Updated at 10:13 a.m.
Federal regulators continue to signal their desire that finserv companies self-report recordkeeping violations, according to recent statements made by the deputy director of the SEC’s Enforcement Division.
In comments during SEC Speaks, an event hosted by the Practising Law Institute, Sanjay Wadhwa addressed the agency’s ongoing crackdown on off-channel communications, defending its practices amid industry allegations that penalties are assigned at random. Since 2021, the recordkeeping crackdown has drawn fines of nearly $2 billion.
The SEC’s initiative has been active in recent weeks — on the very day of Wadhwa’s speech, the SEC announced a settlement with investment firm Senvest, which agreed to pay a $6.5 million penalty and improve its recordkeeping compliance procedures. In February, the agency fined 16 Wall Street firms a combined $81 million in fines over their use of ephemeral messaging apps and noted that one firm — Huntington — secured a considerably lower fine because it self-reported violations.
“The most prominent [factor] is not the company size or scope of the violations but whether or not a firm has self-reported them,” said Harriet Christie, COO of MirrorWeb, a messaging compliance provider. “We’ve seen some significantly reduced penalties to back this up in recent months. It feels like an opportune moment for companies to take that step, self-report on past lapses and establish the correct compliance procedures proactively in exchange for leniency from the regulator.”
Wadhwa’s comments further solidify the position of federal agencies, including the DOJ, that companies disclosing their own legal and regulatory violations is one potential path to reduced penalties, though Wadhwa also noted cooperation during investigations is another way companies may be able to cut their fines. He outlined six factors the agency weighs when determining recordkeeping fines:
- Firm size
- Scope of violations
- Efforts to comply with recordkeeping requirements
- Precedent
- Self-reporting
- Cooperation
“Those are some of the factors we consider when assessing what penalty to recommend in each action,” Wadhwa said. “While none of these is dispositive, I want to reiterate that self-reporting is the factor most likely to significantly lower the penalty we recommend.”
Matt Smith, co-founder and CEO of finserv compliance provider SteelEye, urges companies to take the olive branch the SEC is extending.
“Sanjay Wadhwa’s push for proactivity and self-reporting should serve as a beacon of hope, as it can lessen penalties when wrongdoing has occurred,” Smith said. “However, effective risk identification is key to successful self-reporting, underscoring the need for robust surveillance. … [T]hose attempting shortcuts have a target on their back that the SEC is not afraid to aim for.”
