Today, I’d like to answer those questions by first making clear the very real benefits of cooperating with Commission investigations, and then sharing with you five principles of effective cooperation — principles that you can use to not only guide conversations with clients making the decision to cooperate, but also as a roadmap in making the case for cooperation credit when advocating to Enforcement staff.
But first, as is customary, my remarks today are in my official capacity as Director of the Division of Enforcement, but do not necessarily reflect the views of the Commission, the Commissioners, or members of the staff.
The Benefits of Cooperation
As numerous recent enforcement matters have shown, there are real benefits to parties that cooperate with Commission investigations.[3] These benefits can affect both the charges and the remedies the Division may recommend, and that the Commission may ultimately impose.
On the charging side, we may recommend bringing reduced charges or we may decline to recommend charges altogether. On the remedies side, we may recommend reduced or even zero civil penalties. And where there’s been real remediation that addresses the misconduct, that may impact whether we recommend undertakings and, if we do, their scope.
Orders in a number of recent settled actions also highlight another benefit: a finding by the Commission that a party provided meaningful cooperation.[4] This lets parties publicly demonstrate their positive conduct in what may otherwise be an unfavorable context.
A key reason we recommend that the Commission reward cooperation is because it helps us move investigations more efficiently.[5] That benefits all parties to an enforcement investigation. For one, timely investigations and resolutions address misconduct, protect investors, and promote accountability. As I’ve spoken about before, all of that helps to enhance public trust and confidence in our markets.[6] And timely investigations that don’t result in enforcement recommendations also mean that the cloud of investigation doesn’t hang over an entity or an individual for longer than necessary.
Now, this doesn’t mean that if you do all of the things highlighted in recent orders discussing cooperation or what I discuss today, you’ll always get to a no penalty resolution or a declination. That’s because, as you know, all of this is highly fact dependent and there’ll always be situations where some charges and remedies are necessary no matter the level of cooperation. But the bottom line is this: you’re likely to experience better outcomes with cooperation than without it.
I’m sure there are those lawyers and clients, perhaps not in this room, that say, “hey, we’ll just take our chances that the SEC doesn’t learn of a violation or, if they do, we’ll cooperate then.” While you may have run the probabilities in your heads, I think that’s a very risky gamble, with the odds increasing in our favor every day. That’s because, given the success of the Commission’s whistleblower program, our improved use of data analytics, and our increased use of risk-based initiatives, it’s really no longer a question of if we’ll find out about a violation, but often when.[7]
Now, turning to the “Five Principles of Effective Cooperation” The behaviors that can earn cooperation credit from the Commission are no secret. They’re laid out in the Commission’s Seaboard Report and in its Policy Statement Concerning Cooperation by Individuals.[8] They include: self-policing, self-reporting, remediation and, broadly, cooperation. I’d like to share my views on each of them, as well as a fifth: collaboration, which, I think, is the throughline that runs across many of the recent matters where the Commission has rewarded cooperation.
Principle one: the best cooperation starts early and well before the SEC gets involved, with self-policing. By self-policing, you’re more likely to learn of issues earlier, which allows for earlier self-reporting. Effective self-policing begins with the tone at the top, even before a violation occurs or is discovered.[9] Here, these are some of the questions I’d ask: Are the leaders in an organization supporting a culture of compliance? Are they emphasizing both the need to stay within the lines and the importance of doing so? In other words, are they walking the walk? And importantly, are they supporting the compliance function through their words, actions, and with resources?
Another important aspect of self-policing is staying up-to-date on developments and risks. If new rules impact your operations or if recent enforcement actions highlight risk areas relevant to your business, it means evaluating whether you need to update your policies, procedures, and systems to stay apace and remain compliant.
Likewise, you need to ensure that your compliance policies keep pace with technological advances that affect your business.[10] Here, the current conversation around AI risks offers a timely example.[11]
In the end, showing that you had appropriate safeguards in place can also be important in establishing that any misconduct was not the result of an institutional failure or a lax tone at the top.
