SEC’s increasing scrutiny trend bodes well for anti-fraud professionals

On July 19, 2021, the U.S. Securities and Exchange Commission (SEC) alleged that Aron Govil defrauded investors of over $7 million through a scheme using investor funds in two companies he controlled, Cemtrex Inc. and Telidyne Inc., for personal expenses. The SEC also alleged that Govil engaged in scalping, insider trading and failing to file required disclosures with the SEC.

Combining two ripe areas for fraud, Govil recruited investors to Telidyne that had created “Teli App,” a mobile application he claimed would allow users to trade cryptocurrency. Govil also promoted Teli App as a COVID-19 detection app. The enforcement division found both claims to be false and assessed a civil penalty of $620,000. (See “SEC Files Charges in Multi-Million Dollar Fraud Involving Two Companies,” SEC, July 19, 2021.)

The Govil case is just one example of recent increased SEC enforcement cases we’ve analyzed in a study we conducted. We hand-collected scores of the SEC’s Accounting and Auditing Enforcement Releases (AAER) for fiscal years ending 2021 to 2023 — the first years of Chairman Gary Gensler’s time at the SEC. (AAERs are financial-reporting enforcement actions concerning civil lawsuits brought by the SEC in federal court, and notices and orders concerning the institution and/or settlement of administrative proceedings.)

We documented a 50% decline in the number of AAERs from 2019 to 2021 — the tenure of then SEC Chairman Jay Clayton. (See “SEC Accounting and Auditing Enforcement Activity, Year in Review: FY 2022.”) However, despite tight budgetary restrictions, we found that Gensler’s time at the SEC has brought an increase of approximately 50% in AAERs from 2021 to 2023. This trend demonstrates Gensler’s seriousness to increase SEC enforcement activities and his tough attitude in reforming capital markets.

SEC sets the tone for financial reporting

In the anti-fraud landscape, the SEC serves as a primary enforcement agency to protect investors. As a primary regulator of publicly traded companies in the U.S., the SEC’s priorities set the tone for how firms, auditors and other stakeholders approach financial reporting decisions, especially concerning fraud. For example, 2017 research found that some auditors are more likely to issue “going concern” opinions when they’re more aware of SEC enforcement, highlighting how perceived scrutiny from the SEC can improve audit quality and reduce the likelihood of fraud. (See “Awareness of SEC Enforcement and Auditor Reporting Decisions,” by Mark L. Defond, Jere R. Francis and Nicholas J. Hallman, Contemporary Accounting Research, Wiley Online Library, Sept. 4, 2017.)

Consistent with its mandate to protect investors, the SEC formed its enforcement division in 1972 to provide a coordinated effort to fight fraud ranging from investigating suspected violations of law to initiating and coordinating civil and administrative proceedings against individuals and firms. In addition to these efforts, the SEC’s enforcement division also often seeks to prevent future fraudulent actions through a variety of means, including seeking monetary fines and placing certain bans on individuals and firms from practicing in publicly traded firms. (See “About the Division of Enforcement,” SEC.)

Allocating resources to fight fraud

The SEC, which has limited resources to fight fraud, must prudently balance tradeoffs in priorities and enforcement. Figure 1 (below) plots the SEC’s total budget for each fiscal year as well as the Consumer Price Index (CPI) inflation rate for each year. (See “Budget History — BA vs. Actual Obligations,” SEC and “Consumer Price Index, 1913-,” Federal Reserve Bank of Minneapolis.) This data reveals that while inflation sharply rose between 2021 to 2022, the SEC’s budget remains relatively steady in nominal dollars. Such a discrepancy in funding underscores the more difficult decisions faced by the agency to effectively protect investors.

Figure 1: SEC budget and CPI inflation by year

We’ve found evidence that the SEC has consistently exhibited wide discretion and freedom in pursuing enforcement actions; and the Dodd-Frank Act of 2010 has increased that discretion. The SEC can bring most federal court claims to administrative law judges within its agency.

