The Cyber and Analytics Unit within the Member Supervision program of the Financial Industry Regulatory Authority, Inc. (“FINRA”) recently published a cybersecurity advisory regarding increasing cybersecurity risks at third-party providers (the “Cybersecurity Advisory”). The Cybersecurity Advisory highlights third-party risks to FINRA member firms and effective practices to mitigate such risks.  

FINRA’s advisory comes at a time when third-party cyber risk is regularly in the headlines.  The Cybersecurity Advisory cites to several third-party incidents in the recent past that impacted member firms, such as the 2023 MOVEit incident, which has been monitored by FINRA over the last year. While the Cybersecurity Advisory does not establish new legal or regulatory requirements, FINRA urges member firms to consider the advisory as they review or update their existing third-party outsourcing/vendor, including cybersecurity, policies and practices. 

Read our Legal Update.

Seminar | Wednesday, October 16, 2024
8:00am – 5:00pm EDT
Register here.

Mayer Brown is pleased to sponsor SIFMA’s C&L Regional Seminar in New York City. C&L Regional Seminars gather compliance and legal professionals working in the financial services industry to share best practices, informative content and focused networking opportunities in the increasingly complex and changing regulatory and compliance arenas.

The SEC recently published its report on the 2024 Government-Business Forum on Small Business Capital Formation.  The Forum addresses a range of issues affecting small businesses, including smaller public companies.  The SEC’s Office of the Advocate for Small Business Capital Formation leads the Forum.  The following fifteen policy recommendations, which range from recommendations related to privately held growth companies to smaller public companies, emerged from the Forum:

  • Support entrepreneurs, including underrepresented founders, with modernized educational resources to allow businesses to better understand how to access capital, including capital from investors
  • Expand the accredited investor definition to include additional measures of sophistication, including through an investor course or test
  • Establish a regulatory framework for finders that includes an exemption from broker-dealer registration and helps facilitate small business capital formation
  • Expand regional, federal, and state options available for non-dilutive funding to support the earliest stages of entrepreneurship
  • Ensure capital raising rules provide equitable access to capital for underrepresented founders and investors
  • Bolster and expand tax incentives that promote equity ownership and drive investment in the startup and small business ecosystem
  • Focus SEC rulemaking efforts on reducing administrative and regulatory burdens on small business and their investors to improve capital allocation efficiency
  • Support underrepresented emerging fund managers—specifically diverse and women managers—who are building funds that diversify capital allocation, engage sophisticated investors, and challenge pattern matching trends
  • Support companies that offer equity ownership to employees and gig workers, and support policies that would better enable employee-owners to realize the value of their equity through transparency, appropriate tax policy, and access to secondary liquidity 
  • Expand venture capital funds’ qualifying investments to include fund-of-funds investments in other venture capital funds and investments acquired through secondary transactions
  • Increase the $75 million public float threshold in the accelerated filer definition so that only larger filers are required to provide an auditor attestation of management’s assessment of internal control over financial reporting over Section 404(b) of the Sarbanes-Oxley Act
  • Revise the “small entity” definition under the Regulatory Flexibility Act to better assess the regulatory costs of compliance for small and growing businesses
  • Improve public trading for small companies by requiring more disclosures about short selling, institutional holdings, insider and affiliate holdings and transactions, paid stock promotion and information about the security from transfer agents
  • Revise the public float and revenue thresholds for smaller reporting companies and accelerated filers to be rolling averages instead of thresholds determined on a particular date
  • Revise Section 12(g) of the Securities Exchange Act of 1934 to remove the threshold for non-accredited investor holders and increase the asset threshold to $20 million

In commenting on the views of participants with respect to the challenges facing smaller public companies, the report notes that participants identified the principal challenge confronting smaller public companies as the cost of compliance.  This was followed, in turn, by the burden of reporting requirements, and by trading volume concerns.  Participants noted that the top priority for smaller public companies when it comes to their investors and shareholders was attracting more institutional investors.  The next most significant priorities were engaging with investors and generating return on investment.  Generally, the Forum recommendations have been considered by the SEC in connection with rulemaking.

