Category Archives: Investor Protection

Cryptoasset Developments: Prospects for Legal Clarity

by Kevin S. Schwartz, David M. Adlerstein, Samantha M. Altschuler, and Sabina M. Beleuz Neagu

Left to Right: Kevin S. Schwartz, David M. Adlerstein, Samantha M. Altschuler, and Sabina M. Beleuz Neagu (photos courtesy of Wachtell, Lipton, Rosen & Katz)

A resilient cryptoasset industry is emerging from weathering years of headwinds — from edicts prohibiting the banking of the industry, to an SEC leadership bent on aggressive regulation-by-enforcement in lieu of transparent rulemaking. Looking ahead, tailwinds abound: Bitcoin and Ether exchange-traded products, approved just this year, already have over $150 billion in assets under management. Leading financial institutions have announced plans to tokenize substantial new funds on public blockchains. And tens of millions of Americans own cryptoassets, as use cases continue to proliferate — from payments for goods and services, both on- and off-blockchain; to decentralized financial (DeFi) platforms; to the authentication of content provenance (an essential need amidst AI’s rapid development). With a new Administration and Congress in the offing, there are at last prospects for regulatory clarity in an arena long clouded by uncertainty.

Continue reading →

An Update on SEC Cybersecurity Reporting

by Scott Kimpel

Photo courtesy of Hunton Andrews Kurth LLP

As we approach the one-year anniversary of the effective date of the U.S. Securities and Exchange Commission (“SEC”) reporting rules on Form 8-K for material cybersecurity incidents, we provide a high-level overview of the last year’s developments.

Background on SEC Reporting Rules

Under the SEC’s rules, Item 1.05 of Form 8-K generally requires public companies in the United States to disclose material cybersecurity incidents within four business days of determining that the incident is material. The disclosure must contain the nature, scope and timing of the incident and the impact or reasonably likely impact of the incident on the company, its financial condition and its results of operations. For these purposes, SEC rules define “cybersecurity incident” to include “an unauthorized occurrence, or a series of related unauthorized occurrences, on or conducted through a registrant’s information systems that jeopardizes the confidentiality, integrity, or availability of a registrant’s information systems or any information residing therein.”

Continue reading →

SEC Acting Director of Enforcement Delivers Remarks at PCCE’s Fall Conference

On November 22, 2024, the NYU Law Program on Corporate Compliance and Enforcement (PCCE) hosted a conference titled “New Directions in Corporate and Individual Enforcement.” At the conference, Sanjay Wadhwa, Acting Director of Enforcement, Securities and Exchange Commission (SEC), delivered remarks on the SEC’s enforcement priorities and enforcement policy, which are reprinted below and available on the SEC’s website here. After his remarks, Wadhwa participated in a fireside chat with PCCE’s Executive Director, Joseph Facciponti.

Sanjay Wadhwa (©Hollenshead: Courtesy of NYU Photo Bureau)

Good afternoon. Thank you to the Program on Corporate Compliance and Enforcement for the opportunity to speak to you all.

Continue reading →

Cyber Experts React to Court Decision in the SEC’s SolarWinds Enforcement Action

Editor’s Note: PCCE has been watching the developments in the SEC’s enforcement action against SolarWinds and its CISO over allegedly misleading disclosures and controls failures related to the compromise of its Orion product by putative Russian hackers. In this post, cybersecurity experts and lawyers discuss the recent decision by U.S. District Judge Paul Engelmayer to dismiss most of the SEC’s claims in the case.

Top left to right: Randal Milch, Judy Titera, James Haldin, and Alan Wilson. Bottom left to right: Matthew Beville, Elizabeth Roper, and Jerome Tomas. (Photos courtesy of authors)

Continue reading →

Biden Administration Releases Proposed Rule on Outbound Investments in China

by Paul D. Marquardt and Kendall Howell

From left to right: Paul D. Marquardt and Kendall Howell (Photos courtesy of Davis Polk & Wardwell LLP)

The Biden administration released its proposed rule that would establish a regulatory framework for outbound investments in China, following its advanced notice of proposed rulemaking released last August.

On June 21, 2024, the U.S. Department of the Treasury (Treasury) released its long-awaited notice of proposed rulemaking that would impose controls on outbound investments in China (the Proposed Rule). The Proposed Rule follows Treasury’s advanced notice of proposed rulemaking (the ANPRM) released in August 2023 (discussed in this client update) and implements the Biden administration’s Executive Order 14105 (the Executive Order), which proposed a high-level framework to mitigate the risks to U.S. national security interests stemming from U.S. outbound investments in “countries of concern” (currently only China). Like the Executive Order and ANPRM, the Proposed Rule reflects an effort by the Biden administration to adopt a “narrow and targeted” program and is in large part directed at the “intangible benefits” of U.S. investment (e.g., management expertise, prestige, and know-how), rather than capital alone.[1]

Continue reading →

Supreme Court Punches SEC APs Right in the Seventh Amendment

by Andrew J. Ceresney, Charu A. Chandrasekhar, Arian M. June, Robert B. Kaplan, Julie M. Riewe, Kristin A. Snyder, and Jonathan R. Tuttle