While such free discretion has been often criticized, David Zaring, an associate professor in the Wharton School’s Legal Studies Department, concludes that such criticism is without merit. (See “Enforcement Discretion at the SEC,” by David Zaring, Texas Law Review, volume 94:1155.)

As such, the SEC’s enforcement priorities often change with the U.S.’s macroeconomy as well as the commissioner and presidential administration leading the agency. Given the turbulence faced by the agency over the past four years, including the COVID-19 pandemic (see sidebar below) and a new commissioner, our goal here is to both outline the enforcement landscape at the SEC in light of these events and provide insight into the enforcement actions of the SEC during Gensler’s term.

[See “COVID-19 changed SEC’s actions” at the end of this article.]

New commissioner during COVID

During the COVID-19 pandemic, the presidential election resulted in a change in SEC leadership. From May 4, 2017, until Dec. 23, 2020, Clayton was SEC commissioner. Clayton’s agenda was largely for deregulation and fewer disclosures that might make the U.S. less competitive globally. He championed the notions that the SEC should constantly monitor the effectiveness of regulations as well as the idea that rules should be specific because “vaguely worded rules” can lead to suboptimal outcomes for both regulators and firms, he said. (See “SEC Chairman Clayton on His Agenda,” Insights, DavisPolk, July 13, 2017.) During his 3 ½-year-tenure, Clayton oversaw the finalization of over 65 rules and the beginning of the agency’s plans to operate through COVID-19 and address the issues raised by the pandemic.

On April 17, 2021, Gensler became the 33rd SEC chair. His initial agenda was markedly different than Clayton’s. In June 2021, he said he’d concentrate on several areas, among others: (1) disclosure around ESG (environmental, social and corporate governance), (2) insider trading scrutiny, (3) proxy rules and (4) executive compensation. (See “Prepared remarks at London City Week,” by Gary Gensler, SEC, June 23, 2021.) SEC Commissioners Hester M. Peirce and Elad L. Roisman quickly expressed significant concerns about Gensler’s new agenda. (See “Moving Forward or Falling Back? Statement on Chair Gensler’s Regulatory Agenda,” SEC, June 14, 2021.)

Despite a lack of explicit emphasis on enforcement in his initial agenda, Gensler’s actions underscored his seriousness about being tough with enforcement actions. With the COVID-induced stock market mania in 2021 followed by the slump in 2022, Gensler’s SEC focused on significant enforcement of developing issues like Special Purpose Acquisition Companies (SPACs) as well as cybersecurity, ESG and crypto-assets. (See “The SEC’s Rulemaking and Enforcement Priorities in 2023,” by Katayun I. Jaffari and John Crozier, The Legal Intelligencer, Law.com, April 27, 2023.)

Gensler has often seemed unconcerned about critics, shown by his vow to continue tough enforcement in 2024 despite that it’s an election year when politics can often dominate SEC activities. (See “Gensler Vows to Advance SEC’s Rule Agenda as Election Looms,” by Lydia Beyoud, Katherine Doherty and David Westin, Bloomberg, Feb. 14, 2024.)

“He’s responsive to investors,” says Tracey Lewis, policy counsel at Public Citizen. “If investors didn’t want this, he would have no support. He’s not trying to be the most popular guy. He’s trying to be the guy [who] does the right thing.” (See “Gary Gensler has his game face on,” by Mark Schoeff Jr., InvestmentNews, May 1, 2023.) As a result, Gensler has many critics. The SEC X account was even hacked in January. (See “Bitcoin price jumps after hackers hijack SEC Twitter account,” by AJ Vicens and Elias Groll, Cyberscoop, Jan. 9, 2024.) Regardless, he’s continued his commitment to fighting fraud through SEC enforcement.

Accounting and Auditing Enforcement Releases

The SEC issues AAERs either during or at the end of investigations of firms or individuals. Those involved include companies, their auditors and management. Given the SEC’s finite resources, AAERs provide evidence of where the agency has significant evidence of manipulation or fraud. Because firms and individuals often don’t admit to fraud, we give the caveat that not all releases necessarily concern fraud but rather represent instances where the SEC suspects fraudulent activity may exist. The SEC issues many AAERs because the commission is the first investigating agency of a fraud or misstatement. The SEC also issues AAERs to sanction firms or individuals for fraud or misstatements identified by other agencies.

