Skip to main content

Lessons from Theranos and Other 2018 SEC Actions

Disclosure Management
SEC Reporting
Lessons from the 2018 SEC Actions: From Theranos to Timely Disclosures
4 min read
Mike Starr
Vice President, Governmental and Regulatory Affairs
Published: March 8, 2019
Last Updated: March 16, 2023

U.S. regulators did not flinch from holding individuals accountable in 2018, according to the Securities and Exchange Commission Division of Enforcement's annual report.

Of the 490 standalone enforcement actions the SEC filed, 70 percent included charges against individuals, the agency's enforcement division wrote in its report. The SEC penalized Tesla CEO Elon Musk, former Theranos CEO Elizabeth Holmes, and others for their actions in the past year.

"Those charged include individuals at the top of the corporate hierarchy, including numerous CEOs and CFOs, as well as accountants, auditors, and other gatekeepers," the report said.

The penalties added up to a hefty total in fines, too. For actions involving public companies and subsidiaries in fiscal 2018, monetary settlements totaled $2.4 billion, which is the most since fiscal 2010, according to Cornerstone Research. That total included an order for the Brazilian oil and gas company Petrobras to pay $1.8 billion in disgorgement, interest, and penalties.

Private companies were not immune to SEC watchdogs, either. The commission filed complaints against Silicon Valley-based Theranos for statements it deemed to be false or misleading.

All told, there were 54 entities and 94 individuals named in standalone actions relating to issuer financial reporting and disclosures, ranging from revenue and expense recognition problems to inadequate internal controls.

These examples are a painful reminder of why accurate financial reporting and strong disclosure management cannot be overlooked. Not only are they best practices that serve as a signal of healthy corporate governance, they can be costly to both individuals' pocketbooks and long-term business reputations if ignored.

Going forward, expect the SEC's enforcement division to continue following its five guiding principles:

  1. Look out for the Main Street investor
    The division's directors have said they intend to bring financial relief to those who have been harmed.

  2. Focus on individual accountability
    The SEC is committed to holding individual wrongdoers culpable and protecting investors from these bad actors.

  3. Keep up with technology
    As technology transforms markets, it is also enabling a new generation of cyber-related misconduct. The SEC has taken notice.

  4. Impose remedies that advance the SEC's enforcement goals
    Perhaps one of the most memorable examples from the last year was the package of monetary penalties as well as corporate governance directives for tweets by Musk that the SEC found misleading.

  5. Constantly assess the allocation of SEC resources
    With limited staffing, the SEC has shifted some resources into emerging risks like cyberthreats. Public and private companies may want to follow suit to maintain pace with the regulatory body.

Regulators clearly want financial reporting teams, from the front line to the C-suite, to be more proactive in ensuring the timeliness and accuracy of disclosures. At the same time, internal audit teams have started shifting from focusing solely on assurance to advising their organizations of potential issues and anticipating new risks.

Ongoing risk monitoring and financial close reporting—whether teams report monthly, quarterly, or on an ad hoc basis—can provide greater transparency into how the business and various units are doing against budgets, forecasts, and goals. Additionally, the more connected and continuous the reporting process, the fewer surprises with each required filing, such as 10-Qs or the 10-K.

I feel especially close to this subject because at Workiva, our cloud solutions were specifically designed to enable connected reporting and data collaboration across large organizations. One of the benefits is delivering greater insight into emerging issues and risk. This is accomplished in several ways:

  • Financial reporting teams can make use of technology to capture an audit trail of changes to who revised what and when
  • New technology can archive reviewers' feedback, questions, and comments within the same reporting ecosystem—as well documentation of how concerns were resolved—providing transparency to internal and external auditors
  • Document owners can control access of who can view or edit material, reducing the risk of unauthorized changes

While the SEC Division of Enforcement's annual report is a look back at the year of punishable offenses, it is an important reminder of looking ahead and being proactive. If your company uncovers areas of concern or even potential misconduct, take action early and be transparent. (On that note, in its last earnings release, Kraft Heinz Co. disclosed it took a $25 million charge in the fourth quarter following an internal investigation with external counsel into accounting practices in its procurement division—a matter also under investigation by the SEC. Kraft Heinz, which reported $789 million in revenue in the quarter, has said it determined the amount was immaterial.)

In a recent speech, Steven Pelkin, co-director of the SEC Division of Enforcement, noted the division decided against recommending a corporate penalty for a biopharmaceutical company that underwent "extensive remediation efforts" and a pharmaceutical company that self-reported misconduct.

In short: see something, say something, do something.

What are your thoughts on this topic? Talk about this and more with peers in the SEC Professionals Group, a private forum for SEC reporting professionals to have open discussions. Let's keep the conversation going.

About the Author
Mike Starr
Mike Starr

Vice President, Governmental and Regulatory Affairs

Mike Starr is Vice President of Governmental and Regulatory Affairs. He previously served as the SEC Chief Accountant’s advisor with a focus on investors’ financial information needs and the role of structured data in meeting those needs. Prior to his work with the SEC, Mike served as Chief Operating Officer for Grant Thornton International Ltd., where he oversaw global strategy and public policy. He earned a Bachelor of Science in accounting from Oklahoma State University (OSU), and in 2010 was recognized as an OSU distinguished accounting alumnus and inducted into the School of Accounting Hall of Fame.

Online registration is currently unavailable.

Please email events@workiva to register for this event.

Our forms are currently down.

Please contact us at

Our forms are currently down.

Please contact us at