Skip to main content

Three Key Pressure Points in the Current Enforcement Environment

Chair Mary Jo White

NYC Bar Association’s Third Annual White Collar Crime Institute <br>New York, NY

May 19, 2014


Thank you, John Savarese, for that kind introduction.  It is great to be here with you in New York.  This is the City Bar Association’s Third Annual White Collar Crime Institute.  It is always a terrific program and I am honored to be to kicking off this year’s event.  As I look out at the audience and see so many familiar faces that I have worked with over the years, I am reminded of the extraordinary talent and professionalism that you bring to the white collar bar.

With an audience as experienced as this, I thought I would try to give you a nuanced view of some of the more significant issues or pressure points that we all face in the current enforcement environment.  While these issues are not all new, and are not confined to the SEC space, I will address three of these pressure points through my lens as the Chair of the SEC: (1) the pressure of multiple regulators in the same or overlapping investigations; (2) the decision to charge individuals, entities, or both; and (3) the range of remedies and ultimate resolutions.

Three Key Pressure Points in Securities Law Enforcement

The contours and progression of many of today’s most significant securities enforcement cases will be determined first, by which authorities are participating in the investigation – domestic or international, federal or state, civil or criminal, and in what combination.  The second main axis is whether the authorities are focused on individual or entity liability, or both.  And third, in addition to monetary relief, regulators today use a range of potential remedies and types of resolutions, and I will discuss some of the ones that we at the SEC are increasingly focused on.  Although a multitude of other issues arise in every securities investigation, these three pressure points largely determine the outcomes in most investigations.

Which Regulators Are Involved

The first variable is which regulators are, or are likely to be, involved.  The answer, of course, will depend on the nature of the alleged conduct as well as the jurisdiction and interest of regulators and prosecutors.  And the number and type of regulators involved will define the range of possible outcomes, and dictate the kind of advice you will give clients. 

When I first went back into private practice in 2002, investigations were often conducted by one, maybe two, regulators.  Frequently, investigations were conducted in parallel by the SEC and criminal authorities, as they are today.  But usually, that was it.  Now, it is common to have investigations with more – sometimes many more – than two regulators, whether they are additional federal regulators, state prosecutors, attorneys general, or foreign regulators.  There are many reasons for this, including: the internationalization of enforcement; the global nature of many of today’s securities frauds; the increased regulatory activity on the state level; and the increased complexity of our markets.

So, with numerous regulators with overlapping mandates to investigate any given potential case, how do we stay in our lanes?  Or is it inevitable that we overcrowd every domestic and international highway on today’s enforcement landscape?

Of course, each agency makes its own decision about which investigations to pursue, thus leading to a crowded highway in many investigations.  Enforcers may perceive that outcome as both necessary and desirable if their mandates are to be strongly implemented and their messages heard.  From my perch at the SEC, I surely have that inclination, wanting us to be involved in any matter that touches our jurisdiction, so that we can shape the outcome in a way that is consistent with our view of the law and appropriate conduct.

But, at the same time, we regulators need to keep in mind the impact we have on those we regulate and ensure that our own respective interests do not lead to unjust, duplicative outcomes.  Especially in an era of scarce resources, regulatory choices and coordination are critical.  Each agency should make a frank assessment of whether it brings the right expertise, jurisdictional authority, and appropriate remedies to the table.

There are actually some coordination successes we can point to and build upon.  For example, in the FCPA area, the SEC and DOJ, and frequently other international regulators, have a long history of coordinating effectively, to the point that the SEC and DOJ jointly developed the “Resource Guide” that closely examines the SEC and DOJ approach to FCPA enforcement.[1]  In the typical case, the SEC and DOJ will investigate in parallel from the outset, and if the matter settles, the SEC usually obtains the disgorgement as part of its resolution and DOJ obtains the penalty.[2]  This division of labor and remedies achieves full accountability without regulatory “double dipping.”

Similarly, when we do parallel insider trading cases with DOJ that settle, we typically require disgorgement of the profits or losses avoided, plus a one-time penalty, while the criminal authorities will obtain prison sentences.  When there is a criminal fine as well, we assess whether our penalty is also necessary.  Such sorting out of appropriate remedies is important in the current multiple regulator landscape.