Prior research has shown that the SEC has employed AAERs to study cases of suspected fraud; however, we repeat that not all AAERs represent cases where fraud was proven to be present. (See “Predicting Material Accounting Misstatements,” by Patricia M. Dechow, Weili Ge, Chad R. Larson and Richard G. Sloan, Contemporary Accounting Research, Wiley Online Library, Jan. 27, 2011.) Accordingly, examining the SEC’s enforcement efforts using AAERs offers powerful insight into both the intensity and topics of the enforcement function.

Study’s methodology

We analyzed all AAERs from the time Gensler became chairman, April 17, 2021, through the end of the most recent fiscal year available, Sept. 30, 2023. Our sample included all AAERs during this time, but we focused on initiations, rather than appeals, and we limited each AAER to one observation for a given individual/firm within a fiscal year to avoid double-counting cases where the SEC issued multiple AAERs against the same individual/firm. For each AAER, we read through the entire document to capture salient information presented in our analysis.

General trends

First, we examined the general trends in AAER initiations. A Cornerstone Research study documented a significant decline in AAERs issued in 2021, with about a 50% decline in AAERs from 2019 to 2021. (See “SEC Accounting and Auditing Enforcement Activity, Year in Review: FY 2022.”) Gensler’s tenure at the SEC has brought a substantial increase in the number of AAERs over the past three years — approximately 50% from 2021 to 2023. (See Figure 2 below.)

Figure 2: AAERs by year

This figure documents a stark increase in the number of AAERs annually since 2021, consistent with greater enforcement actions. In 2023, the number of AAERs was nearly double that of 2021.

Respondent type

We also examined cross sections of these trends. Because the SEC issues AAERs against individuals and firms, we considered whether the growth in AAERs varies by type of respondent. We present our findings in Figure 3 (below).

Figure 3: AAERs by respondent type

This figure shows that AAERs are increasing in both individuals and firms across the years. Interestingly, the increase in AAERs from 2021 to 2022 was largely constrained to individuals, but in 2023 both types of respondents saw substantial increases in AAER activity.

Restatements

The SEC issues AAERs associated with restated financial statements as a response to fraud. As such, we considered how restatements related to the overall increasing trend. Interestingly, in Figure 4 (below), we observed only modest increases in restatement-related AAERs from 2021 to 2023, suggesting that the bulk of increases in AAERs were due to frauds beyond restatements.

Figure 4: AAERs and restatements

One interesting trend in AAERs is that the proportion not involving restatements has risen substantially from 2021 to 2023. This trend suggests that the SEC is focusing well beyond restatements in its enforcement efforts.

CPA involvement

It’s common for fraud cases and AAERs to involve CPAs, so we also considered changes in AAERs against CPAs or auditors. The number of AAERs involving CPAs remained fairly steady from 2021 to 2022 but increased in 2023; we noticed a gradual increase in the number of non-CPA AAERs over the same period of time, as shown in Figure 5 (below).

Figure 5: AAERs and CPAs

The share of CPAs receiving AAERs has remained remarkably steady over the past three years, despite an increase in non-CPA AAERs.

Respondent age and tenure

We observed that the average age of individual respondents has remained remarkably steady, which is an unsurprising finding because AAERs are most often issued against management when involving individuals. However, we noticed a stark decrease in average tenure of respondents in 2023, suggesting that the SEC focus may be shifting a bit. See Figure 6 (below).

Figure 6: Average age and tenure of respondent

The average age of AAER respondents has remained steady over the past three years, but the SEC has gone after less-experienced individuals.

