The Securities and Exchange Commission

In enforcement matters, the US Securities and Exchange Commission (SEC) routinely requires companies, broker dealers, investment advisers and others to engage a monitor when there is a concern that a defendant organisation does not have effective internal compliance programmes or internal control systems to prevent the recurrence of the misconduct identified by the government investigation. A compliance monitor is appointed, therefore, as ‘an independent third party who assesses and monitors a company’s adherence to the compliance requirements of an agreement that was designed to reduce the risk of recurrence of the company’s misconduct’.^[2]

Most of the information about how the SEC uses monitors and when it thinks a monitor may be appropriate can be gleaned from the various settlements of its enforcement actions involving corporate entities.^[3] In addition, the SEC’s and the US Department of Justice’s (US DOJ) joint guidance on enforcement of the US Foreign Corrupt Practices Act (FCPA) (the Resource Guide) provides the most explicit general guidance on the SEC’s use of monitors and, in particular, which factors favour the imposition of monitorship.^[4] Because, from the SEC’s perspective, a violation of the FCPA is a books-and-records violation and – relatedly, to the extent that hidden bribes distort reported results and affect a company’s reported prospects and risks – a predicate of anti-fraud violations, the Resource Guide has wide application to most of the SEC’s enforcement cases.^[5]

Generally, the SEC, like the US DOJ, will seek to tailor the scope and duration of a monitorship to the nature of the violation, the quality and reliability of management, the resources of the defendant, and any other factors bearing on the likelihood of recurrence.^[6] Although monitorships can be very expensive and intrusive, they offer several benefits, including, when tailored narrowly, allowing a company to reduce the severity of penalties and collateral effects of an enforcement action. They can also provide the impetus, where necessary, for reforming a recalcitrant bureaucracy, and foster a culture and record of compliance that could help to address any future violations of law should compliance programmes fail again.^[7]

This chapter focuses on the SEC’s use of monitors, in particular the statutory authority for monitorships, historical use and analysis of prior monitors, and specific guidance issued by the US DOJ regarding monitorships.

Statutory authority for monitors

The SEC has sought the imposition of corporate monitors, or review persons, since at least 1980 in civil enforcement cases in federal courts by invoking the federal courts’ power to order ancillary relief attendant to statutory authorisation for courts to enjoin defendants from violating the federal securities laws in the future.^[8] At the time, there was no explicit authorisation for federal courts to order any such ancillary relief, but courts fairly uniformly had held that because Congress granted them the power to impose injunctions, they could rely on their general equitable powers to impose other remedies, such as monitorships, to ensure compliance with their order of injunction.^[9]

In 2002, Congress authorised the SEC to seek ‘equitable relief’ for the ‘benefit of investors’, ostensibly removing any need to rely on the courts’ inherent equitable powers to order monitorships.^[10] Arguably, explicit Congressional authorisation to order equitable relief for the benefit of investors supplants and narrows courts’ ability to use their equitable powers in aid of injunctions.^[11] Equitable relief in the Supreme Court’s jurisprudence has specific, narrowly defined contours: it must be the type of relief that was available to courts of equity at the time of the divided bench.^[12] An equitable remedy may not, therefore – and most importantly for present purposes – be punitive.^[13] A monitorship, it follows, must be tailored narrowly to facilitate injunctive relief and nothing more. Of course, as noted, most SEC monitorships are imposed by consent.^[14] However, understanding the limits of equity jurisdiction may be helpful to counsel to negotiate the narrowest possible monitorship scope on the theory that a broader scope may be ruled to be punitive and unenforceable by a court.

Similarly in administrative proceedings, the SEC is empowered to order a respondent to cease and desist from violating the securities laws.^[15] A cease-and-desist order may ‘require future compliance or steps to affect future compliance, either permanently or for such period of time as the Commission may specify’.^[16] The SEC interprets this provision as authorising imposition of monitors in administrative proceedings.^[17] This provision may be read as giving the SEC the ability to impose broader-scope monitorships than those that district courts may impose. Of course, these monitorships are also usually imposed by consent but, here too, counsel may be able to argue that, as a matter of statutory authorisation, the scope and duration of the monitorship must be tailored narrowly to affect future compliance with the SEC’s order and nothing more.