Top left to right: Andrew J. Ceresney, Charu A. Chandrasekhar, Arian M. June, and Robert B. Kaplan. Bottom left to right: Julie M. Riewe, Kristin A. Snyder, and Jonathan R. Tuttle. (Photos courtesy of Debevoise & Plimpton LLP)

Recently, in a long-awaited ruling with significant implications for the securities industry and administrative agencies more generally, the U.S. Supreme Court affirmed the Fifth Circuit’s decision in Jarkesy v. SEC, holding that the Seventh Amendment right to a jury trial precluded the U.S. Securities and Exchange Commission (the “SEC”) from pursuing monetary penalties for securities fraud violations through in-house administrative adjudications. The key takeaways are:

The Court’s ruling was limited to securities fraud claims, but other SEC claims seeking legal remedies may be impacted, as well as claims by other federal agencies that may have been adjudicated in-house previously.
We expect that the SEC will continue its practice of bringing new enforcement actions in district court, except when a claim only is available in the administrative forum.
Because of the majority decision’s focus on fraud’s common-law roots, the decision raises questions about whether the SEC may bring negligence-based or strict liability claims seeking penalties administratively.
The Court did not resolve other constitutional questions concerning the SEC’s administrative law judges, including whether the SEC’s use of administrative proceedings violates the non-delegation doctrine and whether the SEC’s administrative law judges are unconstitutionally protected from removal in violation of Article III.
We anticipate additional litigation regarding these unresolved issues.

Continue reading →

SEC Staff Provides Guidance on Cyber Form 8-K Reporting

by Scott Kimpel

Photo courtesy of Hunton Andrews Kurth LLP

On May 21, 2024, staff of the U.S. Securities and Exchange Commission (“SEC”) published additional interpretive guidance on reporting material cybersecurity incidents under Form 8-K.

Since December 18, 2023, when the SEC’s rules for reporting material cybersecurity incidents under Item 1.05 on Form 8-K took effect, we have identified 17 separate companies that have made disclosures under the new rules. Since that date, several other companies also have made disclosures regarding cybersecurity incidents under other Form 8-K items. A large majority of those companies reporting under Item 1.05 have either not yet determined that the triggering incident was material, or determined that the event was in fact immaterial.

Continue reading →

Crypto Experts React to Recent SDNY Ethereum Fraud Indictment

The NYU Law Program on Corporate Compliance and Enforcement (PCCE) is following the U.S. Attorney’s Office for the Southern District of New York’s recent indictment of two individuals for allegedly attacking and stealing $25 million from the Ethereum blockchain. The indictment in the case, United States v. Peraire-Bueno, 24 Cr. 293 (SDNY), is available here. Below, several crypto experts and former prosecutors provide their reactions to the case.

Left to right: Maria Vullo, Daniel Payne, Elizabeth Roper, Usman Sheikh, Justin Herring, and Robertson Park (photos courtesy of the authors)

Continue reading →

Cross-Border Implications of the FCA’s Consultation Paper on Publishing Information About the Opening and Progress of Investigations

by Michael A. Asaro, James Joseph Benjamin Jr., Ezra Zahabi, and Joe Hewton

From left to right: Michael A. Asaro, James Joseph Benjamin Jr., Ezra Zahabi, and Joe Hewton. (Photos courtesy of Akin Gump Strauss Hauer & Feld LLP).

Last month, the United Kingdom Financial Conduct Authority (FCA) announced that it is considering new procedures under which it would publicly identify firms that are under investigation as soon as the investigation has been opened.[1] The consultation period closes on April 30, 2024. (See our recent client alert here). The proposed new approach—which, if adopted, would be a dramatic break from historical practice—would result in public disclosure before any charges have been filed and before the FCA has determined whether the firm actually did anything wrong. In this article, we draw comparisons between the investigation disclosure regimes in the U.K. and the United States. We also provide commentary on the FCA’s proposals.

Continue reading →

AI in the 2024 Proxy Season: Managing Investor and Regulatory Scrutiny

by William Savitt, Mark F. Veblen, Kevin S. Schwartz, Noah B. Yavitz, Carmen X. W. Lu, and Courtney D. Hauck

Top from left to right: William Savitt, Mark F. Veblen, and Kevin S. Schwartz.
Bottom left to right: Noah B. Yavitz, Carmen X. W. Lu, and Courtney D. Hauck. (Photos courtesy of Wachtell, Lipton, Rosen & Katz)

Corporate disclosures concerning artificial intelligence have increased dramatically in the past year, with Bloomberg reporting that nearly half of S&P 500 companies referenced AI in their most recent annual reports. And some investors are clamoring for even more, using shareholder proposals to press public companies for detailed disclosures concerning AI initiatives, policies, and practices — including, most recently, an Apple shareholder proposal that attracted significant support at a meeting last week. Regulators, meanwhile, have signaled increasing scrutiny of AI-related corporate disclosures, including in a February speech by SEC Chair Gensler cautioning against “AI washing” — the practice of overstating or misstating corporate AI activity. For the 2024 proxy season and beyond, public companies will need to balance the competing demands of regulators and investors, in order to craft effective, responsive strategies for engaging with their stockholders on AI topics.

Continue reading →