Internal controls

Because a lack of effective internal controls can lead to increased opportunities to commit fraud, we considered whether the SEC exercised more scrutiny on internal control-related fraud in the last few years as the shortage of accountants has contributed to weaker controls since the pandemic, and several companies have disclosed internal control weaknesses related to lack of skilled accounting staff. (See “The Accountant Shortage Is Showing Up in Financial Statements,” by Mark Maurer, The Wall Street Journal, July 11, 2023.) From 2021 to 2023, we observed a substantial increase in AAERs related to internal control weaknesses. See Figure 7 (below).

Figure 7: AAERs and internal control weaknesses

The number of AAERs involving internal control weaknesses more than doubled from 2021 to 2023.

We also examined AAERs related to internal controls over financial reporting (ICFRs). See Figure 8 (below). We noticed an even more significant increase during the Gensler administration of AAERs that involve ICFRs; ICFR-related AAERs more than tripled in three years. These trends not only emphasize the fraud consequences of weak internal controls — partially created by a shortage of qualified accounting personnel — but also underscore the SEC’s renewed focus to discourage opportunities for fraud.

Figure 8: AAERs and ICFRs

The number of AAERs involving internal controls over financial reporting (ICFRs) more than tripled from 2021 to 2023.

AAERs by quarter

We also investigated potential changes in timing throughout the year. Our findings showed that the number of AAERs issued in the first fiscal quarter of each year stayed remarkably steady from 2021 to 2023. See Figure 9 (below). Although our analysis shows that the likelihood of issuing an AAER has always been concentrated in the fourth quarter of the SEC’s fiscal year, we noticed a stark increase in the number of AAERs issued in the fourth quarter over the last three years. Nearly half of all AAERs that were issued in 2023 were issued in the fourth quarter. These findings reveal that firms should expect SEC enforcement actions to be more likely as the commission nears the end of its fiscal year.

Figure 9: AAERs by quarter

The proportion of AAERs issued in the fourth quarter has been steadily increasing since 2021.

Types of fraud mentioned

Finally, and most relevant for anti-fraud professionals, we looked at the types of fraud mentioned in each AAER to find trends. Figure 10 (below) presents the types of fraud from each AAER that contains a mention of fraud. This figure shows that the proportion of AAERs that mention securities fraud, corporate fraud, bribery, insider trading and Foreign Corrupt Practices Act (FCPA) violations rarely exceeded 5% of AAERs in any given year. We noticed a stark increase in the proportion of AAERs that mentioned financial statement fraud from 2021 to 2023 and a stark decline in AAERs that mention improper professional conduct from 2021 to 2023. This shift documents a move in the SEC’s focus relevant to the anti-fraud profession, and highlights the SEC’s vigilant focus on ensuring integrity of financial statements.

Figure 10: Types of fraud and AAERs

SEC’s increasing scrutiny

Our analysis provides anti-fraud professionals new insights into trends in SEC enforcement over the past three years. With a new chairman, a pandemic and substantial capacity constraints, it’s crucial to understand how the SEC accomplishes its enforcement arm. We provide rich evidence to show that the commission is now vigorously increasing its scrutiny, which can improve audit quality and reduce the likelihood of fraud.

[See “Spotlight on an SEC ESG enforcement action: Deutsche Bank” at the end of this article.]

R. Thomas Godwin, Ph.D., CPA, CGMA, is a professor of practice in the accounting area of the Charles H. Dyson School of Applied Economics and Management in the S.C. Johnson College of Business at Cornell University. Contact him at rtg77@cornell.edu.

Robert Baucom is an undergraduate student in the Charles H. Dyson School of Applied Economics and Management in the S.C. Johnson College of Business at Cornell University. Contact him at rlb373@cornell.edu.

COVID-19 changed SEC’s actions

As with most governmental agencies, the COVID-19 pandemic upended the SEC’s operations in early 2020. On March 10, 2020, most SEC staff were moved to telework, which persisted through June 6, 2022. The agency acknowledged “adjustments in certain functions, including with respect to information technology.” [See “SEC Coronavirus (COVID-19) Response,” SEC.] The SEC faced several decisions to provide regulatory guidance and relief during the pandemic.