The SEC’s use of monitors

Case study: the expansive power of the monitor at WorldCom

The current use of SEC monitors stems in part from the spectacular corporate failures of Enron and WorldCom. In fact, WorldCom’s experience with monitorship – largely viewed as the first modern era monitorship – influenced the nature of the monitorships that followed. As discussed below, the WorldCom monitor began with a limited role. However, it was expanded incrementally until the monitor ultimately revamped the company’s entire corporate governance structure.^[18] That expansive role in WorldCom, and in other matters, has been the target of much criticism: observers have wondered to what extent a monitor, who is an agent of the court (or the SEC) rather than the shareholders, should be able to effectuate changes in corporate governance or dictate management decisions.^[19] An overview of the WorldCom monitorship is thus instructive as background to more recent trends regarding when a monitor will be imposed and the scope of that monitor’s review.

The SEC brought a civil enforcement action against WorldCom in 2002 alleging that the company’s managers fraudulently misstated the company’s income by more than US$9 billion.^[20] Among other remedies, the SEC requested that the court enter an order prohibiting document destruction and extraordinary payments to any present or former affiliate, or officer, director or employee, of WorldCom.^[21] The SEC then asked for the appointment of ‘a corporate monitor to ensure compliance’ with those two prohibitions.^[22]

Shortly after the complaint was filed, the SEC and WorldCom entered into a stipulation agreeing to the appointment of a monitor with ‘oversight responsibility with respect to all compensation paid by WorldCom’.^[23] Judge Jed S Rakoff of the Southern District of New York granted the requested relief and the parties jointly selected Richard Breeden, a former SEC chairman, as the corporate monitor.^[24] Despite the seemingly narrow scope of Mr Breeden’s original appointment, his authority at the company quickly expanded. The potential for an expansion of his authority, in fact, was explicitly recognised by the court as necessary when Mr Breeden was first appointed.^[25] Among other things, the court interpreted Mr Breeden’s role to monitor ‘compensation’ as including not only payments to executives but also any payments to advisers and consultants, such as investment bankers and attorneys.^[26] Then, after WorldCom filed for bankruptcy, Mr Breeden’s access to information about the company broadened. As a result of the bankruptcy, for example, the court explicitly allowed Mr Breeden to receive ‘complete information about every aspect of the business he deems relevant to his assessments’.^[27] Mr Breeden was then permitted by the court to attend all board meetings, to attend board committee meetings and to receive information about essentially anything he personally deemed necessary to his appointment.^[28]

The SEC eventually entered into a consent decree, or partial settlement, with WorldCom in November 2002.^[29] That decree further expanded Mr Breeden’s role, requiring him to review WorldCom’s future corporate governance policies.^[30] As one indication of his powers over the company, WorldCom stipulated in the settlement that it would adopt Mr Breeden’s recommendations even before his report was issued.^[31]

Mr Breeden eventually prepared a full report based on his investigation, making 78 recommendations for WorldCom to implement.^[32] Most of the proposals sought to increase shareholder participation and control of the company, while also limiting executive power and compensation.^[33] Among other corporate governance changes, he recommended a new legal and ethics compliance programme to ensure an improved corporate culture.^[34]

In summary, Mr Breeden’s activities at WorldCom were all-encompassing: they extended well beyond his initial charge to monitor ‘compensation’. He was making high-level decisions about WorldCom’s business.^[35]

Guidance post-WorldCom restrains and defines corporate monitors

While WorldCom acts as an initial case study of the modern era of corporate monitors, the recent trend and guidance, as discussed below, has been to tailor the role of monitors more narrowly.

