No Change in SEC Approach to Suing Compliance Officials

Securities Law Daily provides daily coverage of developments in the regulation of federal, state, and international securities and futures trading, with objective coverage of the...

By Phyllis Diamond

Nov. 4 — Two recent enforcement actions against investment advisory concerns' chief compliance officers don't signal a change in how the Securities and Exchange Commission approaches the issue of CCO liability, SEC Enforcement Director Andrew Ceresney told a Washington gathering.

Those cases—In re BlackRock Advisors LLC and In re SFX Financial Advisory Management Enterprises Inc.— targeted wrongdoing that didn't involve the exercise of good faith judgment, he said Nov. 4 at a meeting of the National Society of Compliance Professionals.

In the wake of the two cases, then-Commissioner Daniel Gallagher cautioned his agency to “tread carefully” in bringing enforcement actions against compliance personnel. Late last month, Andrew Calamari, director of the SEC's New York Regional Office, said the SEC is sensitive to any possible chilling effect enforcement action against CCOs might have on internal compliance.

Crossing the Line

In his address, Ceresney said the commission and its enforcement staff “carefully weigh recommending and bringing actions against CCOs.” When the commission does bring suit, it's because the facts show that the alleged misconduct “crossed a clear line.”

Enforcement actions against CCOs fall generally into three categories Ceresney said:

• cases against CCOs involved in misconduct not related to their compliance function;

• cases against CCOs who obstruct or mislead the SEC staff; and

• cases in which the CCO “exhibited a wholesale failure to carry out his or her responsibilities.”


“When CCOs completely fail in their responsibilities,” Ceresney said, “it is appropriate for us to address that misconduct.”

Cases against CCOs charged with causing their firm's compliance failures under 1940 Investment Advisers Act Rule 206(4)-7 and other compliance-related rules fall largely into the third category, Ceresney said. “This category is considerably smaller than the first but has drawn significantly more attention.”

Rule 206(4)7 requires certain SEC registrants to have written policies reasonably designed to prevent securities-law violations laws and to designate a CCO to administer those policies.

Rare Cases

According to Ceresney, of the 8,000 enforcement actions the SEC has brought since 2003, approximately 1,300 were investment adviser/investment company cases, including 126 in fiscal year 2015.

He said that during the same 12-year period, the commission brought only five enforcement actions against individuals with CCO-only titles affiliated with investment advisers that involved charges under Rule 206(4)-7 and other compliance-related violations where the individuals didn't otherwise try to mislead the SEC staff.

These enforcement statistics make clear that the agency “only rarely charges CCOs for causing violations of Rule 206(4)-7,” Ceresney said. “There has not been any recent trend toward more enforcement activity involving CCOs in their compliance function.”

On the other hand, being a CCO doesn't provide immunity from being sued, Ceresney noted. “When CCOs completely fail in their responsibilities, and particularly when significant investor harm results, it is appropriate for us to address that misconduct.”

To contact the reporter on this story: Phyllis Diamond in Washington at

To contact the editor responsible for this story: Susan Jenkins at

To see the text of Ceresney's address, go to