Legal Alert

SEC Guidance on Liability of Compliance Officers: Lessons from Recent Cases

August 13, 2014

In a May 20, 2014, speech, U.S. Securities and Exchange Commission (SEC) Director of Enforcement Andrew Ceresney outlined the circumstances in which the SEC will seek sanctions against compliance personnel. Two recent SEC proceedings illustrate the points made by Ceresney and the continued focus of enforcement on the duties and potential liability of compliance officers.

Ceresney Speech

SEC Director of Enforcement Andrew Ceresney delivered the keynote address at Compliance Week 2014. Ceresney’s speech contained a detailed discussion of the SEC’s position on the duties of compliance personnel, as well as the types of situations where the SEC will seek to penalize compliance officers.

Ceresney noted that, at that point, the SEC had brought 10 actions as part of the Compliance Program Initiative, including charges against compliance personnel when they were clearly responsible for the failure to adopt or implement adequate compliance programs. Consistent with those cases, Ceresney emphasized that the SEC will take action against compliance officers if:

  • they actively participated in misconduct,
  • they helped mislead regulators, or
  • they have clear responsibility to implement compliance programs or policies and wholly failed to carry out that responsibility.

Ceresney pointed to the Penson case discussed below as implicating all of these areas. The Meade case, also discussed below, is a more recent example of this type of situation.

Penson

On May 19, the SEC filed an administrative proceeding against Thomas Delaney II and Charles Yancey for violations related to Rule 204T/204 of Regulation SHO. Delaney is the former chief compliance officer (CCO) and Yancey is the former president/chief executive officer (CEO) of Penson Financial Services, Inc., which, before declaring bankruptcy in January 2013, was one of the largest independent clearing firms in the U.S. Delaney and Yancey are contesting the charges.

Rule 204T/204 requires participants of a registered clearing agency to deliver equity securities to a registered clearing agency by a settlement date. If the participant does not deliver the shares to the clearing agency in a timely manner, referred to as failure to deliver, it must take affirmative action to close out the failure-to-deliver position by purchasing or borrowing securities within a specified period.

According to the SEC, when Penson’s customers caused a failure to deliver, the buy-ins department purchased or borrowed shares to fulfill its close-out obligations and passed along the costs of those transactions to its customers. In contrast, on thousands of occasions between October 2008 and November 2011, Penson caused failures to deliver by lending securities from customers’ margin accounts, which securities the customers subsequently sold. In those instances, unable to pass along the cost of compliance to customers, senior officers in the stock loan department ignored the requirements of Rule 204T/204 and failed to deliver the subject securities.

Penson - CCO Issues

According to the SEC, Delaney aided and abetted and caused Penson’s violations of Rule 240T(a)/204(a). The SEC alleges that Delaney knew the stock loan department was not complying with Rule 204T and had intentionally noncompliant Rule 204(a) procedures, yet did not take any action to change the procedures or report them to senior management. Delaney also is accused of establishing and maintaining a supervisory system that he knew allowed others to effectively remain unsupervised, and concealing the violations from Penson’s CEO and from regulators.

Among other things, the SEC alleges that:

  • An internal compliance audit showed a 99 percent fail rate on close-out procedures, which are directly related to the procedures for long sales of loaned securities.
  • Delaney agreed with other Penson employees that Penson would not comply with the applicable Regulation SHO requirements in large part because of the expected costs.
  • Penson’s written compliance procedures failed to contain compliant provisions and did not describe the procedures actually in use. Despite knowing about the violations for nearly two and a half years, Delaney took no steps to ensure that the procedures were changed to comply with the rules and in fact adopted written procedures that were designed to conceal the firm’s actual procedures.
  • Delaney permitted and/or caused the firm to mislead the SEC concerning these issues.
  • Delaney failed to bring these issues to the firm’s CEO.

Penson - CEO Issues

Penson’s CEO, Yancey, is charged with failing to reasonably supervise both Delaney and Penson’s senior vice president of stock loan, who directly oversaw the firm’s securities lending business. Penson’s written supervisory procedures designated Yancey as the direct supervisor of both the senior vice president of stock loan and Delaney. According to the SEC, Yancey expressed to Delaney that he did not trust the senior vice president of stock loan, and complained of insufficient control over his actions. However, Yancey took no steps to rectify these issues. The SEC also alleges that Yancey deliberately ignored “significant red flags” contained in a 2009 audit by Penson, which should have informed him that the firm’s CCO bore responsibility for Rule 204 deficiencies.

