The SEC’s new director of enforcement delivered his first speech this week, where he outlined a more aggressive use of monetary penalties to deter corporate misconduct and how the SEC will evaluate cooperation and other factors while deciding how large of a penalty to impose.
The speech came from Gurbir Grewal, who took over as head of the Enforcement Division at the end of June. He spoke Thursday at a forum hosted by the Practising Law Institute that nominally was about broker-dealer issues, but Grewal’s remarks on the SEC’s penalty policy are worth any compliance professional’s attention.
The bottom line: Grewal, like other senior officials at the agency, wants to see penalties actually deter corporate misconduct — which could well mean larger penalties than we’ve seen before.
“As we evaluate relevant penalty factors, we will also be closely assessing whether prior penalties have been sufficient to generally deter the misconduct at issue,” Grewal said. “Where they have not been, you can expect to see us seek larger penalties, both in settlement negotiations and, if necessary, in litigation.”
Grewal’s remarks about monetary penalties are especially interesting because they hew closely to previous speeches and statements delivered by SEC commissioner Caroline Crenshaw. Crenshaw specifically called for a new, more aggressive use of monetary penalties in a speech earlier this year; and even tut-tutted a $62 million penalty against Kraft Heinz over the summer as an example of where more aggressive penalties might be warranted.
Now we have Grewal, the SEC’s top enforcement staffer, saying the same thing. Except, where Crenshaw has been sketching out big strategic ideas for enforcement, Grewal and his staff are the ones who will actually be sitting across the table from you when you’re trying to settle a misconduct matter. (Or, on the other side of the Zoom call, at least. You get my point.)
So now this talk about larger penalties and more aggressive enforcement is getting real.
Penalties Are About Deterrence
Grewal began by stressing that one primary objective of monetary penalties is to deter future misconduct — both the target of the enforcement action, from offending again; and other companies or persons, from engaging in the same misconduct themselves.
“And central to deterrence is proportionality,” Grewal said. “The worse the conduct, the more strongly we want to disincentivize market participants from engaging in it. We must design penalties that actually deter and reduce violations, and are not seen as an acceptable cost of doing business.”
OK, fair enough. Then Grewal made a point that is worth excerpting at length, and I bold-faced the most important line:
As Commissioner Crenshaw put it earlier this year: “[C]orporate penalties should be tied to the egregiousness of the actual misconduct.” I agree wholeheartedly. But this does not mean that roughly equivalent misconduct by comparable offenders should be penalized in the same amount the hundredth time it occurs as the first. Rather, to achieve the intended deterrent effect, it may be appropriate to impose more significant penalties for comparable behavior over time. Doing so will make it harder for market participants to simply “price in” the potential costs of a violation.
Logically that makes sense; if companies keep making the same offenses over and over again despite repeated enforcement actions, that means the deterrent power in those monetary penalties isn’t strong enough — so the penalties should be larger.
I’m not sure, however, that corporate boards, legal teams, and compliance departments are prepared for that idea in practice: that penalties might get larger and larger for Corporate America collectively. That is, your FCPA monetary penalty in 2024 might be larger than a rival’s penalty in 2022 even for similar offenses, because your company didn’t digest the warning that the enforcement action against your rival was meant to send.
And before anyone thinks I’m dreaming up these implications, Grewal pretty much said it aloud in his next paragraph (again, me bold-facing the important part):
Even if a firm or individual hasn’t offended before, if they violate a law or rule for which the SEC has previously and publicly charged other actors in their industry, it may be appropriate for penalties or other remedies to be increased in response to the lack of deterrence.
We should also remember that the Justice Department has already gone in this same direction — that a corporate compliance program should take note of enforcement actions against other companies, and make improvements accordingly — in its 2020 revisions to the guidelines for effective compliance programs. The guidelines expressly say: “Does the company review and adapt its compliance program based upon lessons learned from its own misconduct and/or that of other companies facing similar risks?”
Grewal’s remarks about larger penalties square perfectly well with those Justice Department guidelines, when you think about it. The SEC wants to deter misconduct, and seems willing to impose larger and larger penalties until it achieves that deterrence.
Compliance programs are the vehicles companies use (or should use) deter that misconduct. So yet again, an effective compliance program will become more important to the corporation overall. Ain’t it funny how things always come back to that point?