s 2024 seasonal harvest of cases against financial services companies? Which way will the wind blow in 2025? Let’s take a walk through the corn maze together.

Three people sitting at a table and talking during a business meeting.

Lesson #1: $2 Billion Text Messaging Rates May (Or May Not) Apply

Under the administration of Chair Gary Gensler and Director of Enforcement Gurbir Grewal, the SEC brought many high-dollar cases against registered broker-dealers (and, increasingly, registered investment advisers) for perceived “recordkeeping” failures. These cases involve the same basic fact pattern: Some of a firm’s employees used personal devices to send electronic messages (texts, WhatsApps, etc.) about work, and the firm did not fully preserve those messages.

Leading up to the fiscal year-end, the SEC brought even more of these “off-channel communications” cases, including:

With these recent actions, the SEC has brought text messaging cases against more than 100 entities, with total penalties of more than $2 billion. The Division of Enforcement has also repeatedly highlighted zero-penalty cases involving companies that self-reported their own failure to preserve text messages, as an enticement to others in the industry to come in from the cold on their own initiative.

The SEC’s story is that these cases are very important because the unpreserved text messages may have contained key evidence that, if it had been preserved, would have allowed the SEC to bring more and/or stronger cases. This is probably true as a general matter, and in the aggregate, these cases send the clear message that registrants need to do more to preserve all business-related communications.

That said, it’s hard to see how these recordkeeping cases are the crimes of the century. And, after Enforcement Director Grewal’s departure from the agency in early October and with Chair Gensler’s future at the agency uncertain with the presidential election fast approaching, the next steps in the SEC’s text messaging sweep are anyone’s guess. The agency may or may not continue pushing to file more text messaging cases in the coming months. If it does, firms facing potential SEC charges will presumably do everything in their power to run out the clock until January to preserve the possibility that a new SEC administration may bring relief in 2025.

On that point, Republican Commissioners Hester Peirce and Mark Uyeda recently signaled that while registrant recordkeeping is important, the issue “deserve[s] discussion outside of the enforcement context.”

Even Grewal, in a press interview just after leaving the agency, threw cold water on the idea that more high-dollar text messaging cases could be in the SEC’s future:
That initiative has largely run its course, Grewal said. Future cases are likely to be handled by the Financial Industry Regulatory Authority, a private organization that oversees brokers, or the SEC’s examiners, who can’t levy fines or bring enforcement actions, he said.

Text messaging cases with eye-popping settlements were perhaps the defining hallmark of Grewal’s tenure at the SEC, so it’s interesting to see him say—just days after leaving the government—that they are better handled going forward by FINRA and the SEC’s EXAMS Division. It’s not as though the SEC has sued every firm in the industry and there are no cases left to file.

My guess is that, depending on the composition of future SEC leadership, the agency may still bring cases that it finds attractive in this space. It’s a good reminder for registrants to put meaningful policies and procedures in place to preserve all business-related communications if they have not done so already.

Lesson #2: The SEC Cares About Whistleblower Protection

As we have seen in the Dodd-Frank era, the SEC is not fond of company agreements with employees (e.g., separation agreements, non-disclosure agreements, etc.) that have a chilling effect on reporting possible corporate misconduct to the government. Exchange Act Rule 21F-17 says: “No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement...” Relying on this provision, the current SEC administration has ratcheted up whistleblower-related enforcement against public companies using poorly worded confidentiality agreements. Last year, the agency brought the first such case against a private company.

At the end of the 2024 fiscal year, the SEC decided it was time to bring some whistleblower confidentiality agreement cases against registrants.

The language of Rule 21F-17 is broad; it prohibits “any action to ... impede” (emphasis added) whistleblower activity. Expect the SEC to continue to scrutinize registrants’ behavior in this space.

Lesson #3: Continued Focus on Adviser Indemnification

Careful observers of the asset management compliance space will recall that, when proposing its Private Fund Adviser Rules, the SEC initially planned to limit investment advisers’ ability to be indemnified by funds. After receiving a raft of negative public comments, the agency retracted the proposal but made threatening remarks reminding advisers that, in the SEC’s view, they cannot be indemnified by funds for breaches of fiduciary duty.

Following up on its threat, a few weeks before the 2024 fiscal year end, the SEC brought a case against a private fund and retail adviser for using impermissible “hedge clauses” in certain advisory agreements.

Here are some relevant snippets from the SEC’s case:

The Advisers Act establishes a federal fiduciary duty for investment advisers. Anadviser’s federal fiduciary duty may not be waived, though its application may be shaped by agreement. Moreover, advisory agreements may not misrepresent, or contain misleading statements regarding, the scope of an adviser’s unwaivable fiduciary duty that could lead a client to believe incorrectly that the client has waived a non-waivable cause of action against the adviser provided by state or federal law. This is true even if there is a disclaimer (sometimes known as a “savings clause” or “non-waiver” disclosure) stating that compliance with the state or federal securities laws is not waivable.

Language purporting to limit an adviser’s liability in an advisory agreement is also called a “hedge clause.” Whether a particular hedge clause is misleading is a facts-and circumstances determination.

In its order, the SEC quoted extensively from the relevant agreements. The agreements basically said that the management company was indemnified for a variety of conduct, including (in some agreements) negligence and breaches of fiduciary duty. The agreements then said that they did not waive investors’ unwaivable rights to sue the management company, including under the securities laws.

According to the SEC, this violated Section 206(2) of the Adviser’s Act, which prohibits fraud or deceit by investment advisers. As to one of the private fund-facing agreement, the SEC specifically called out language stating that the firm was “not liable for ‘any loss or damage’ unless the result of ‘fraud, deceit, gross negligence, willful misconduct or a wrongful taking.’”

As the SEC said in its order, the question of whether a hedge clause is misleading “is a facts-and-circumstances” determination. This case is a good reminder for private fund managers to ensure that investor-facing language would pass muster in an exam given the SEC’s views in this area.

A Preview of 2025

In 2025, the above trends may continue apace—or we may see a significant retrenchment in the SEC’s regulation over financial services registrants. Over the coming months, savvy financial services companies will be focused on staying compliant, ensuring their insurance programs are well-crafted, and waiting, like the rest of us, to see what comes next.

Share

Author

Table of Contents