The pandemic also created a need for specific attention to fraud risks surrounding disclosures, earnings reporting and insider trading. To that end, the SEC created several additional requirements and guidance. Given the significant amount of economic uncertainty brought about by the pandemic, the risk for fraud inevitably increased. (See “Economic uncertainty and fraud,” by Ian Hargreaves and Matthew Beech, Financier Worldwide, February 2024.)

As a result of this fraud risk increase, the SEC underscored that its Division of Enforcement and Division of Examinations sought to keep fraud at bay during the pandemic even before its new chair began in 2021.

The SEC has highlighted several cases in which it pursued actions during the pandemic. For example, on June 9, 2020, the agency charged Jason Nielsen, a California-based penny stock trader, with committing fraud through a pump-and-dump scheme involving the stock of Arrayit Corporation. In the scheme, Nielsen used social media to promote Arrayit and fraudulently claimed the company had developed a COVID-19 test with U.S. Food and Drug Administration approval. Nielsen illegally profited almost $137,000 over 1 ½ months. (See “SEC Charges California Trader Engaged in Manipulative Trading Scheme Involving COVID-19 Claims,” SEC, June 9, 2020.)

In another case during 2020, the SEC settled charges on Dec. 4 with The Cheesecake Factory over misleading and false disclosures. The company had falsely claimed its restaurants were “operating sustainably” during the pandemic despite internal evidence that the company was losing about $6 million per week and was less than four months from running out of cash. The SEC assessed $125,000 in fines and agreed to avoid pushing their violations further. (See “SEC Charges The Cheesecake Factory For Misleading COVID-19 Disclosures,” SEC, Dec. 4, 2020.)

The SEC also emphasized cases in 2021 that it enforced while it operated (like most of us) via telework because of the pandemic. In another case involving Arrayit Corporation, the agency charged Rene Schena, Arrayit’s CEO and co-founder, with misrepresenting financial reports. The SEC asserted that Schena told investors that Arrayit had developed a blood test for COVID-19 even though the firm hasn’t yet purchased materials to make such a test. Schena was banned as an officer and director at the company and was fined $50,000. (See “SEC Charges California Company and Its CEO with Misleading Investors About Covid-19 Blood Test and Financial Reports,” SEC, Feb. 11, 2021.)

Collectively, these charges show the unique nature of frauds that have occurred because of the COVID-19 pandemic. Even into 2024, several public companies named COVID-19 as a significant risk factor for their businesses. (See “COVID is Here to Stay—as a Risk Factor in SEC Filings,” by Nate DiCamillo, Quartz (TNS), CPA Practice Advisor, Aug. 25, 2023.) Against the backdrop of tight budgets and inflation, these issues underscore the importance of effective resource allocation for the SEC in enforcing fraud.

Spotlight on an SEC ESG enforcement action: Deutsche Bank

During his Senate confirmation hearing in March 2021, now-U.S. Securities and Exchange Commission (SEC) chair Gary Gensler said that corporate disclosures related to environmental, social and governance (ESG) investing would be a key focus of his tenure. A company’s ESG activities can be an important selling point to investors, signaling that it’s dedicated to responsible and ethical business. But ESG strategies can be vulnerable to fraud if organizations are willing to make misleading claims about their activities to appeal to investors. [See “At Senate Hearing, SEC Nominee Gensler Signals Support for Climate Risk, Political Spending Disclosure Rules,” by Bill Flook, Thomson Reuters, March 3, 2021.]

The SEC announced a task force within its Division of Enforcement to identify and prosecute material gaps and misstatements related to disclosures concerning climate change and other ESG issues in March 2021. In March 2024, the SEC announced precedent-setting rules regarding public companies’ climate-related disclosures. It also rolled out a website with resources for investors on ESG issues. [See “Green gremlins,” by Paul Kilby, Fraud Magazine, March/April 2022; “SEC Adopts Rules to Enhance and Standardize Climate-Related Disclosures for Investors,” SEC press release, March 6, 2024; “SEC Announces Enforcement Task Force Focused on Climate and ESG Issues,” SEC press release, March 4, 2021; and “Environmental, Social and Governance (ESG) Investing,” SEC, Investor.gov.]