Since WorldCom, the SEC has sought the appointment of monitors in a broad spectrum of civil and administrative enforcement proceedings across various aspects of the securities laws. For example, monitors have been imposed to:

• review and correct an organisation’s ‘policies, procedures, and practices relating to issuance and transfer of securities’ under the Securities Act;^[36]
• monitor various due diligence and compliance requirements under the Investment Advisers Act;^[37]
• review and recommend changes to an organisation’s policies relating to underwriting municipal securities under the Securities Act;^[38]
• review customer identification and anti-money laundering programmes under the Exchange Act;^[39]
• assess the effectiveness of an organisation’s policies and procedures to prevent FCPA violations;^[40]
• review investment adviser fee disclosures under the Investment Advisers Act;^[41] and
• correct procedures to prevent failures to supervise insider trading under the Investment Advisers Act.^[42]

Apart from the Resource Guide, which the SEC and the US DOJ jointly published in 2012 and updated in 2020, the SEC has not published additional guidance setting forth when, as a general matter, it would seek to impose a monitor and what form that monitorship would take. Nonetheless, as explained above, the Resource Guide is instructive for most, if not all, SEC matters. It explains:

In civil cases, a company may . . . be required to retain an independent compliance consultant ^[43] or monitor to provide an independent third-party review of the company’s internal controls. The consultant recommends improvements, to the extent necessary, which the company must adopt.^[44]

In the Resource Guide, the SEC and the US DOJ enumerated the following factors that they consider in determining whether a monitor is appropriate:

• Nature and seriousness of the offense
• Duration of the misconduct
• Pervasiveness of the misconduct, including whether the conduct cuts across geographic and/or product lines
• Risk profile of the company, including its nature, size, geographical reach, and business model
• Quality of the company’s compliance program at the time of the misconduct
• Subsequent remediation efforts and quality of the company’s compliance program at the time of resolution
• Whether the company’s current compliance program has been fully implemented and tested ^[45]

These factors demonstrate, as the SEC and the US DOJ concede, that: ‘Appointment of a monitor is not appropriate in all circumstances . . . but it may be appropriate, for example, where a company does not already have an effective internal compliance program or needs to establish necessary internal controls’.^[46] In other words, these factors demonstrate that the SEC’s decision regarding whether to impose a monitor will depend on its assessment that the organisation has an effective compliance programme and has otherwise demonstrated a commitment to compliance in its controls, remediation measures and corporate culture.

The Resource Guide is the only formal SEC guidance setting forth the factors that the SEC considers when deciding to impose a monitor. From the authors’ review of the consent decrees and administrative orders implementing monitors, those documents do not elaborate on the SEC’s criteria or analysis regarding when a monitor is appropriate. Rather, from these case-specific documents, one can glean general guidance as to the general terms and scope of monitorships.

In addition, US DOJ guidance informs how the SEC would analyse monitorships because the SEC and the US DOJ often work in parallel and impose a single monitor to assure compliance with both the federal securities laws and the criminal code.^[47] It is helpful, therefore, to review the evolution of the US DOJ’s guidance on monitorships from the first issuance of the Resource Guide in 2012, through the second edition in 2020 and beyond.

Morford Memorandum

In March 2008 (prior to the first edition of the Resource Guide), the then Acting Deputy Attorney General Craig Morford issued the US DOJ’s first memorandum relating to the scope and appointment of monitors.^[48] The Morford Memorandum governed the selection and use of monitors in deferred prosecution agreements and non-prosecution agreements with corporations. It established nine ‘principles’ – guidelines and decision-making procedures – for monitorship programmes, including the scope of monitors’ duties, reporting requirements and duration. In all these areas, the US DOJ stressed that a monitor’s responsibilities and his or her selection should be tailored to the limited scope of addressing the recurrence of the misconduct:

A monitor’s primary responsibility is to assess and monitor a corporation’s compliance with the terms of the agreement specifically designed to address and reduce the risk of recurrence of the corporation’s misconduct, and not to further punitive goals.^[49]

Along those lines, prosecutors were cautioned to be mindful not just of the ‘potential benefits’ of a monitor but ‘the cost’ as well.^[50] The Morford Memorandum’s treatment of each of the above-mentioned principles is analysed below.