Collectively, we should also try to avoid unnecessary competition among ourselves for cases and headlines.  While I realize we may not always achieve this goal in practice, enforcement is serious business and we have a professional responsibility to use our agency resources wisely and in a manner that best applies our specific expertise and enforcement tools.  And there is never room for anything other than a thorough investigation of all the evidence – wherever and to whomever it may lead.  Rushes to judgment or to the courthouse can potentially result in both injustices and charges that may not capture all of the culpable parties or misconduct.

Of course, there is often good reason for conducting criminal and regulatory investigations in parallel.  In appropriate cases, we need to rely on our criminal law enforcement colleagues, who have the power to jail, to work with us.[3] But what does and should determine whether a securities fraud case is brought civilly, criminally, or both?

It may help to think about the cases in three categories.  The first are those that do not involve intentional wrongdoing, but rather failures of controls or reporting obligations.  These cases fall squarely within the SEC’s wheelhouse and will rarely, if ever, be brought criminally.  Examples include failure to supervise cases; violations of broker-dealer rules like the market access rule, Rule15c3-5[4]; cases involving unprofessional, but not fraudulent, audits; failures of investment advisers to follow compliance rules[5]; or violations by exchanges of their own rules.[6]  These are important cases that influence conduct in the industry and ensure a significant focus on compliance and controls.  But they are not criminal cases because the misconduct rarely involves intent.

The second category of cases are those that clearly have a criminal component – those involving egregious, fraud-based conduct with a strong evidentiary trail.  These cases are often the most sophisticated frauds causing significant investor harm, brazen attempts to steal money through offering frauds or Ponzi schemes, or blatant frauds on the markets through insider trading.[7]  There is no ambiguity in these cases – egregious conduct deserves the severe sanction of imprisonment, and often in these cases, the criminal authorities are participants in the investigation from the beginning.

The third category – the most difficult to define – are those on the line, where a criminal case is possible but not necessarily apparent on the face of the conduct. Often, such cases rely on prosecutors ready to bring cases where the evidence is not overwhelming but is sufficient to find the offense beyond a reasonable doubt.  It is often in these cases that the criminal authorities monitor the SEC investigations to determine whether sufficient evidence has developed to justify criminal interest.  And it is in these cases that we at the SEC must maintain open channels of communication with the criminal authorities to determine whether they have sufficient interest in the matter to participate in interviews of witnesses and other evidence gathering exercises.

The bottom line is that the decision of whether a case will go criminal will typically turn on the strength of the evidence and the type of offense under investigation – which are the appropriate factors to consider in making such a determination. 

What Defendants Are Being Charged

Irrespective of which and how many investigators you face, the second decision point in nearly every securities enforcement investigation is who will be charged as a defendant – a decision that again is, and should be, dictated by the nature of the misconduct and strength of the evidence.  Let me talk a bit about this second pressure point in SEC investigations.

A Focus on Individuals

First, I want to dispel any notion that the SEC does not charge individuals often enough or that we will settle with entities in lieu of charging individuals. 

The simple fact is that the SEC charges individuals in most of our cases, which is as it should be.  A recent Harvard survey shows that since 2000, the SEC has charged individuals in 93% of our actions involving nationally listed firms in which we charged fraud or violations of books and records and internal control rules.[8]  An internal, back-of-the envelope, analysis the staff did recently indicates that since the beginning of the 2011 fiscal year, we charged individuals in 83% of our actions.[9]   Under either calculation, those percentages are very high – which means that the cases where individuals are not charged are by far the exception, not the rule. 

I expect that this is probably not news to most of you who have had individual clients charged by the SEC.  It should also not be a surprise that we focus our investigations initially on the individuals closest to the wrongdoing and work outward and upward from there to determine who else should be charged, including whether to charge the corporation.  A company, after all, can only act through its employees and if an enforcement program is to have a strong deterrent effect, it is critical that responsible individuals be charged, as high up as the evidence takes us.  And we look for ways to innovate in order to further strengthen our ability to charge individuals. 