Principle two: once you discover a possible violation, self-report without delay. It’s okay to come in before you know all the facts. And you can even self-report when you think there is a possible securities law violation. You don’t have to be certain that there is one.[12]
While decisions around any internal investigations are yours to make, you also don’t need to conduct a complete internal investigation before coming in and speaking with us.[13]
The key here is to be upfront about what you’re still looking at and let us know if your understanding of the facts later change.
When we get that call from an entity indicating to us that they think they may have a problem, are starting to look into it, and will report back, it signals a number of things. It signals, for one, effective self-policing. It also signals a culture of proactive compliance. And it helps build credibility with the staff for when issues may arise in the future.
On the other hand, when market participants don’t self-report, not only are they likely to lose out on very significant benefits, but it may also raise questions about their supervisory systems and compliance function.[14]
Principle three: don’t stop with the self-report. Remediate. Effective remediation can further underscore a firm’s commitment to compliance and help them build a case for cooperation credit.
Depending on the circumstances of the conduct at issue, remediation can take many forms. But there are certain remedial measures that are applicable to any number of situations. They include disciplining or dismissing the actors responsible for the violations; strengthening relevant internal controls and policies and procedures; conducting training – or re-training – on the conduct at issue; hiring personnel with relevant expertise; clawing back or recovering certain executive compensation; and repaying harmed investors.[15]
The bottom line here is that the remediation has to be proactive and not undertaken solely because it’s been ordered as part of an enforcement action. It also has to be timely. The longer it takes to remediate, the more likely it is that the misconduct will reoccur. And it has to be meaningful enough to both address the misconduct and prevent it from happening again.
Let me pause here to answer a question that sometimes comes up at this point in the conversation, and that is: can a party still earn credit if it didn’t self-report? As recent Commission orders make clear, all is not lost if you fail to self-police or self-report.[16] You should still do what you can to remediate the violations and work with us.
For example, even if you didn’t self-report, you can still conduct a comprehensive, internal investigation, remediate the violations, repay harmed investors, and improve your compliance function. In the process, you may identify additional violations which you do self-report and remediate. That type of response has resulted in meaningful cooperation credit.[17]
All of this leads to the question: beyond self-policing, self-reporting, and remediating, what exactly do we mean when we talk about “cooperation”?
The answer lies in principle four: the type of cooperation that earns credit requires going above and beyond what’s legally required — more than simply complying with subpoenas without undue delay or gamesmanship. In fact, there is a lot that you can do beyond just fulfilling your clients’ legal obligations that can help us move investigations forward. For example, you have a better sense than we do of how your client maintains documents, what its internal processes are, and who may have relevant evidence. After you receive a request, you can connect with the Enforcement team to discuss what kinds of documents may contain responsive material, how responsive items are maintained, and how voluminous the records are.
If our requests, as drafted, don’t capture relevant materials, you can also flag that for us. If you are aware of other relevant evidence that is wholly beyond our requests, you can tell us and we can discuss whether you should gather and produce those materials.
In short, you can help focus our requests, preventing overly broad document requests on our end and document dumps on your end, thereby ensuring that our requests get us the information we need to complete our investigation.
When producing documents, there’s also more that parties can do to potentially earn cooperation credit.[18] For example, you can flag and offer to explain hot documents and how they fit into the larger picture.[19] If responsive documents are in a language other than English, you can offer to translate them.[20]
And when it comes to witnesses, as with documents, you likely have quicker access to relevant witnesses than we do, especially if they’re overseas or hard to reach, and you will likely have a better sense of who really knows what. You can help us identify who to speak with to get the information we need. Once we identify what interviews or testimony we need, you can then help facilitate those interviews or testimony.[21]
Odds are, doing this will help us target the witnesses and testimony we need and avoid what we don’t. That not only makes our investigation more efficient, but, as with targeted document productions, it also reduces disruptions to your client’s operations
There are other examples of effective cooperation. If your client conducted an internal investigation, you can offer to present its findings.[22] If your client conducted interviews as part of that internal investigation, you could also summarize those interviews for us.[23] We will, of course, work with you to do all of this in a way that does not invade the attorney-client privilege.
In the end, we’re always going to conduct our own analyses and draw our own conclusions. We are not asking you to do our work for us and none of what I’ve described is required. But these are the very types of behaviors that have resulted in meaningful cooperation credit in recent Commission orders.