Scope

The Morford Memorandum recommended that the scope of a monitor’s duties be limited to the misconduct at issue, stating that the monitor’s ‘primary responsibility’ is to assess and monitor a corporation’s compliance with those terms of the agreement ‘specifically designed to address and reduce the risk of recurrence of the corporation’s misconduct’.^[51]

Reporting requirements

The Morford Memorandum encouraged communications between the government, the corporation and the monitor, including as to the monitor’s recommendations.^[52] Organisations are not required to accept all the monitor recommendations; instead, the US DOJ guidance gave the corporation power to decide whether to implement the monitor recommendations, because the corporation and its officers ‘are ultimately responsible for the ethical and legal operations of the corporation’.^[53] If the corporation declines to adopt a recommendation by the monitor, the government considers both the monitor’s recommendation and the corporation’s reasons in determining whether the corporation has fulfilled its obligations under the agreement.^[54]

Duration

Finally, the Morford Memorandum recommended that the duration of a monitorship agreement be based on the following criteria:

• nature and seriousness of the offence;
• pervasiveness and duration of the misconduct;
• history of similar misconduct;
• nature of the corporate culture;
• complexity and scale of the agreed remedial measures; and
• stage of the remediation and corrective measures.^[55]

Benczkowski Memorandum

On 12 October 2018, Assistant Attorney General Brian Benczkowski issued a memorandum^[56] significantly expanding the US DOJ’s guidance regarding application, need, selection and scope of monitorships. First, although the Morford Memorandum applied only to deferred prosecution agreements and non-prosecution agreements, and specifically excluded plea agreements, the Benczkowski Memorandum clarified that the Criminal Division should apply the same principles to plea agreements that impose a monitor as long as the presiding court approves the agreement.^[57] Second, and more importantly, the Benczkowski Memorandum stressed, more so than the earlier guidance, that monitors were only appropriate in certain cases.^[58]

Third, the Benczkowski Memorandum further expanded the prior guidance by clearly outlining the process for selection and approval of an independent monitor candidate:

• nomination of monitor candidates by counsel for the company;
• initial review of monitor candidates by the Criminal Division attorneys handling the matter;
• preparation of a monitor selection memorandum by the Criminal Division attorneys handling the matter;
• review of a monitor candidate by a standing committee of prosecutors;
• review by the Assistant Attorney General; and
• approval by the Office of the Deputy Attorney General.^[59]

Notably, the Benczkowski Memorandum allows companies to designate their first-choice candidate to serve as the monitor.^[60]

Monaco Memorandum

On 28 October 2021, Deputy Attorney General Lisa Monaco issued a memorandum^[61] that revised, supplemented and superseded in part the Benczkowski Memorandum’s guidance on the necessity of monitors in corporate criminal matters (Part A).^[62] The Monaco Memorandum reiterates the two broad factors from the Benczkowski Memorandum on which prosecutors should rely in determining the need for and propriety of a monitor: ‘(1) the potential benefits that employing a monitor may have for the corporation and the public, and (2) the cost of a monitor and its impact on the operations of a corporation’.^[63]

However, the Monaco Memorandum takes a more expansive approach than the Benczkowski Memorandum in discussing when the US DOJ should impose a monitor:

In general, the Department should favor the imposition of a monitor where there is a demonstrated need for, and clear benefit to be derived from, a monitorship. Where a corporation’s compliance program and controls are untested, ineffective, inadequately resourced, or not fully implemented at the time of a resolution, Department attorneys should consider imposing a monitorship. This is particularly true if the investigation reveals that a compliance program is deficient or inadequate in numerous or significant respects. Conversely, where a corporation’s compliance program and controls are demonstrated to be tested, effective, adequately resourced, and fully implemented at the time of a resolution, a monitor may not be necessary.^[64]