What Is Old Is New

One new approach to charging individuals is to use Section 20(b) of the Exchange Act.  Although this section dates back to the original Exchange Act of 1934, chances are you may not be very familiar with it because, frankly, it has not been a common charge.  Before you start reaching for your smart phones to look it up, let me save you the trouble.  Section 20(b) imposes primary liability on a person who, directly or indirectly, does anything “by means of any other person” that would be unlawful for that person to do on his or her own.[10]  This is analogous in the criminal context to 18 U.S.C. Section 2(b), which provides for criminal liability as a principal for anyone who “willfully causes an act to be done which if directly performed by him or another would be” a criminal violation.[11]

We are focusing on Section 20(b) charges where – as is frequently the case in microcap and other frauds – individuals have engaged in unlawful activity but attempted to insulate themselves from liability by avoiding direct communication with the defrauded investors.  It is potentially a very powerful tool that can reach those who have participated in disseminating false or misleading information to investors through offering materials, stock promotional materials, or earnings call transcripts, but who might not be liable under Rule 10b-5(b) following the Supreme Court’s decision in Janus because they may not be the “maker” of the statement.[12]

Just as importantly, though, as with 18 U.S.C. Section 2(b), Exchange Act Section 20(b) is a form of primary liability, rather than secondary liability, which would require proof of a separate violation by someone other than the defendant.  So, we can use Section 20(b) where aiding and abetting or controlling person theories may fall short because there is no underlying violation by someone else, such as, for example, when the other person who publicly makes the misleading statements lacks knowledge that they were misleading.

The Importance of Corporate Liability

Of course, emphasizing regulatory scrutiny for individuals in no way diminishes the need to hold corporations accountable.  Strong deterrence requires both because the law rightly places responsibility on the corporation for its employees’ wrongful conduct and it is often the corporate and compliance culture, or lack thereof, that fosters or fails to prevent the wrongdoing. 

At times, because of the diffuse ways in which many large entities operate today, uncovering sufficient evidence to hold individuals accountable can be difficult.  In those situations, we have not shied away from charging only the corporation.[13]   The wrongdoing does not require scienter or even negligence – the company violates the law by failing to comply with the applicable regulatory requirement.

Corporate Negligence

The Commission has also charged entities, but not their employees, with negligence-based violations of the antifraud provisions of the securities laws.[14]  Charging a corporation with negligence-based fraud where we do not charge an individual – because the proof of negligence against the individual may fall short – is not something we undertake lightly, but is solidly grounded in the law and is an important tool in our enforcement arsenal. 

Assessing whether a corporation acted negligently involves comparing a corporation’s conduct, as carried out through its employees, to the actions of a reasonable corporation in similar circumstances – without the need to impute a particular state of mind from an individual to the corporation, as is required for scienter-based violations.  In practice, charging only corporations with negligence can be appropriate when an entity makes a material misstatement or omission in the offer or sale of securities and the evidence will not support holding any individual responsible.  In those cases, holding the entity responsible for the misstatements is the right thing to do if the evidence demonstrates that the entity’s conduct fell below the standard of reasonable care – for example, because it failed to have appropriate policies or procedures, failed to properly train its employees, or failed to structure its operations so that people making disclosure decisions are provided with the necessary information to make those decisions on an informed basis.[15]

Such charges achieve accountability for the wrongdoing uncovered in the investigation and allow recovery of disgorgement and penalties that may be returned to harmed investors. 

Intentional Corporate Wrongdoing

Before we leave the subject of charging entities, we should probably spend just a couple of minutes on the controversy du jour related to criminal charges against corporations – the “too big to jail” – or more accurately – the “too big to indict and convict” debate.  I won’t, of course, discuss any particular cases or investigations, but I will share four quick thoughts with you from my perspective as both a civil regulator and former United States Attorney.

First is the threshold question of whether any financial institution is too big to charge.  At the SEC, of course, as you know from our cases, no firm is too big to charge.  Their size and complexity does not even enter into our charging analysis, and so we can put aside the threshold question in SEC cases.[16]

But is any company or financial institution too big to indict criminally?  The answer is also no.  We criminally charged financial institutions and other companies several times when I was U.S. Attorney – Daiwa Bank, Republic Securities, and Bankers Trust, as well as Con Edison.[17]  And other prosecutors have done the same.  My predecessor charged Dexel Burnham Lambert with securities fraud,[18]  and more recently subsidiaries of the Royal Bank of Scotland and UBS have been charged and pled guilty to charges stemming from LIBOR manipulations.[19]  And these are just a few of the examples.  So, no – no corporate entity is too big or too complex to indict.