Under Gensler, the SEC has taken several high-profile ESG enforcement actions against public companies, including its 2023 fine against the investment arm of Deutsche Bank. Here we’ll examine the SEC’s action against Deutsche Bank and its significance to ESG disclosures.

SEC’s enforcement action against Deutsche Bank

In September 2023, the SEC announced that it had charged Deutsche Bank’s investment subsidiary, DWS Investment Management Americas Inc. (DIMA) in two separate enforcement actions for anti-money laundering violations and misstatements it made about its ESG investment process. The SEC determined that DIMA violated the Investment Advisers Act. In total, the SEC fined DIMA $25 million — $6 million for the money-laundering violation and $19 million for its ESG violation. DIMA agreed to settle the allegations and pay the fine. The case was originally brought to the SEC’s attention by whistleblower Desiree Fixler, who was DIMA’s first head of sustainability. She and her colleagues found gaps and weaknesses in how DIMA reported and analyzed its ESG capabilities. She was subsequently fired by DIMA in 2021. (See “Green gremlins.”)

The SEC alleged that DIMA made materially misleading statements about its ESG-related activities. Indeed, in its annual report DIMA stated, “As a firm, we have placed ESG at the heart of everything that we do.” However, the SEC contended that this statement obscured the reality of DIMA’s activities. DIMA had solicited investors by touting its “specific policies for integrating ESG considerations into its investments,” but it didn’t adequately implement its policy “as it led clients and investors to believe,” and its investment professionals failed to follow its ESG investment processes as it had marketed. (See “Deutsche Bank Subsidiary DWS to Pay $25 Million for Anti-Money Laundering Violations and Misstatements Regarding ESG Investments,” SEC press release, Sept. 25, 2023.)

The SEC documented the following deficiencies in DIMA’s ESG investment policies and its touted proprietary ESG Engine tool, which was developed to aggregate data from multiple ESG third-party vendors to provide ratings for thousands of issuers on ESG quality, carbon and water risk, and controversial business conduct. (See U.S. Securities and Exchange Commission Administrative Proceeding, Sept. 25, 2023.)

1. DIMA employees were supposedly trained on its ESG integration policy, but some senior portfolio managers didn’t know about its integration policy or if it applied to DIMA.
2. It lacked processes to monitor or show that it had implemented its ESG integration policy.
3. There was no formalized process to evaluate whether investment professionals had consulted the ratings produced by its ESG Engine.
4. DIMA didn’t have controls to ensure that ESG risk factors were part of research notes.
5. There weren’t any standards to monitor compliance with the ESG integration policy.
6. DIMA documented deficiencies in the rollout of its integration policy but continued to include the policy on its website for investors to read.

Ultimately, the SEC found that DIMA failed to adopt and implement written policies and procedures that would’ve ensured that representations it made about its ESG policy on its website, requests for proposals and marketing materials weren’t “materially misleading.” Materiality, as used by the SEC, is dictated by a U.S. Supreme Court ruling holding that something is material if a particular disclosure would be significant to the mix of information available to a reasonable investor. (See “911. Materiality,” Criminal Resource Manual, U.S. Department of Justice.) Indeed, during his confirmation hearing, Gensler stressed that the materiality standard would be a guiding principle when taking any actions related to organizations’ ESG disclosures to investors. (See “At Senate Hearing, SEC Nominee Gensler Signals Support for Climate Risk, Political Spending Disclosure Rules.”)

The SEC’s enforcement action against DIMA is significant because it shows how the SEC has focused its ESG-related enforcements on material misrepresentation — something that has been long-established as a standard in violations of investor disclosure rules. As the SEC has only officially established ESG investor disclosure rules this year, we can possibly expect to see the regulator step up enforcement actions against organizations that might abuse their investors’ goodwill and fail to accurately or truthfully disclose their ESG policies.

Louis P. Le Guyader, Ph.D., CPA, is an associate professor at Southeastern Louisiana University. Contact him at louis.leguyader@selu.edu.