Related Penson Actions

Additionally, the SEC instituted settled administrative proceedings against Lindsey Wetzig and Michael Johnson, former employees of the securities lending department of Penson’s parent company, Penson Worldwide, Inc. According to the SEC, Wetzig caused Penson’s violations of Rules 204T(a) and 204(a), and Johnson aided and abetted Penson’s violations of Rules 204(a) and 204(b), and failed to supervise two vice presidents in the securities lending department. Without admitting or denying the SEC’s findings, Wetzig and Johnson agreed to cease and desist from future violations. Wetzig agreed to cooperate with the SEC, and Johnson agreed to be barred for five years and to pay a civil penalty of $125,000.

Significance of the Penson Case

In his May 20, 2014, speech, Ceresney indicated that the SEC would take action against CCOs where they actively participate in misconduct or wholly fail to carry out their responsibilities. Ceresney pointed to the Penson case as illustrating these situations and stated:

[T]he Division alleged that the firm violated Reg SHO for more than three years and that the CCO not only knew about the firm’s decision to violate the rules, but also affirmatively participated in the violations by, among other things, failing to implement procedures that he was responsible for implementing and that would have brought the firm into compliance, and then concealing those violations from regulators.

Here, if the facts alleged against Penson’s CCO are proven, the SEC would show that the firm’s CCO knowingly permitted a regular business practice that was in violation of applicable law, wrote compliance procedures that concealed the actual noncompliant procedures and misled regulators about the issue.

The SEC’s allegations as to Penson’s CEO raise the question of when is there sufficient evidence of a problem to require action on the part of a supervisor. The allegations also appear to raise the issue of whether supervisory liability is present if others in the entity actively try to hide the problem from the supervisor. In this case, the alleged facts would demonstrate that the CEO failed to supervise the firm’s CCO, ignored the CCO’s concealment of violations from regulators, and wholly failed to supervise the firm’s senior vice president, who oversaw and directly engaged in the conduct giving rise to the rule violations, despite the CEO being designated as his direct supervisor.

Meade

On June 11, 2014, the SEC instituted a settled administrative proceeding against Thomas E. Meade, former CEO and COO of Private Capital Management Inc. (PCM), in connection with his role in PCM’s failure to prevent, detect or respond to insider trading by a former PCM vice president, Drew Peterson, in 2010.

PCM, with a staff of four to five people, provided investment advisory services focused on no-load mutual funds to more than 300 accounts and managed more than $150 million in assets. PCM ceased advisory operations on July 31, 2012, and filed its Form ADV-W with the SEC on January 22, 2013, terminating its registration as an investment adviser.

In April 2010, Peterson received a tip from his father regarding the pending acquisition of a public company. At the time, Peterson’s father served on the board of directors of the public company and as the chairman of its audit committee. On the basis of that information, Peterson traded securities of the public company for his own account, his family members, his investment club and investment clients, and passed the inside information on to certain friends, including a hedge fund manager.

In August 2011, the SEC filed a civil complaint alleging Peterson and his father engaged in insider trading. In the following months, the SEC amended the complaint to include the hedge fund manager, which then was followed by a criminal complaint against all three defendants. All three defendants pled guilty in the criminal action and settled the SEC action.

In August 2010, the SEC’s Office of Compliance Inspections and Examinations (OCIE) conducted a cause examination of PCM out of concern that Peterson’s trading and dissemination of material, nonpublic information had gone undetected. The findings of that exam resulted in a referral to the SEC’s Division of Enforcement, which in turn led to Meade’s settlement with the SEC.

The SEC’s administrative order found that Meade, the president and chief compliance officer of PCM during the relevant period, was aware of the unique risks for misuse of material, nonpublic information by Peterson due to Meade’s personal relationship with Peterson’s father, but that Meade failed to design PCM’s written compliance policies and procedures in light of these insider trading risks associated with PCM’s particular operations.