Importantly, in a speech at the ABA’s 36th National Institute on White Collar Crime, Deputy Attorney General Monaco stated: ‘To the extent that prior [US DOJ] guidance suggested that monitorships are disfavored or are the exception, I am rescinding that guidance.’^[65] The Monaco Memorandum also notes that the US DOJ is ‘committed to imposing monitors where appropriate in corporate matters’.^[66] The Memorandum concludes by echoing prior guidance, that the scope of any monitorship must be ‘appropriately tailored’ to address the concerns that gave rise to the need for the monitor.^[67]

Recent case studies

Although the US DOJ, not the SEC, issued these memoranda, they will affect monitorships in which both the SEC and the US DOJ are involved. It is also likely to predict how the SEC may approach future monitorships in which it acts alone. For example, SEC Chair Gary Gensler has stated that the changes outlined in the Monaco Memorandum are ‘broadly consistent’ with his vision for handling corporate offenders.^[68] Moreover, in November 2018, after the publication of the Benczkowski Memorandum, the chair of the SEC’s FCPA unit, Charles Cain, said that the era of ‘cookie-cutter’ monitorships is over, and that authorities now tend to tailor a monitor’s appointment narrowly.^[69] Indeed, whereas early monitors such as Mr Breeden enjoyed unfettered access to all areas of WorldCom’s business, more recent administrative orders tie a monitor’s appointment to each specific area of misconduct identified in an order.

This trend is exemplified by the cases discussed below.

In re Stryker Corporation

One example of the more tailored approach to the scope of monitors’ responsibilities is illustrated in the September 2018 settlement reached between the SEC and Stryker Corporation (Stryker) for violations of the FCPA’s internal accounting controls, and books and records provision.^[70] The SEC’s investigation found that Stryker’s internal accounting controls failed (and were insufficient) to detect improper payments in respect of sales of Stryker’s products in India, China and Kuwait. The sales were made through Stryker’s wholly owned subsidiaries, as well as through third-party deals and distributors. The order also found that Stryker’s Indian subsidiary maintained deficient books and records.^[71] This case followed a 2013 consent settlement between Stryker and the SEC, in which Stryker had paid a US$3.5 million penalty and more than US$7.5 million in disgorgement to resolve related FCPA concerns.^[72]

Issued just a few weeks prior to the Benczkowski Memorandum, the settlement between the SEC and Stryker included a tailored monitorship limited to reviewing and making recommendations to improve Stryker’s internal controls, policies, and procedures relating to the use of, and transactions by, third parties. This narrow scope directly tied the monitor’s responsibility with the underlying charges against Stryker, which involved improper payments made by third parties.^[73] The factors enumerated in the Benczkowski Memorandum appear to be fully incorporated into the SEC’s order. For example, the ‘manipulation of corporate books and reports’ and an ‘inadequate compliance program’ (specific indicators of the need for a monitor mentioned in the Benczkowski Memorandum) are explicitly referenced in Stryker as deficiencies that led to the monitor implementation. Further, as Stryker was under a prior settlement with the SEC in 2013 for similar conduct, its lack of significant investment in, and improvements to, ‘its corporate compliance program and internal controls systems’ were clearly a factor in determining whether a monitor was necessary.^[74] Finally, consistent with the Benczkowski Memorandum and despite Stryker being a repeat offender, the SEC’s imposition of the monitor was still narrowly tailored to the specific conduct at issue in the investigation.

In re EFP Rotenberg, LLP

EFP Rotenberg, LLP (EFP Rotenberg), a registered public accounting firm, reached a settlement agreement with the SEC in July 2016 for violating Section 10A(a) of the Exchange Act.^[75] In connection with EFP Rotenberg’s audit of ContinuityX Solutions, Inc (ContinuityX), EFP Rotenberg failed to implement proper procedures to ‘obtain sufficient appropriate audit evidence that ContinuityX’s revenue was legitimate’, despite being aware of significant risk with ContinuityX’s reported revenues.^[76] EFP Rotenberg further failed to identify related party transactions, obtain appropriate evidence to support its audit opinion and resolve inconsistencies in document findings.^[77] As a result of this misconduct, ContinuityX’s Form 10-K contained several material misstatements and omissions of material fact.^[78]