A broker-dealer (the “Dealer”) entered into a cease-and-desist order with the Securities and Exchange Commission for failing to maintain and enforce written policies and procedures reasonably designed to achieve compliance with the Compliance Obligation of Regulation Best Interest (“Reg BI”), thus willfully violating the General Obligation of Reg BI.

The Dealer had written policies in place to ensure compliance with Reg BI with respect to offers and sales of structured notes.  However, there was a breakdown in compliance with these procedures, which occurred over several years.  Pursuant to the written procedures, registered representatives were required to determine that an investor’s investment profile met the Dealer’s requirements for sales of structured notes, and that concentration limits in the investor’s account were not exceeded.  Investors were required to sign forms acknowledging that they received the prospectus describing the fees, understood the Dealer’s fees and that structured products are buy-and-hold investments involving principal risk, among other acknowledgments.  The Dealer had a review function to ensure that Reg BI’s requirements were met.  The review function reviewed the customer’s documents, and would flag a recommendation that was not compliant with Reg BI.  Non-compliant trades caused an exception report, which had to be resolved within a specified period (often, after the transaction had occurred).  Consequently, several hundred transactions occurred for which the exception report was not timely cleared or a customer acknowledgment of understanding a recommendation to sell one structured note and replace it with another was not reviewed. 

The Dealer acquired another broker-dealer (the “Acquired Dealer”).  Recommendations of structured notes by the registered representatives of the Acquired Dealer did not mesh with Dealer’s compliance system, causing exception reports generated from sales by the Acquired Dealer not to be flagged for a significant period.  The Dealer’s failure to resolve known compliance system deficiencies related to the acquisition of the Acquired Dealer and to maintain and enforce its Reg BI compliance procedures were found to be a violation of the Reg BI General Obligation.

Read the SEC’s cease-and-desist order and press release.

The Securities and Exchange Commission recently announced that it will host a compliance outreach program on November 7, 2024 (see the program’s agenda) on Advisers Act and Investment Company Act related topics.  The agenda covers a broad array of issues from exam priorities and enforcement activities to areas that have been the topic of recent rulemaking.  For example, there will be a discussion of cybersecurity, including Regulation S-P, as well as oversight of third-party vendors and off-channel communications.  The Investment Company Act topics include disclosure trends, board oversight issues, and derivatives risk management, valuation, and the names rule.  Of course, a whole panel will be dedicated to the marketing rule, which continues to give rise to questions.  Among the “hot topics” to be covered, the agenda identifies crypto assets, artificial intelligence, the move to T+1, pre-IPO offerings and AML issues.

Webinar | September 25, 2024
2:30 p.m. – 3:30 p.m. EDT
Register here.

Earlier this week, the FDIC proposed rules related to FDIC pass-through insurance coverage. These rules could have a significant impact on bank-fintech partnerships, including some partnerships for programs that do not promise FDIC coverage to end customers. This webinar will analyze the proposed rules, and identify ways we think it could impact these partnerships (including some that may not be obvious). We’ll also weigh in on how industry leaders can shape the rule during the public comment period.  

We will be taking questions during the webinar, but please send us any questions you may have in advance. You can email your questions to FDICquestions@mayerbrown.com.

On September 17, 2024, the Securities and Exchange Commission announced cease-and-desist proceedings against eleven institutional investment managers for failure to file reports required by the Securities Exchange Act of 1934. The SEC’s orders require all of the firms to file the reports that Section 13(f) requires from institutional investment managers holding investment discretionary authority over at least $100 million in specified securities, generally equity securities listed in the United States and related securities. Two of the firms were also charged with violating the Exchange Act’s reporting requirement under Section 13(h) for “large traders,” a term defined to include parties investing more than $20 million in National Market System securities in a single calendar day or $200 million in a single calendar month.

The SEC’s orders all require the firms to cease and desist from their Exchange Act violations. Nine of the firms were assessed penalties ranging from $175,000 to $725,000. Two of the respondents were not fined, the SEC said, because they had reported their Exchange Act failures and had otherwise cooperated with the Commission’s enforcement staff. For the same reason, one respondent was not assessed a penalty for its failure to file large trader reports.

The respondents included two foreign advisers, one from Canada and another from Poland. The SEC’s decision to bring action against these two parties necessarily implies that the Commission believes that Sections 13(f) and 13(h) apply to qualifying institutional investment managers and to large traders outside the U.S. The actions under Section 13(h) appear to be only the second and third prosecutions the SEC has made under the provision, the first having been taken in 2023.