Second, some have questioned whether it is appropriate for prosecutors to consider the consequences – direct and collateral – when they make a decision whether to indict a company.  Of course they should; we want their decision to be thoughtful and in the public interest.  And DOJ’s Principles of Federal Prosecutions of Business Organizations indeed require them to weigh the collateral consequences of a corporate indictment among a number of other factors.[20]

That prosecutors consider such consequences does not, however, dictate a declination even when the likely collateral consequences are very significant, or even potentially fatal.  For example, Drexel was indicted, pled guilty, and about a year later went out of business; Daiwa Bank, one of my cases as U.S. Attorney, was indicted, eventually pled guilty, and lost its license to do business in the United States. [21]   

Of course, not every indictment of a corporation is fatal or results in the loss of licenses.  The last couple of years have seen GlaxoSmith Kline plead guilty to criminal FDA labelling and reporting violations, Siemens AG plead guilty to criminal and civil FCPA violations, and a U.S. subsidiary of BP plead guilty to manslaughter and criminal environmental charges for the Deepwater Horizon spill.[22]  While each of these companies paid heavy penalties and engaged in extensive remediation of their compliance systems, each has also continued in business.

Third, it has been asked whether it is appropriate for prosecutors to discuss with banking, securities, and other regulators the possible regulatory consequences of a corporate indictment.  Again, the answer is yes.  Responsible prosecutors will want to understand the full implications of their actions and the regulators are often the only reliable sources for understanding those potential consequences.

Fourth, regulators whose powers may be implicated by the indictment or conviction of a regulated entity may be called upon to make their quite separate decisions about the consequences flowing from the corporate charge.  It is important in such instances for the regulators to make their decisions independently, rigorously, and based on their specialized regulatory knowledge.  They should neither regard their role as an adjunct to the criminal case to add another penalty nor to make regulatory decisions that “cushion” the blow of the criminal action taken or pave the way for a consequence-less guilty plea.  Rather, regulators should rigorously apply the standards of their own regulations to the facts and circumstances of each case and reach an independent determination of the applicable regulatory consequences as a result of the particular enforcement action that has been taken.  Often, the question for regulators is forward-looking – can and should the convicted company continue to participate in a government program or to rely on certain regulatory regimes for future activity. 

These decisions are extremely important ones.  They need to be made on the merits by clear-eyed regulators applying the criteria in their rules to each such decision before them.  

Determining the Appropriate Resolution

Let me get back to doing my current day job and talk very briefly about the third pressure point in today’s enforcement landscape, which is the all-important question of remedies and the terms of an ultimate resolution.  Time does not permit a full discussion, but let me share a bit about our current thinking on some of the non-monetary remedies and resolutions we are currently emphasizing at the SEC – the use of bars, monitors, and admissions.

One the SEC’s most powerful non-monetary remedies to protect the public from future harm is our authority to bar wrongdoers who work in the industry or appear before the SEC.  And I have encouraged our Enforcement Division to increase the use of these bars in appropriate cases and to ensure that we obtain bars for periods of time that respond to the seriousness of the misconduct.

We have also been more focused on seeking and obtaining undertakings requiring the use of monitors or independent compliance consultants, and doing so in a way that directly addresses the root causes of the misconduct.  Ensuring that defendants address their deficiencies and implement corrective actions is critical to making sure that our actions protect investors from future harm.[23]

Another popular tool we have implemented since I became Chair is to require admissions of wrongdoing in certain cases.  As I have described before, we seek admissions in cases where there is a heightened need for public accountability or for the investing public to know the unambiguous facts.  And, we have now

required admissions in a number of significant cases.[24]  Expect to see more as we go forward and the new protocol evolves.


Let me stop here.  I hope I have provided you with some insights into the current securities enforcement landscape.  Strong enforcement is at the core of the SEC’s mission to protect investors and our markets.  In each step of the enforcement process, we remain focused on aggressively pursuing wrongdoing – whether individual or corporate – working cooperatively with our fellow regulators, and sending strong messages of deterrence within the range and full reach of our legal authority and tools.