Principle five: collaborate with Enforcement Staff early, often, and substantively. As should be clear by now, the best way to collaborate with us is by communicating with us.
Starting from your first contact with the SEC, whether that follows a self-report or the SEC reaching out to you, establishing good communication is crucial. Among other things, this allows you and the Enforcement team to quickly discuss any issues that arise as I’ve already highlighted.
The frequency and format of these communications will, of course, depend on the needs of the case and what you and the Enforcement team think is helpful. And it may change over the lifespan of an investigation.
The quality of the communications is also important. As should also be apparent from the examples I’ve shared, communications that provide relevant, fact-based context about an investigation can help simplify issues and move things forward. So can communications that provide transparency into things like a party’s document environment, what’s been done in the search and collection process, and even what tools may be available to increase efficiency in the production.
Conversations like these not only give Enforcement staff a meaningful opportunity to assess the reasonableness of a party’s response, but they also give parties an opportunity to establish credibility with the staff. Because, keep in mind, during the course of an investigation, we are typically receiving information from multiple other sources and individuals with knowledge.
* * *
Cooperation doesn’t mean that parties have to agree with our ultimate conclusions. There’s always an opportunity for good faith conversation and for zealous advocacy and argument about the ultimate merits of a case. But what it does mean is that the end goal of all enforcement investigations – to determine whether or not violations have occurred and, if they have, to punish violative conduct and improve compliance – must be a shared one. That means that the investigative process should be a collaborative one, not one based on gamesmanship and dilatory tactics on either side.
While this speech is directed at the members of the Bar, these are principles of cooperation and collaboration that we have made and will continue to make clear to Enforcement staff, as well, because they are mutually beneficial.
In the end, a cooperative and collaborative approach, guided by the principles I’ve outlined today, can help put you and your clients in the best position to get cooperation credit.
So, while an enforcement investigation has the potential to feel like an adversarial process, it doesn’t have to be.
ENDNOTES
[1] See, e.g., Gurbir S. Grewal, Dir., Div. of Enforcement, U.S. Sec. & Exch. Comm’n, “Remarks at Securities Enforcement Forum West 2022” (May 12, 2022), available at https://www.sec.gov/news/speech/grewal-remarks-securities-enforcement-forum-west-051222.
[2] This guidance includes the Commission’s 2001 Seaboard Report, where the Commission articulated an analytical framework for evaluating cooperation by companies [Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934 and Commission Statement on the Relationship of Cooperation to Agency Enforcement Decisions, Securities Exchange Act Release No. 44969 (Oct. 23, 2001) (the “Seaboard Report”), available at http://www.sec.gov/litigation/investreport/34-44969.htm] and the 2010 Policy Statement of the Securities and Exchange Commission Concerning Cooperation by Individuals in its Investigations and Related Enforcement Actions, Securities Exchange Act Release No. 61340 (Jan. 13, 2010), available at http://www.sec.gov/rules/policy/2010/34-61340.pdf. It also includes public declinations by the Commission that discuss the benefits of cooperation. See, e.g., Litigation Release No. 22298, SEC, “SEC Credits Former Axa Rosenberg Executive for Substantial Cooperation during Investigation” (March 19, 2012), available at https://www.sec.gov/litigation/litreleases/lr-22298. In addition, the Division’s Enforcement Manual includes an extended discussion concerning the relevant tools and analytical frameworks for cooperation. See Securities and Exchange Commission Division of Enforcement, Enforcement Manual, § 6 (Nov. 28, 2017), available at https://www.sec.gov/divisions/enforce/enforcementmanual.pdf. Prior Enforcement Directors have also highlighted the benefits of cooperation and the framework for assessing it. See, e.g., Andrew Ceresney, Dir., Div. of Enforcement, U.S. Sec. & Exch. Comm’n, “The SEC’s Cooperation Program: Reflections on Five Years of Experience,” Remarks at University of Texas School of Law’s Government Enforcement Institute in Dallas, Texas (May 13, 2015), available at https://www.sec.gov/news/speech/sec-cooperation-program.
