Cyber Threats and Internal Accounting Controls
By Eric Johnson, Locke Lord LLP
On October 16, 2018, the Securities and Exchange Commission (“SEC”) issued an investigative report pursuant to Section 21(a) of the Securities Exchange Act of 1934 (the Exchange Act) warning public companies that become victims of cyber-related frauds that they may violate the federal securities laws if they fail to have a sufficient system of internal accounting controls. Under the Exchange Act, public companies are required to devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that transactions are executed with, or that access to company assets is permitted only with, management’s general or specific authorization.
As detailed in the report, the SEC’s Division of Enforcement investigated nine public companies that fell victim to cyber fraud resulting in millions of dollars of losses, most of which was not recovered. The SEC’s investigations focused on “business email compromises” (BECs) in which cyber criminals posed as company executives or vendors and used emails to dupe company personnel into sending money to bank accounts controlled by the criminals. In some cases, the frauds lasted for months and were only detected by third parties, including law enforcement. The FBI estimates that BECs have caused over $5 billion in losses since 2013. Although the SEC determined not to pursue any enforcement action against the investigated companies, it issued the report in the public interest to ensure public companies and other market participants are aware that spoofed or manipulated emails are a serious problem and should be taken into account when devising and maintaining a system of internal accounting controls.
While most of the media attention regarding cyberattacks focuses on stolen customer data, this is a timely reminder that a public company’s tangible assets, including cash, are a target for cyber criminals. As noted by SEC Chairman Jay Clayton, “Cyber frauds are a pervasive, significant, and growing threat to all companies, including our public companies. Investors rely on our public issuers to put in place, monitor, and update internal accounting controls that appropriately address these threats.”
SEC Tightens Alternative Trading Platform Oversight
By Jeff Kern and Kate Ross, Sheppard, Mullin, Richter & Hampton LLP
On July 18, 2018, the SEC ramped up its oversight of alternative trading systems (ATSs) by adopting a series of rule amendments imposing public disclosure requirements on ATSs that trade NMS (National Market System) stocks (i.e., stocks listed on a national securities exchange). The amendments also require ATSs to establish written procedures to protect subscribers’ confidential trading information. The amendments will take effect on October 9, 2018.
Under the amendments, a broker-dealer seeking to operate an ATS may not do so until it has made requisite disclosures to the SEC, and the SEC approves its eligibility to be exempt from registration as an exchange. Such disclosures occur via Form ATS-N, which seeks information regarding the ATS’s manner of operations, its managing broker-dealer, the broker-dealer’s affiliates, and the broker-dealer’s ATS-related activities. Once the SEC approves Form ATS-N, it will be publicly available on the SEC’s EDGAR system, which the ATS must link on its own website. Alternatively, the amendments create a process for the SEC to deny ATS status by declaring Form ATS-N filings ineffective, after providing notice and an opportunity to be heard. Before these amendments, an NMS stock ATS did not need to obtain the SEC’s approval before operating, and its disclosures to the SEC were deemed confidential.
According to the SEC, the amendments are crucial to boost the level of transparency required of NMS stock ATSs, as they have skyrocketed in number since ATSs began operating. In a public statement at an SEC open meeting, Chairman Jay Clayton noted that ATSs regularly compete with national securities exchanges for order flow of the same securities, yet there is a significant difference in the information that these platforms must share with the public. The recent rulemaking is meant to correct this disparity by ensuring that investors have access to information necessary to understand how ATSs work, and select the trading platform that best suits their needs.
Virtual Currencies May Be Commodities, Federal Judge Rules
By Marjorie J. Peerce and Matthew G. Kussmaul, Ballard Spahr LLP
The ongoing debate on whether virtual currencies with certain characteristics should be classified as commodities subject to regulation and enforcement by the Commodities Futures Trading Commission (CFTC) is the focal point of a recent federal case ruling.
In a closely watched fraud case, CFTC v. My Big Coin Pay, Inc., a Massachusetts federal judge recently denied the defendants' motion to dismiss on the basis, among others, that the court lacked subject matter jurisdiction. The defendants argued that because their purported digital currency—My Big Coin—is not a tangible good and no futures trading of My Big Coin occurred, it could not fit the Commodity Exchange Act's definition of a “commodity.”
As an initial matter, U.S. District Judge Rya Zobel found the defendants′ assertion of lack of jurisdiction was unfounded, and that their argument was really contesting the sufficiency of the CFTC′s allegations under Fed. R. Civ. P. 12(b)(6). Judge Zobel then ruled that the CFTC easily met its burden of pleading plausible allegations of fact in support of its claims, because virtual currency futures can be—and in fact are—traded.
Judge Zobel held that because Bitcoin futures are traded, any virtual currency can be subject to futures trading, writing in her decision: “Here, the amended complaint alleges that My Big Coin is a virtual currency and it is undisputed that there is futures trading in virtual currencies (specifically involving Bitcoin). That is sufficient, especially at the pleading stage, for [the CFTC] to allege that My Big Coin is a ‘commodity’ under the Act.” That futures in a particular virtual currency are not currently traded was, in Judge Zobel’s opinion, irrelevant.
Notably, Judge Zobel looked to U.S. Supreme Court cases interpreting federal securities law to find that the Commodity Exchange Act, and its definition of a “commodity,” should be “construed not technically and restrictively, but flexibly to effectuate their remedial purposes”.
The Court’s ruling reinforces market uncertainty about the law as it applies to virtual currencies and serves as a warning about engaging in transactions in this space.