Thank you.

[2] See “SEC Charges Hewlett-Packard With FCPA Violations,” Rel. No. 2014-73 (April 9, 2014), available at; “SEC Charges Total S.A. for Illegal Payments to Iranian Official,” Rel. No. 2013-94 (May 29, 2013), available at

[3] SEC Chair White Keynote Address “All-Encompassing Enforcement: The Robust Use of Civil and Criminal Actions to Police the Markets,” SIFMA Compliance & Legal Society Annual Seminar (March 31, 2014) available at

[4] See “SEC Charges Knight Capital With Violations of Market Access Rule,” Rel. No. 2013-222 (Oct. 16, 2013).

[5] See See “SEC Charges Owner of N.J.-Based Brokerage Firm With Manipulative Trading,” Rel. No. 2014-67 (April 4, 2014); “In the matter of Sam Kan, CPA, et al,” Rel. No. 34-75185 (Feb. 20, 2014) available at: ; “In the matter of Agamas Capital Management, L.P.,” Rel. No. IA-3719 (Nov. 19, 2013) available at:

[6] See “SEC Charges NYSE, NYSE ARCA, and NYSE MKT for Repeated Failures to Operate in Accordance With Exchange Rules,” Rel. No. 2014-87 (May 1, 2014).

[7] See, e.g., “SEC Charges ConvergEx Subsidiaries With Fraud for Deceiving Customers About Commissions,” Rel. No. 2013-266 (Dec. 18, 2013) available at; “SEC Charges Woman and Stepson for Involvement in ZeekRewards Ponzi and Pyramid Scheme,” Rel. No. 2013-270 (Dec. 20, 2013) available at; “SEC Charges Hedge Fund Firm CR Intrinsic and Two Others in $276 Million Insider Trading Scheme Involving Alzheimer's Drug,” Rel. No. 2012-237 (Nov. 20, 2012) available at

[8] See  The study further reveals that the SEC named CEOs in 56% of those cases, CFOs in 58% of cases, and lower level executives in 71% of cases.

[9] This figure excludes delinquent filings cases and “follow-on” administrative proceedings, where the Commission seeks bars following the entry of an injunction or criminal conviction.

[10] 15 U.S.C. § 78t(b) (Securities Exchange Act § 20(b)).  Similar provisions exist in the Investment Advisers Act and the Investment Company Act.  See 15 U.S.C. § 80a-47(Investment Company Act § 48(a)), 15 U.S.C. § 80b-8(d) (Investment Advisers Act § 208(d)).

[11] 18 U.S.C. § 2(b).

[12] Janus Capital Grp., Inc. v. First Derivative Traders, 131 S. Ct. 2296, 2304 n.10 (2011).

[13] See, e.g., “SEC Charges Lions Gate With Disclosure Failures While Preventing Hostile Takeover,” Rel. No. 2014-51 (March 13, 2014) available at:;

 “In the matter of ABN AMRO Bank, N.V.,” Rel. No 34-70086 (July 31, 2013) available at:;  “SEC Charges Three Firms With Violating Custody Rule,” Rel. No. 2013-230 (Oct. 28, 2013) available at:; “SEC Charges Institutional Shareholder Services in Breach of Clients' Confidential Proxy Voting Information,” Rel. No. 2013-92 (May 23, 2013) available at:

[14] See, e.g., “SEC Charges New York-Based Brokerage Firm for Ignoring Red Flags in Soft Dollar Scheme,” Rel. No. 2013-273 (Dec. 26, 2013) available at;  “SEC Charges Royal Bank of Scotland Subsidiary with Misleading Investors in Subprime RMBS Offering,” Rel. No. 2013-239 (Nov. 7, 2013) available at; “OppenheimerFunds to Pay $35 Million to Settle SEC Charges for Misleading Statements During Financial Crisis,” Rel. No. 2012-110 (June 6, 2012) available at

[15] See, e.g., “SEC Charges Royal Bank of Scotland Subsidiary with Misleading Investors in Subprime RMBS Offering” Rel. No. 2013-239 (Nov. 7, 2013), available at; “In the Matter of Apple REIT Six, Inc., et al.,” Rel. No. 34-71546 (Feb. 12, 2014), available at

