by T. GormanPosted on Posted in SECActions

Last week the SEC resolved two ICO actions that will become the blue print for settling unregistered crypto currency actions in the wake of the Section 21(a) DAO report detailing how the federal securities laws apply to the offerings. See, e.g., In the Matter of Carriereq, Inc., D/B/A Airfox, Adm. Proc. File No. 3-18898(Nov. 16, 2018).This week the U.S. Attorney’s Office secured a guilty plea in a case where investors were solicited to invest in binary options and their cash was converted to a worthless crypto coin. U.S. v Kantor, No. 18-CR-177 (E.D.N.Y.).

Defendant Blake Kantor, also known as Bill Gordon, conducted a fraudulent investment scheme in which investor cash was converted to what was represented to be a valuable cryptocurrency – ATM Coin. Beginning in March 2014 Mr. Kantor established the Blue Bit Banc or Blue Bit Analytics, Inc. The firm sold binary options, a form of highly speculative investment that has been banned in some countries. Over a three year period beginning in 2014 Mr. Kantor and his confederates solicited investors for Blue Bit Bank, raising about $1.5 million from over 700 investors.

Investors were not told that the computer software used by Blue Bit altered the data used in connection with the binary options in a manner which made it most difficult for them to make a profit – the high risk options many consider gambling became virtually no gamble for Mr. Kantor. Investors were also not told that the ATM Coin they received was worthless.

In October 2017 Mr. Kantor and others involved with the scheme took steps to evade detection. Customer lists were altered after FBI agents told Mr. Kantor that they were investigating. Mr. Kantor also met with the agents and misinformed them about the business, claiming he had not had any involvement with it for a period of time.

Defendant Kantor was charged with conspiracy to commit wire fraud, obstruction of an official proceeding and making false statements to Special Agents of the FBI. Mr. Kantor pleaded guilty to conspiracy to commit wire fraud. In connection with his plea agreement Mr. Kantor admitted to obstructing an investigation into his fraudulent scheme. The date for sentencing has not been set.

Program: The Fifth Annual Dorsey Federal Enforcement Forum will be held on December 5, 2018. The program, centered on a tech theme and SEC enforcement, includes a keynote address on artificial intelligence and its impact on the legal profession, panels analyzing critical issues facing SEC enforcement, the question of broker protocols, trends in investment adviser inspections, how to conduct an ICO and concludes with an address on cyber-security and internal controls. A holiday gathering follows. The program and registration for it and the party are here or separate registration for the holiday party only here.

Tagged with: ,

by T. GormanPosted on Posted in SECActions

Exchange Act section 13(b)(2)(B), added to the 1934 Act as part of the Foreign Corrupt Practices Act of 1977, is concerned with internal accounting controls. The statute requires that there be sufficient controls to ensure that transactions are executed as directed by management; to permit the preparation of the financial statements; and to ensure that access to assets is permitted only in accord with management’s authorization. The section underscores the fact that management serves as the steward of the shareholders’ investment.

The “internal accounting controls” focus of the section has been repeatedly emphasized by the Commission in a variety of cases that range from FCPA corruption actions to those centered on accounting fraud. Two recent developments, however, suggest that issuers take a new look from a different prospective when evaluating internal accounting controls: The Commission’s section 21(a) Report on Certain Cyber-Related Frauds (Oct. 16, 2018) and its FCPA settlement, In the Matter of Vantage Drilling International, Adm. Proc. File No. 3-18899 (Nov. 19, 2018).

The Report is well grounded in the language of the statute and the traditional views of the agency regarding internal accounting controls, citing at points the history of the section. The Report also ties those notions together with risk management policies, stating that “”[c]ybersecurity risk management policies and procedures are key elements of enterprise-wide risk management, including as it relates to compliance with the federal securities laws,’” quoting from the Commission Statement on Guidance on Public Company Cybersecurity Disclosures.

Subsequent sections of the Report emphasize that the cyber schemes investigated were typically simple and there were often numerous red flags. Yet there were repeated failures. Those failures resulted in many instances because the personnel did not take the appropriate steps or fully appreciate the situation. As the Report states: “Systems of internal accounting controls, by their nature, depend also on the personnel that implement, maintain, and follow them.” This “human element,” tied to section 13(b)(2)(B) concepts adds a dimension to the traditional discussion of internal accounting controls.

Key to the ultimate outcome of Vantage Drilling is a similar concept. That action involved in the first instance a relatively new drilling firm seeking to acquire a deep-water drilling vessel under construction at a Korean ship yard for a Taiwanese shipping magnate identified as Director A. Through a series of agreements Vantage Drilling was to acquire the deep-water drilling vessel and other assets. As part of the deal, the shipping magnet would become a director. No due diligence was done on Director A.

Vantage Drilling later learned that Director A made misrepresentations at the same ship yard in connection with another vessel and even at one point claimed not to be able to pay for a ship. Yet the drilling firm “did not enhance its internal accounting controls in regards to its transactions with respect to Director A,” according to the Order. That failure ultimately took the firm down the path to a bribery scheme hatched and executed by Director A.

While the Order in Vantage Drilling does not specifically discuss the “human element” of internal controls in those terms like the Report, the reason to strengthen the internal controls in that action was the risk posed by Director A. Stated differently, the man was not trustworthy and tying the enterprise to him put the stewardship of management, and thus the shareholders’ investment, at risk. Vantage Drilling, however, failed to recognize this risk and take precautionary steps – a failure which resulted in its undoing when the bribery scheme was uncovered in the now infamous “Operation Car Wash” scandal in Brazil.

Vantage Drilling’s failure is little different from that of management at the various firms cited in the Report. When faced with an untrustworthy Director A –as with the cyber threats — management failed to act as an effective steward, failed to take the proper steps or even to appreciate the risks to the enterprise and thus the shareholders’ investment. It is this human element of internal accounting controls, and the failures with regard to this element, that was critical to the actions underlying the Report and in Vantage Drilling. It is the emergence of this human element of internal accounting controls that is critical to the cyber-security Report and the FCPA case. It is the recognition of this element which issuers must carefully consider and evaluate in terms of risk, training and the testing of internal accounting controls in the future.

Program: The Fifth Annual Dorsey Federal Enforcement Forum will be held on December 5, 2018. The program, centered on a tech theme and SEC enforcement, includes a keynote address on artificial intelligence and its impact on the legal profession, panels analyzing critical issues facing SEC enforcement, the question of broker protocols, trends in investment adviser inspections, how to conduct an ICO and concludes with an address on cyber-security and internal controls. A holiday gathering follows. The program and registration for it and the party are here or separate registration for the holiday party only here.

Tagged with: , ,