The SEC also found that Meade failed to adequately collect and review records of personal trading by PCM employees during the relevant period and failed to maintain restricted or watch lists of stocks in each case as required under the firm’s policies and procedures. Further, even after learning of Peterson’s insider trading, Meade failed to conduct any investigation of the trading as required by the firm’s policies and procedures and failed to document violations of the firm’s code of ethics.

Finally, the SEC found that, as CCO, Meade was responsible for administering PCM’s policies and procedures, yet he relied too much on employees to self-report violations and failed to annually assess the adequacy or effectiveness of PCM’s policies and procedures that were in place.

Violations and Penalties in Meade

As a result of the conduct described above, the SEC found that PCM willfully violated, and Meade willfully aided and abetted and caused PCM’s violations of:

  • Section 204A of the Advisers Act and Rule 204A-1 thereunder, which require that a registered investment adviser establish, maintain and enforce a written code of ethics;
  • Section 204(a) of the Advisers Act and Rules 204-2(a)(12-13) thereunder, which require that investment advisers registered with the SEC maintain and preserve certain books and records; and
  • Section 206(4) of the Advisers Act and Rule 206(4)-7 thereunder, which, among other things, require that a registered investment adviser adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act and its rules.

The SEC’s order further found that Meade failed to reasonably supervise Peterson within the meaning of Section 203(e)(6) of the Advisers Act, with a view to preventing violations of the Advisers Act and rules thereunder.

Without admitting or denying the findings, Meade was censured and agreed to cease and desist from future violations, pay a $100,000 civil penalty and be effectively barred from the securities industry. Specifically, Meade was:

  • barred from associating in a compliance capacity and supervisory capacity with any broker, dealer, investment adviser, municipal securities dealer, municipal advisor, transfer agent or nationally recognized statistical rating organization; and
  • prohibited from serving or acting as an employee, officer, director, member of an advisory board, investment adviser or depositor of, or principal underwriter for, a registered investment company or affiliated person of such investment adviser, depositor, or principal underwriter.

Significance of the Meade Case

The SEC found that Meade did not adequately carry out his duties as a CCO and president by: failing to maintain and enforce a written code of ethics, failing to maintain required books and records, and failing to adopt and implement compliance policies and procedures tailored to address the specific risks inherent in his firm’s operations.

As in Penson, there is also a supervision component, in that according to the SEC, Meade did not adequately supervise Peterson.

Section 203(e)(6) of the Advisers Act provides a safe harbor for failure-to-supervise claims where there are procedures in place that would be expected to prevent and detect violations and the supervisor discharges his duties and obligations without reasonable cause to believe that these procedures are not being followed. The SEC found that this safe harbor was not available because the compliance failures were so pervasive that Meade, as CCO, could not have had reasonable cause to believe that PCM was in a position to prevent and detect the insider trading that occurred.

Takeaways

The Ceresney speech provides a framework for analyzing the types of situations that could result in SEC enforcement actions against compliance personnel.

The speech, together with the SEC’s allegations and actions in the Penson and Meade proceedings, indicate the importance for compliance personnel to be proactive in their approach to fulfilling their obligations and duties as compliance officers. In summary, CCOs and other compliance personnel should consider the following takeaways from the speech and enforcement actions:

  • CCOs need to be proactive in carrying out their duties and responsibilities under applicable securities laws and regulations.
  • CCOs need to be proactive in carrying out the functions assigned to them in their firm’s compliance policies and procedures.
  • CCOs who have knowledge of possible or actual securities law violations at their firms must be proactive in investigating and reporting the potential or actual violations to members of their firms' senior management.

These cases also underscore the continuing risk of claims by the SEC of inadequate supervision. In the Penson case, the CEO is alleged to have failed to supervise both the CCO and a senior employee who caused the securities law violations and to have ignored “red flags” concerning those violations. In Meade, the CEO and CCO allegedly did not supervise a corporate officer who engaged in insider trading, and ignored red flags concerning a vice president’s access to material, nonpublic information. These cases provide stark reminders that supervisory personnel must:

  • take seriously their supervisory roles and proactively carry out the duties outlined in their firms’ compliance policies and procedures; and
  • proactively follow up on red flags that may indicate underlying securities issues.