Top Trends to Learn from SEC Enforcement Actions in 2019
From a regulatory standpoint, 2019 brought headline-making fines against a variety of companies ranging from Facebook to the maker of the EpiPen.
The Securities and Exchange Commission Division of Enforcement’s 2019 Annual Report included these and other enforcement actions it brought to protect investors and maintain confidence in the markets in 2019. The report illuminates key trends for companies and their financial and reporting stewards to know in 2020 and beyond.
What is clear is the SEC continues to hold individuals, including executives and their investment advisors, accountable for material weaknesses and misinformation or incorrect reporting. The good news for everyone, from the C-suite to financial reporting teams, auditors and legal teams: Technology and best practices in financial reporting and SEC reporting can help keep them on the right side of investors, the public and the law.
The SEC report at a glance
- There were 862 total enforcement actions, including 526 standalone actions, which was up 7 from the number of standalone actions the year before
- More than two out of three of the standalone actions charged an individual or group of individuals
- Judgements and orders totalled more than $4.3 billion in repayment and penalties, a 10% increase over 2018
- The SEC returned $1.2 billion to affected investors
- The whistleblower programme, which has recovered $2 billion since its founding in 2011, had a record number of reports in 2019
- The SEC reports it will 'substantially accelerate' evaluations of claims for whistleblower awards in 2020
In addition to the financial penalties, companies often lose investor confidence and consumer and client support as a result of these actions. Working with technology that enables and connects best-in-class financial reporting and SEC reporting to internal controls is more important than ever.
Memorable actions from 2019
- Last summer the Federal Trade Commission announced a record-breaking $5 billion penalty against Facebook in a settlement aimed at making the social media giant's executives more accountable for decisions around the privacy of user data. The same day, the SEC announced Facebook would pay $100 million to settle allegations that its risk disclosures presented the misuse of user data as hypothetical, when Facebook knew user data had been misused. Facebook did not admit or deny the allegations. Of note: The fine was tied to a third party, Cambridge Analytica.
- The commission alleged the maker of EpiPen failed to timely accrue for and disclose its potential liability arising from a Department of Justice investigation into whether it overcharged Medicaid for its largest revenue- and profit-generating product. Without admitting or denying the allegations, the company agreed to pay $30 million to settle the matter.
- In an action that was settled for $40 million, the commission alleged an international automaker's U.S. subsidiary inflated monthly sales results by paying automobile dealers to report fake vehicle sales and maintaining a “cookie jar” of actual but unreported sales. In months when it missed sales targets, it reported the old sales as if they had just occurred.
- Before the reports emerged of former auto executive Carlos Ghosn sneaking out of Japan in a box to escape charges there (he denies the charges), the SEC announced Ghosn would pay $1 million to settle allegations in the United States of false financial disclosures.
'The results depicted in this report reflect the division’s focus on rooting out misconduct that can do significant harm to investors and our markets, and the focus the division places on identifying wrongdoing and taking prompt action to effectively help harmed investors,' said SEC Chairman Jay Clayton.
3 things to know now
Companies can mitigate risks, provide trust in reporting and take steps to avert trouble that could lead to costly corporate or individual penalties by connecting data, reporting' and compliance. Here are critical issues to focus on now:
1. Material weaknesses
There's no guarantee that even the strongest internal controls programme could have prevented every penalty included in the enforcement division's report. But greater transparency, enabled by technology, could help auditors, reviewers and reporting teams detect concerns before they become problems while connecting siloed financial reporting, investor relations and legal teams.
For example, the Workiva connected reporting and compliance platform gives companies greater control over data and reports, so they can build disclosures they trust. With the cloud platform's reporting solutions, they can connect data directly to reports to reduce the risk of errors that can come from manually copying and pasting data, while centralising work to eliminate issues with version control. In addition, teams can drill down into data for greater visibility into data lineage. Workiva internal control and risk management solutions, meanwhile, can give teams greater real-time visibility into risk management and remediation efforts.
2. Individual accountability
The SEC's focus on pursuing civil charges against individuals, including executives, SEC reporting teams and auditors, means that corporations need to keep accountability top of mind. The commission also has said coordinating with federal and state authorities on parallel criminal investigations remains a high priority.
The SEC’s announcement that it will strengthen reviews of whistleblower complaints in 2020 makes it a perfect time for companies to consider adopting technology that makes it easier for time-strapped teams and executives to gain real-time visibility into internal controls, including emerging risks, responses and how concerns were resolved.
3. Misinformation and incorrect filings
Faulty and fraudulent filings are extremely costly, not just in terms of financial fines, but also to a company’s reputation and its internal culture. Connecting data can help mitigate those risks and take on the tedious, time-consuming work of financial reporting, so companies focus on their core missions and ROI.