[3] Over the last several years, the Commission has articulated the benefits of cooperation in a number of settled orders, some of which are collected in this footnote: See, e.g., In the Matter of Cloopen Group Holding Limited (Feb. 6, 2024), Admin. Proc. File No. 3-21844) (settled order) (“Cloopen OIP”), available at www.sec.gov/files/litigation/admin/2024/34-99483.pdf; In the Matter of Perella Weinberg Partners LP; Tudor, Pickering, Holt & Co. Securities LLC; and Perella Weinberg Partners Capital Management LP, Admin. Proc. File No. 3-21769 (Sept. 29, 2023) (settled order) (“Perella Weinberg OIP”), available at https://www.sec.gov/files/litigation/admin/2023/34-98632.pdf; In the Matter of GTT Communications, Inc. (Sept. 25, 2023), Admin. Proc. File No. 3-21708 (settled order) (“GTT OIP”), available at www.sec.gov/files/litigation/admin/2023/33-11241.pdf; In the Matter of CBRE, Inc., Admin. Proc. File No. 3-21675 (Sept. 19, 2023) (settled order) (“CBRE OIP”), available at https://www.sec.gov/files/litigation/admin/2023/34-98429.pdf; In the Matter of Monolith Resources, Admin. Proc. File No. 3-21629 (September 8, 2023) (settled order) (“Monolith Resources OIP”), available at https://www.sec.gov/files/litigation/admin/2023/34-98322.pdf; In the Matter of View, Inc. (July 3, 2023), Admin. Proc. File No. 3-21505 (settled order) (“View OIP”), available at www.sec.gov/files/litigation/admin/2023/33-11208.pdf; In the Matter of Stanley Black & Decker, Inc., Admin. Proc. File No. 3-21497 (June 20, 2023) (settled order) (“Stanley Black & Decker OIP”), available at https://www.sec.gov/files/litigation/admin/2023/34-97761.pdf; In the Matter of Stephen J. Easterbrook and McDonald’s Corporation, Admin. Proc. File No. 3-21269 (Jan 9, 2023) (settled order) (“McDonald’s OIP”), available at www.sec.gov/files/litigation/admin/2023/33-11144.pdf; In the Matter of Cronos Group Inc., Admin. Proc. File No. 3-21215 (Oct. 24, 2022) (settled order) (“Cronos OIP”), available at https://www.sec.gov/files/litigation/admin/2022/33-11123.pdf; In the Matter of Surgalign Holdings, Inc., and Robert P. Jordheim, Admin. Proc. File No. 3-20945 (Aug. 3, 2022) (settled order) (“Surgalign OIP”), available at https://www.sec.gov/files/litigation/admin/2022/33-11088.pdf; In the Matter of Bloom Protocol, LLC, Admin. Proc. File No. 3-20952 (Aug. 9, 2022) (settled order) (“Bloom Protocol OIP”), available at https://www.sec.gov/files/litigation/admin/2022/33-11089.pdf; In the Matter of Voxeljet AG and Rudolf Franz, Admin. Proc. File No. 3-20923 (July 1, 2022) (settled order) (“Voxeljet OIP”), available at https://www.sec.gov/files/litigation/admin/2022/34-95193.pdf; Press Release, SEC, “Remediation Helps Tech Company Avoid Penalties” (Jan. 28, 2022) (“HeadSpin Press Release”), available at https://www.sec.gov/news/press-release/2022-14; In the Matter of ProPetro Holding Corp. and Dale Redman, Admin. Proc. File No. 3-20661 (Nov. 22, 2021) (settled order) (“ProPetro OIP”), available at https://www.sec.gov/files/litigation/admin/2021/33-11008.pdf.
[4] See, e.g., Cloopen OIP, ¶ 17 (“In determining to accept the Offer, the Commission considered Cloopen’s prompt self-report of accounting errors to the Commission’s staff, the cooperation provided by Cloopen throughout the Commission’s investigation, and the remedial measures undertaken by Cloopen.”).
[5] See, e.g., Seaboard Report (“When businesses seek out, self-report and rectify illegal conduct, and otherwise cooperate with Commission staff, large expenditures of government and shareholder resources can be avoided and investors can benefit more promptly.”).
