by T. GormanPosted on Posted in SECActions

A family office is not typically at the middle of what the Commission alleges was a $36 billion house of cards. Family offices are by definition funds that manage of family assets. The investment vehicle become more popular in recent years after the governing rules were written (at one time they are based on individual orders from the Commission). Today many are huge investment funds managing large sums of money.

One such fund was Archegos Capital Management, LLC. As a family office it was exempt from registration under the Advisers Act. That exemption from registration did not extend to fraud charges. Yesterday, the Commission, the U.S. Attorney’s Office and the CFTC filed fraud charges which center on the firm. SEC v. Hwang, Civil Action No. 1:22-cv-03402 (S.D.N.Y. Filed April 27, 2022).

The cases is based on the manipulation of ten different stocks held by the Archegos and a series of lies about the financial condition of the fund which permitted it to completely overextend its credit – the firm collapsed. Those named as defendants are: Sung Kook Hwang, the founder and manager of Archegos who was responsible for all investment decisions; Patrick Halligan, the CFO of the firm; William Tomita, the head trader of Archegos; Scott Becker, the chief risk officer of Archegos; and the firm.

Over a period of about one year, beginning in March 2020, at Mr. Hwang’s direction the firm rapidly grew largely through the use of security-based swaps with about a dozen counterparties. Those arrangements put the firm at risk from volatile prices.

To sustain its growth trajectory, the firm chose not to rely on just market prices. Rather, it began manipulating the securities of its top ten securities holdings. This was done through purchases of the issuers’ securities and entry into security-based swaps referencing those issuers. In effect, Archegos dominated the securities of those issuers through trading and by marking the close for those stocks – trading at the end of the day to set the closing price.

A key part of the scheme involved maintaining the margin with Archegos’ counterparties. To achieve this the family office could not share its actual financial results with its counterparties as it pushed and strained the credit arrangements. To continue extending the lending arrangements Defendants Hwang, Halligan, Tomita and Becker misled the counterparties. False information regarding the composition of the firm’s portfolio was furnished as well as about its concentration and liquidity.

Eventually, Defendants could not maintain the fraud. As the security prices began to fall in March 2021 the fraud unraveled and Archegos spiraled to collapse. Billions of dollars in losses resulted. The complaint alleges violations of Securities Act Section 17(a) and Exchange Act Sections 9(a)(2) and 10(b). The case is pending. The U.S. Attorney’s Office for the Southern District of New York filed parallel criminal charges. The CFTC also filed a civil action.

Tagged with: ,

by T. GormanPosted on Posted in SECActions

Cybersecurity and the related disclosures can be critical issues for any company in today’s environment. This question is at the center of a recent decision by the Fourth Circuit Court of Appeals. Specifically, the Court focused on the question of what constitutes a false statement in an action centered on cybersecurity claims where information was allegedly omitted. In re Marriott International, Inc., No. 21-1802 (4th Cir. Decided April 21, 2022).

Factual background

In 2016 Marriott merged with Starwood Hotels. Marriott subsumed all of the operations. Two years later Marriott learned that malware had impacted about 500 million guest records in the Starwood reservation database. That resulted from the second largest data breach in history. This case was filed alleging 73 separate public statements that were false and misleading within the meaning of Exchange Act Section 10(b) and Rule 10b-5 thereunder.

The district court granted Marriott’s motion to dismiss with prejudice. The court concluded that Plaintiffs had failed to adequately allege a false or misleading statement or omission. On appeal the Fourth Circuit affirmed.

The decision

On appeal Plaintiffs narrowed their the claims to three groups of statements: 1) those regarding the importance of protecting customer data; 2) a group of privacy statements on Marriott’s website; and 3) cybersecurity-related disclosures. To demonstrate that one of the statements in these groups is false and misleading within the meaning of Section 10(b) and the Rule, plaintiff must identify a “factual statement or omission – that is, one that is demonstrable as being true or false.” (citations omitted). Stated differently, the challenged statement or omission must be about something consequential . . . material.”

Not all material omissions are actionable, the Court noted. Section 10(b) does not impose a duty to disclose. Rather, the statement is only actionable if a reasonable investor reading it would be misled – that is, the statement is essentially a half-truth. Here none of the identified statements are actionable.

The first group of statements involve the importance of data protection to Marriott’s business. Marriott repeatedly states, for example, that “’the integrity and protection of customer, employee, and company data is critical to us . . .” These statements create the impression, according to Plaintiffs, that Marriott was securing and protecting customer data acquired from Starwood . . .” This, however, is not a false statements, according to the Court. Indeed, the basic truth of the Marriott statement – essentially a general fact – is not false or misleading. This is evident from the fact that Marriott made no characterization in the statements.

The second group of statements focus on privacy. Marriott posted statements noting that it seeks to “use reasonable organizational, technical and administrative measures to protect” personal data” but no system is 100% fool proof. Here again, there is nothing that demonstrates these statements are not true.

Statements in the last group are simply broad pronouncements that “no reasonable investor could have been misled by,” according to the Court. Included in this group were statements such as those noting that Marriott keeps personal data in a form that permits its use by the firm but it is only maintained for a long as necessary. Again, there is nothing false and misleading about these statements.

In the end, this claim, like the contention that Marriott’s cybersecurity risk disclosures are materially misleading because they disclose only risks that have occurred misses the mark. While listing factors that speak of risks that might occur when in fact they have happened may well be misleading, that is not the case here. The disclosures by Marriott speak of risks in the future while acknowledging those that have occurred in the past. Those admissions ensure that the risk factors are not misleading. While Marriott could have added additional detail the ”SEC advises companies against ‘mak[ing] detailed disclosures that could compromise [their] cybersecurity efforts . .” For these reasons the decision of the district our was affirmed.

Comment

It is axiomatic that Exchange Act Section 10(b) and Rule 10b-5 do not create a duty to disclose. Thus in omission cases the focal question becomes if the additional material must be disclosed. If the omitted information is material and a necessary addition to the statements made so that investors are not misled, then as the Court states here the information must be disclosed. That was not the case here. Indeed, much of the information Plaintiffs claimed should have been viewed as material omissions might have been seenas general background information or risk factors which flagged certain items for investors.

What was not discussed by the Court is situations where there was an affirmative obligation to disclose the information. Decisions such as the Supreme Court’s decision in Affiliate Ute Citizens v. U.S., 408 U.S. 128 (1972) and are keyed to the question of when there is a duty to disclose which is often a function of the relationship between the parties.

Tagged with: , ,