The Commission’s announcement of its actions is available here.

The Securities and Exchange Commission’s accelerated Schedule 13G filing deadlines become effective September 30, 2024. On October 10, 2023, the SEC adopted changes to Schedules 13D and 13G relating to beneficial ownership reports (the “Final Rules”). The Final Rules are intended to modernize the rules governing beneficial ownership reporting and generally shorten the period for initial and amended filings, clarify requirements for derivative securities and criteria for determining when persons are acting as a group, and require that certain information be provided in a structured, machine-readable data format. 

Deadlines for Schedule 13G filings depend on a person’s filing status as a qualified institutional investor, a passive investor or an exempt investor under the rules. The Final Rules require that an initial Schedule 13G be filed within 45 days following the quarter-end in which the qualified institutional investor or exempt investor crosses the 5% threshold or for passive holders within five business days of crossing the threshold. There are shorter applicable deadlines for qualified institutional investors and passive investors whose interests exceed the 10% threshold. Under the Final Rules, Schedule 13G filings must be amended within 45 days following the end of the calendar quarter in which a material change occurred.

See our Legal Update on the Final Rules.

The Securities and Exchange Commission let pass the deadline to seek a review of the decision by the US Court of Appeals for the Fifth Circuit (the “Fifth Circuit”) to vacate the SEC’s final rule relating to private fund advisers (the “Final Rule”). The SEC adopted the Final Rule on August 23, 2023. The Final Rule was designed to enhance the regulation of private fund advisers and protect investors who invest in private funds by preventing fraud, deception, or manipulation by the investment advisers to those funds. Read our Legal Update on the Final Rule. On June 5, 2024, a three-judge panel of the Fifth Circuit unanimously vacated the Final Rule after several industry and trade groups challenged the Final Rule, which would have caused a significant change to the regulation and operation of private funds. Read our Legal Update on the Fifth Circuit’s decision.

The SEC had until September 3, 2024, or 90 days from the Fifth Circuit’s final ruling, to file a petition for a writ of certiorari with the Supreme Court.

During the American Bar Association’s Business Law Section Fall Meeting, the International Securities Matter Subcommittee of the Federal Regulation of Securities Committee discussed recent market trends affecting foreign private issuers (FPIs) from Latin America and other emerging markets, including the below:

Increase in Initial Public Offerings (IPOs).  There is a notable increase in the number of foreign (non-U.S. domiciled) companies interested in conducting initial public offerings in the United States as opposed to Rule 144A offerings.

Different Jurisdictions for IPOs.  Companies are increasingly using entities domiciled in jurisdictions different from those in which they are headquartered in connection with undertaking their IPOs.  This strategy often serves to (i) mitigate political risk by reducing the stigma and political risks that may be associated with their home countries and (ii) permit issuers to adopt new corporate governance practices without the baggage associated with their home country’s regulatory environment.

Dual-Class Voting Mechanisms.  Dual-class voting structures are becoming more common.  This mechanism helps founding families maintain control over their businesses while monetizing their investments.  A dual-class structure may allow founders to maintain control and leverage the founders’ reputation.  For a highly leverage company, a dual class structure also might allow the issuer to avoid triggering a change of control in connection with the IPO or thereafter.  However, dual-share class companies often are not included in broad-based indices and some institutional investors perceive the entrenchment of control as a negative.   This might be addressed by implementing a sunset provision.

SEC Regulatory Philosophy.  In his remarks at the 2024 U.S.-China Symposium hosted by Harvard Law School, SEC Commissioner Mark T. Uyeda highlighted that SEC appears to be diverging from its historical view of providing certain accommodations to FPIs.  Recent regulations have increased compliance burdens for FPIs.

Auditor Concerns.  The subcommittee also discussed auditors’ concerns regarding hyperinflationary accounting, which poses significant challenges for companies operating in high-inflation environments.  Under the new Form 20-F rules, companies in hyperinflationary economies must include one year of financial statements and Management’s Discussion and Analysis.  However, this has raised some issues with respect to comfort letters and that has led issuers towards Rule 144A issuances.