[6] See, e.g., Gurbir S. Grewal, Dir., Div. of Enforcement, U.S. Sec. & Exch. Comm’n, “Remarks at Securities Enforcement Forum West 2022” (May 12, 2022) (“There is a perception among large segments of the population that corporate wrongdoers are not being held accountable and that there are two sets of rules: one for the big and powerful and another for everyone else. While there are many reasons for these beliefs and trends, delayed accountability does not help. That’s why, since day one, I’ve been asking staff to look for ways in which to push the pace of our investigations. The public needs to know when they read a news story about corporate malfeasance that we will move quickly to investigate what happened and hold wrongdoers accountable, even in the most complex cases.”), available at https://www.sec.gov/news/speech/grewal-remarks-securities-enforcement-forum-west-051222.
[7] The SEC received more than 40,000 tips, complaints, and referrals in fiscal year 2023. More than 18,000 of those came from whistleblowers, the most whistleblower tips ever received in one year. That record built on the record number of whistleblower tips received the prior year. Those numbers mirror the record awards the SEC has issued to whistleblowers in recent years, including a record of nearly $600 million awarded in fiscal year 2023. See Press Release, SEC, “SEC Announces Enforcement Results for Fiscal Year 2023” (Nov. 14, 2023), available at https://www.sec.gov/news/press-release/2023-234. The Enforcement Division also initiates investigations based on our proactive use of data-analytics, risk-based investigations, and other investigative tools, and based on referrals from other regulatory agencies.
[8] See Seaboard Report; Policy Statement of the Securities and Exchange Commission Concerning Cooperation by Individuals in its Investigations and Related Enforcement Actions, Securities Exchange Act Release No. 61340 (Jan. 13, 2010), available at http://www.sec.gov/rules/policy/2010/34-61340.pdf. See also Securities and Exchange Commission, Division of Enforcement, Enforcement Manual, § 6 (Nov. 28, 2017) (including discussion of analytical frameworks for cooperation), available at https://www.sec.gov/divisions/enforce/enforcementmanual.pdf.
[9] See, e.g., Seaboard Report (criteria that the SEC will consider includes, “How did the misconduct arise? Is it the result of pressure placed on employees to achieve specific results, or a tone of lawlessness set by those in control of the company? What compliance procedures were in place to prevent the misconduct now uncovered? Why did those procedures fail to stop or inhibit the wrongful conduct?”).
[10] See, e.g., Gurbir S. Grewal, Dir., Div. of Enforcement, U.S. Sec. & Exch. Comm’n, “PLI Broker/Dealer Regulation and Enforcement 2021” (Oct. 6, 2021) (“You need to be actively thinking about and addressing the many compliance issues raised by the increased use of personal devices, new communications channels, and other technological developments like ephemeral apps.”), available at https://www.sec.gov/news/speech/grewal-pli-broker-dealer-regulation-and-enforcement-100621.
[11] See, e.g., Gary Gensler, Chair, U.S. Sec. & Exch. Comm’n, “AI, Finance, Movies, and the Law,” Prepared Remarks before the Yale Law School (Feb. 13, 2024), available at https://www.sec.gov/news/speech/gensler-ai-021324.; Gurbir S. Grewal, Dir., Div. of Enforcement, U.S. Sec. & Exch. Comm’n, “Remarks at Program on Corporate Compliance and Enforcement Spring Conference 2024” (April 15, 2024), available at https://www.sec.gov/news/speech/gurbir-remarks-pcce-041524.
[12] See, e.g., Seaboard Report (“Did the company identify possible violative conduct and evidence with sufficient precision to facilitate prompt enforcement actions against those who violated the law?”) (emphasis added).
[13] See, e.g., Cloopen OIP, ¶ 18 (“Cloopen made the self-report within a few days of retaining outside counsel to conduct an internal investigation and before any significant steps had been taken as part of that investigation.”); Stanley Black and Decker, OIP ¶ 14(a) (“Prior to completing its internal investigation, SBD self-reported to the Commission staff the failure to disclose perquisites referred to herein and other conduct potentially implicating the federal securities laws.”); Cronos OIP ¶ 38(b) (“Upon learning of the potential for material accounting errors in reports previously filed with the Commission, and prior to the completion of its internal investigation, Cronos promptly self-reported to Commission staff, information related to potential violations of the federal securities laws in the first quarter and third quarter of 2019, and thereafter it self-reported information related to further potential violations in the second quarter of 2021.”).
