Article Bloomberg Law

SEC Enforcement Record Stems From More Penalties, Not More Cases

In this article for Bloomberg Law, partners Bob Allen, Zachary Brez and Nader Salehi analyze the SEC’s record-breaking year in penalties, noting that the commission didn’t bring more cases but simply upped the ante on fines on corporations and individuals.

The Securities and Exchange Commission recently announced record-breaking penalties of $6.4 billion in fines on corporations and individuals in fiscal year 2022.

This includes more than $4.19 billion in civil penalties, an amount the SEC said was the highest on record, and roughly three times the $1.45 billion imposed in 2021. The FY 2022 totals also include disgorgement, or return of wrongfully obtained money.

These are undoubtedly staggering numbers, and some commentators have pointed to them as evidence that the SEC has become more active and resourced than in the past. In other words, the SEC is bringing more or bigger cases.

However, the reality is more complex, with significant implications for the SEC’s role and impact on markets. While the SEC imposed an unprecedented amount of penalties in 2022, the number of cases it filed was closely in line with past averages, if not marginally lower. Here’s the broader picture.

Cases Remain Steady

The SEC filed 462 standalone enforcement actions in 2022. That was an increase from 2021, but not by much, as the SEC filed 434 standalone actions that year. These numbers are lower than the final years of the Trump administration, where in 2018 the SEC filed 490 new standalone actions (6% more than in 2022), and in 2019 it filed 526 cases (14% more).

How did the SEC achieve such record-breaking penalty numbers without bringing more cases?

The answer is obvious but critically important in terms of how the agency interacts with the entities it regulates―it imposed higher penalties.

In 2019, the average SEC penalty per standalone case was $2.1 million. It rose to $9.1 million in 2022.

This increase was driven by large corporate resolutions, many related to recordkeeping violations that have traditionally received―whether rightly or wrongly―far more lenient treatment. The SEC recognized this in its press release, noting that it has “in a number of actions recalibrated penalties for certain violations.”

Those violations include, as the SEC explained, cases where it imposed more than a billion dollars of penalties against financial institutions for having failed to “maintain and preserve work-related text message communications conducted on employees’ personal devices.”

The SEC also highlighted a $200 million penalty against a bank for unintentionally issuing more shares of a security than it was allowed. In more technical terms, this means exceeding the maximum number of shares that could be issued under a preexisting shelf registration statement.

These are certainly regulatory violations, but they are not the type of intentional frauds, like Ponzi schemes or insider trading, that many associate with outsized SEC penalties. There are no obvious victims to either offense.

Do Fines Equal Safety?

Will imposing higher penalties in these types of matters make US markets safer? The answer is complicated.

It is hard to see how imposing outsized penalties against banks and other large companies for recordkeeping violations will deter individuals from committing fraud. An executive who lies to investors or trades on inside information, for example, is unlikely to be dissuaded by the fact that their company may have to pay a large fine.

And the inescapable reality is that while the SEC was focused on employees’ use of personal devices and shelf registration statements, it appears to have entirely missed what appears to be one of the largest frauds since Enron and Madoff: the collapse of FTX.

That said, while individual wrongdoers may not care about corporate penalties, companies certainly do.

Corporate penalties can affect a company’s bottom line and jeopardize the jobs of in-house lawyers and compliance officers, since they are often blamed for not preventing the violations in the first place. These individuals need to know that what might once have been a simple recordkeeping issue or administrative weakness, and thus lower-priority, is now a potentially significant liability.

That was presumably the point. As the SEC makes regulatory foot-faults more expensive, companies will be incentivized to invest more in their compliance programs to make sure that fewer errors occur.

Moving Forward

Market participants should not expect the SEC to reverse course on its recalibrated—i.e., more punitive—approach to penalties. The SEC will almost certainly continue to impose penalties on corporations that exceed past norms, including for matters that―like the cell phone and share-issuance cases discussed above―lack obvious victims, illicit gains, or even intentional wrongdoing.

The record-setting penalties that the SEC issued in 2022 will be used as precedent by commission lawyers when determining the size of penalties in 2023 and future years. The SEC may well also feel pressure to beat its 2022 results, despite cautioning in its press release that it does not expect to “set new [records] each year.”

However, the SEC received a $210 million boost in its FY 2023 budget that will, among other things, fund new hiring in the enforcement division. It will naturally be pressured to show taxpayers that this was a wise investment.

While companies will presumably, and should, respond to the SEC’s banner year in 2022 by making additional investments in compliance, those improvements will take time to have any effect. There is no such thing as a perfect compliance program, and shortcomings are inevitable, especially given how complicated our financial system has become.

But when mistakes are made, companies will pay dearly for them.

Reproduced with permission. Published 2023. Copyright 2023 Bloomberg Industry Group, Inc. 800-372-1033. For further use, please visit