In addition to censure, cease and desist and a US$100,000 fine, the SEC required EFP Rotenberg to retain an independent consultant to review and evaluate the company’s audit and interim review policies and procedures for a variety of conduct.^[79] Unlike the initial appointment in WorldCom, however, the SEC tailored the scope of the monitor’s appointment to specific conduct relevant to the investigation, including:

• ‘the exercise of due professional care’ in audits;
• ‘obtaining sufficient appropriate audit evidence’;
• checking ‘third-party confirmations’;
• ‘detecting and reporting misstatements resulting from illegal acts’;
• identifying and considering ‘the adequacy of the disclosures of related parties and related party transactions’;
• evaluating and relying on ‘management representations’;
• supervising ‘individuals working on audits’; and
• having ‘adequate audit documentation’.^[80]

Notably, and consistent with current guidance from the US DOJ memoranda, each of the items the monitor was to inspect was tied to a relevant deficiency in EFP Rotenberg’s controls that was referenced in the SEC’s order. The SEC also prevented EFP Rotenberg from retaining any new clients until the independent consultant certified compliance with the recommended changes.^[81]

In re Voya Financial Advisors, Inc

The SEC has turned its attention more recently towards enforcement actions involving cyber­security issues. These actions have used monitors as a remedy when the companies that are the subject of security breaches do not have adequate data security policies.

For example, in September 2018, the SEC concluded one such enforcement action in a matter involving Voya Financial Advisors, Inc (VFA). The conduct at issue invoked the Identity Theft Red Flags Rule (Regulation S-ID, Rule 201).^[82] This Rule requires investment firms to create and maintain a policy that safeguards customer information from identity theft and to pay attention to ‘red flag’ warning signs that hackers may be attempting to steal information.^[83] In 2016, hackers infiltrated VFA and gained access to personal information about 5,600 VFA customers by calling a support hotline and requesting password resets.^[84] Key to the SEC’s allegations was the fact that VFA’s security policy had not been updated for 10 years and it was not administered by the company’s senior management, as required by Rule 201.^[85]

In settling the SEC’s charges, VFA agreed to pay a US$1 million penalty and was required to undertake a list of remedial actions and engage a monitor.^[86] The monitor, termed a ‘compliance consultant’ in the settlement, was tasked with conducting a comprehensive review of VFA’s data security policies and procedures, specific to the violation.^[87]

This case demonstrates how the SEC is continuing to find new ways to use monitors to remedy alleged misconduct, while still tailoring the monitorship to the specific misconduct at issue and consistently with guidance.

In re The Options Clearing Corporation

The Options Clearing Corporation (OCC), the United States’ sole registered clearing agency for exchange-listed option contracts and a systemically important financial market utility, reached a settlement with the SEC and the Commodity Futures Trading Commission (CFTC) in September 2019 for failing to comply with the statutes and rules applicable to registered clearing agencies.^[88] Because registered clearing agencies are ‘an essential part of the infrastructure of the U.S. securities markets’, one that is not structured and operated appropriately ‘can pose substantial risk to the financial system as a whole’.^[89] The SEC found that OCC violated the Exchange Act by failing to establish and enforce policies and procedures involving financial risk management, operational requirements and the security of information systems.^[90] OCC also failed to obtain the requisite SEC approval before adopting numerous policies.^[91]

Accordingly, as part of the settlement, OCC had to engage an independent compliance auditor to assess its remediation of deficiencies, audit its compliance with certain provisions of the Exchange Act, and assess the hiring, qualifications and training of the personnel responsible for compliance with those Exchange Act provisions.^[92] OCC was also required to pay the SEC a civil monetary penalty of US$15 million and the CFTC a penalty of US$5 million.^[93] SEC Chairman Jay Clayton stated that the settlement was intended to ensure that OCC has the ‘appropriate policies and procedures in place to meet its obligations to [the US] financial system’.^[94] This enforcement marks the SEC’s first charges for violations of the SEC clearing agency standards adopted in 2012 and 2016.^[95]