[14] See, e.g., Andrew Ceresney, Dir., Div. of Enforcement, U.S. Sec. & Exch. Comm’n, “The SEC’s Cooperation Program: Reflections on Five Years of Experience,” Remarks at University of Texas School of Law’s Government Enforcement Institute in Dallas, Texas (May 13, 2015) (“Where Enforcement staff uncovers such misconduct ourselves, a natural question for us to ask is why the firm didn’t tell us about it. Was it because the firm didn’t know of the misconduct? If so, what does that say about the firm’s supervisory systems, compliance program, and other controls? On the other hand, if the firm did know about it, and the misconduct was significant, why didn’t the firm report it to us? There will be significant consequences in that scenario from the failure to self-report.”), available at https://www.sec.gov/news/speech/sec-cooperation-program.
[15] See, e.g., Cloopen OIP, ¶ 20; GTT OIP, ¶ 42; View OIP, ¶ 34; Cronos OIP, ¶ 38(d); ProPetro OIP, p. 8; CBRE OIP, ¶ 10; McDonalds OIP, ¶ 38; HeadSpin Press Release (“’For companies wondering what types of remedial actions and cooperation might be credited by the Commission after a company uncovers fraud, this case offers an excellent example,’ said Gurbir S. Grewal, Director of the SEC’s Division of Enforcement. ‘HeadSpin’s remediation and cooperation included not just its internal investigation and revised valuation, but also repaying harmed investors and improving its governance—all of which were factors that counseled against the imposition of a penalty in this case.’”).
[16] See, e.g., HeadSpin Press Release; Suralign OIP, ¶ 34 (“Surgalign and RTI provided substantial cooperation to the Commission’s staff throughout the investigation, including by disclosing information about conduct that the staff had not yet uncovered through its own investigation, conducting an internal investigation regarding this conduct, and providing the staff regular and detailed updates on the internal investigation and key documents identified through that investigation.”).
[17] See, e.g., Surgalign OIP, ¶ 34.
[18] See, e.g., GTT OIP, ¶ 42; View OIP, ¶ 33; Cloopen OIP, ¶ 19.
[19] See, e.g., View OIP, ¶ 33 (“Following its self-report, Respondent provided assistance to Commission staff, including: providing staff with detailed explanations and summaries of specific factual issues at all stages of the staff’s investigation; providing staff with detailed financial analyses from an outside consulting firm about the recorded warranty liabilities and other related issues….”); McDonalds OIP, ¶ 37.
[20] See, e.g., Cloopen OIP, ¶ 19.
[21] See, e.g., GTT OIP, ¶ 42; Cronos OIP, ¶ 38(c); View OIP, ¶ 33.; Cloopen OIP, ¶ 19.
[22] See, e.g., GTT OIP, ¶ 42 (“GTT…provided substantial cooperation, including by, among other things, providing multiple presentations concerning the findings from its internal investigation, including presentations made before it had reached final conclusions about the nature and scope of the relevant issues;….”); Stanley Black and Decker OIP, ¶ 14(b) (“SBD cooperated with the Commission’s investigation, including by providing to Commission staff facts developed through the internal investigation….”); Cronos OIP, ¶ 38(c) (“Cronos provided timely updates to Commission staff and voluntarily produced documents, reports, and other materials, including factual information learned during the course of its internal investigation into the material accounting errors.”); Voxeljet OIP, ¶ 31.
[23] See, e.g., Cloopen OIP, ¶ 19 (“Cloopen provided substantial cooperation to the Commission’s staff throughout the staff’s investigation, including…summarizing interviews of witnesses located in China”); View OIP, ¶ 33 (“Following its self-report, Respondent provided assistance to Commission staff,…including obtaining information from various employees….”).
These remarks were delivered on May 23, 2024, by Gurbir Grewal, director of the Division of Enforcement at the U.S. Securities and Exchange Commission, at the Securities Enforcement Forum West 2024 in Silicon Valley, California.