[16] E.g. “SEC Charges CVS With Misleading Investors and Committing Accounting Violations,” Rel. No. 2014-69 (April 8, 2014) (CVS is a Fortune 15 company); “SEC Charges TD Bank and Former Executive for Roles in Rothstein Ponzi Scheme in South Florida,” Rel. No. 2013-192 (Sept. 23, 2013) (TD Bank is the 10th largest bank in the country). Information on actions the SEC brought against the world’s largest financial institutions that led to or arose from the financial crises may be found at

[17] See P. Truell, “Daiwa Bank Admits Guilt in Cover-Up,” New York Times (Feb. 29, 1996), available at; K. Gilpin, “Republic New York Pleads Guilty to Securities Fraud,” New York Times (Dec. 18, 2001), available at; R. Abelson, “Bankers Trust Is Ordered To Pay Fine,” New York Times (July 27, 1999), available at; R. Sullivan, "Con Ed Admits to Conspiracy To Cover Up Asbestos in Blast," New York Times (Nov. 1, 1994), available at

[18] S. Labaton, “Drexel, as Expected, Pleads Guilty to 6 Counts of Fraud,” New York Times (Sept. 12, 1989) available at

[19] Press Release No. 13-161, RBS Securities Japan Limited Agrees to Plead Guilty in Connection with Long-Running Manipulation of Libor Benchmark Interest Rates (Feb. 6, 2013), available at; Press Release No. 12-1522, UBS Securities Japan Co. Ltd. to Plead Guilty to Felony Wire Fraud for Long-running Manipulation of LIBOR Benchmark Interest Rates (Dec. 19, 2012), available at

[20] United States Attorneys’ Manual, Title 9, Chapter 28, available at  

[21] K. Eichenwald, “The Collapse of Drexel Burnham Lambert; Drexel, Symbol of Wall St. Era, Is Dismantling; Bankruptcy Filed,” New York Times, February 14, 1990; P. Truell, “Daiwa Bank Admits Guilt in Cover-Up,” New York Times, February 29, 1996.

[22] Press Release No. 12-842, “GlaxoSmithKline to Plead Guilty and Pay $3 Billion to Resolve Fraud Allegations and Failure to Report Safety Data” (July 2, 2012), available at; Press Release No. 08-1105, “Siemens AG and Three Subsidiaries Plead Guilty to Foreign Corrupt Practices Act Violations and Agree to Pay $450 Million in Combined Criminal Fines” (Dec. 15, 2008), available at; Press Release No. 12-1369, “BP Exploration and Production Inc. Agrees to Plead Guilty to Felony Manslaughter, Environmental Crimes and Obstruction of Congress Surrounding Deepwater Horizon Incident,” (Nov. 15, 2012), available at

[23] See “In the Matter of G-Trade Services LLC, et al.,” Rel. No. 34-71128 at p.12 (Dec. 18, 2013) available at:

[24] See, e.g., “Philip Falcone and Harbinger Capital Agree to Settlement” Rel. No. 2013-159 (Aug. 19, 2013), available at; “JPMorgan Chase Agrees to Pay $200 Million and Admits Wrongdoing to Settle SEC Charges,” Rel. No. 2013-187 (Sept. 19, 2013), available at; “SEC Charges ConvergEx Subsidiaries With Fraud for Deceiving Customers About Commissions,” Rel. No. 2013-266, (Dec. 18, 2013), available at; “Scottrade Agrees to Pay $2.5 Million and Admits Providing Flawed “Blue Sheet” Trading Data,” Rel. No. 2014-17 (Jan. 29, 2014), available at; “Credit Suisse Agrees to Pay $196 Million and Admits Wrongdoing in Providing Unregistered Services to U.S. Clients,” Rel. No. 2014-39 (Feb. 21, 2014), available at; “SEC Charges Lions Gate With Disclosure Failures While Preventing Hostile Takeover,” Rel. No. 2014-51 (March 13, 2014), available at; N. Raymond & J. Stempel, “Wyly brothers' ex-lawyer settles SEC fraud case, admits errors,” Reuters (Mar. 20, 2014), available at

Return to Top