SEC monitors: common elements

Examining administrative and civil federal court enforcement orders appointing monitors reveals certain common themes. While the scope of a monitor’s appointment will be tailored to the relevant misconduct that the SEC seeks to prevent, the terms of monitorships remain fairly consistent. Indeed, almost all monitor appointments will include the following elements:

• retention of an independent monitor or consultant by the organisation that is acceptable to the SEC. To ensure independence, the SEC often requires that the monitor has not provided any professional services to the organisation within a specified period (including as a former employee or board member);^[96]
• a ban on dismissing the monitor without approval from SEC staff and an express waiver against any claim that an attorney–client relationship exists between the company and the compliance monitor.^[97] This requirement prevents the company from withholding information on the basis that it communicated with the monitor on a privileged basis;
• a requirement that the company bear all costs and expenses associated with the monitor;^[98]
• a description of the business areas that the monitor is to review and evaluate;^[99]
• a requirement that the monitor be given reasonable access to company records, employees and information as required to properly evaluate and assess the specified areas;^[100] and
• a requirement that the monitor issue an initial report and provide a copy to the SEC within a specified period. This report will summarise the review, evaluate the business areas identified and make appropriate recommendations to mitigate risks in the specified areas.^[101]

In many cases, an organisation will also be required to adopt the recommendations contained within the initial report within a specific period.^[102] If the company believes that any recommendations are ‘unnecessary, unduly burdensome, impractical or inappropriate’, it may submit a written alternative proposal to the monitor and the SEC.^[103] The monitor and the organisation can then negotiate an alternative proposal within a specified period. If no agreement can be reached, the organisation must either abide by the original proposal or submit its objections to the SEC for consideration.^[104] In some instances, the organisation may be able to obtain a third party mediator to resolve the issue;^[105]

Following the recommendations, the organisation must eventually certify, within a specified period, that it has complied with the recommendations and implemented all required changes,^[106] and the monitor is required to re-examine the organisation at a later date to ensure it remains in compliance with the recommendations.^[107] The monitor will then issue a final report to the SEC and certify compliance.^[108]

While no two cases are identical, the most recent SEC orders requiring monitors generally include some form of the terms referenced here, with modifications based on the scope of the review, the length of the monitor appointment and the severity of the conduct.

Costs and benefits of SEC monitors

Generally, a corporate monitor imposed by the SEC can be beneficial for both the organisation and the SEC.^[109] The monitor can recommend, as well as help to implement and guide, necessary changes to an organisation’s internal system controls to prevent future investigations, penalties and fines by the SEC and other regulators. Further, agreeing to a monitor as part of a settlement could end any litigation or investigation sooner than it would otherwise, and could reduce penalties and ameliorate collateral consequences.

However, monitorships are expensive and often intrusive. That cost can be quite high, especially when the monitor has been empowered to oversee significant or large parts of the organisation’s operations or if the monitor’s tenure is for several years. An alternative, therefore, to an independent monitor that may be suggested in a settlement negotiation is the imposition of a self-monitoring arrangement that requires the entity to charge an independent committee of the board of directors to appoint an individual to make periodic reports on progress with undertakings and agree to report any reasonable suspicions of violations of the federal securities laws.^[110]

Conclusion

As SEC-imposed monitors have taken their modern form in the wake of WorldCom, the SEC’s use of monitors has become widespread across a variety of industries for a broad range of conduct. Although the use of monitors has expanded, recent trends and US DOJ guidance demonstrate that the SEC has shifted from seeking all-encompassing roles for monitors to roles that are more tailored to remediating the problematic behaviour outlined in the charging or settlement papers. Even with this narrower scope, an organisation should still carefully evaluate the benefits and costs of accepting a monitor appointment as part of the resolution of an SEC investigation. Monitor appointments are unlikely to wane in the near future and, in light of most recent US DOJ guidance, may even be used more frequently to aid the SEC’s regulatory function in a variety of contexts to protect the public from perceived recidivist corporate misconduct.

Footnotes