SEC Enforcement Division Priorities Pertaining to Retail Investors and Cybersecurity

November 09, 2017

In a keynote speech to the Securities Enforcement Forum on October 26, 2017, U.S. SEC Division of Enforcement (Division) Co-Director Stephanie Avakian emphasized the protection of retail investors and cybersecurity as Division priorities, as evidenced by the Division’s newly created Retail Strategy Task Force (Task Force) and specialized unit dedicated to cybersecurity (Cyber Unit). 

Retail Investor Protection 

The mission of the Task Force, as described by Ms. Avakian, is to implement innovative strategies to root out misconduct by investment professionals in their dealings with retail investors. This approach reflects the ever-expanding use of technology and data analytics by the Division as well as by the SEC’s Division of Economic and Risk Analysis (DERA) and the Office of Compliance Inspections and Examinations (OCIE) to detect patterns of suspicious activity. 

The Task Force generally will not be responsible for conducting investigations. Rather, it will work with the Division’s Office of Market Intelligence and Center for Risk and Quantitative Analytics, as well as DERA and OCIE, to develop ideas and strategies for identifying issues that may impact retail investors, and after analysis, refer issues to other Division staff for further investigation. 

Ms. Avakian indicated that the Task Force will focus on incidents of widespread misconduct – as examples of such misconduct, she cited the charging of inadequately disclosed fees, and recommending and trading in wholly unsuitable strategies and products. In particular, she noted that the Task Force will focus on activities such as: 

  • The failure of investment professionals to ensure that retail investors are invested in the lowest fee mutual fund share class for which they are eligible (such as by the intentional sale of a more expensive share class for the purpose of generating higher commissions or the failure to notify retail customers that a less expensive share class is available); 
  • Misleading practices associated with wrap accounts (including the failure to adequately notify retail investors of fees associated with such accounts); 
  • The increasing number of retail investors holding highly volatile products (e.g., inverse exchange-traded funds) as long-term holdings, including in retirement accounts; 
  • The failure of investment professionals to fully disclose fees, mark-ups and other factors that can negatively impact returns for structured products; and Practices designed to generate large commissions at the expense of retail investors (e.g., churning and excessive trading).

The Task Force, together with other SEC offices including the Office of Investor Education and Advocacy, will also be responsible for conducting retail investor outreach to identify issues where targeted education and outreach efforts may benefit investors. 


The Cyber Unit – the first new specialized unit created since the advent of these specialized groups within the Division in 2010 – was created to address the growing level of technology-driven misconduct in the securities markets. Ms. Avakian noted that the Cyber Unit will focus primarily on three types of cases. The first involves cyber activities used to gain an unlawful market advantage – for example, by hacking nonpublic information in order to trade or to manipulate the market; intruding into accounts and then manipulating trading; and “disseminating false information through electronic publication, such as SEC EDGAR filings and social media, in order to manipulate stock prices.” 

The second enforcement priority involves failures by registered entities to take appropriate steps to safeguard information or ensure systems integrity, including potentially violations of Regulations S-P, S-ID, SCI and other provisions. The third priority relates to failures by public companies to adequately disclose cyber-related issues. With respect to the latter, Ms. Avakian indicated that, although the Division has not yet brought an enforcement action on this basis, the staff of the Division of Corporate Finance has reminded registrants of their duties to disclose material information, including pertaining to cyber risks and incidents. 

Ms. Avakian further indicated that, in order to have a consistent approach to enforcement regarding “emerging issues,” the Cyber Unit will also be responsible for the Division’s focus on distributed ledger (or “blockchain”) technology. 


The retail investor protection initiative signals the Division’s expectation that investment professionals will be proactive in providing retail investors with adequate disclosure regarding the type and cost of investments. For example, financial advisors may want to implement systems to identify mutual fund customers who are eligible for less expensive shares and take steps to move those customers to that share class. Additionally, financial advisors may want to review disclosure documents to make sure that all fees are appropriately disclosed. 

Financial advisors also may want take steps to: secure private information; implement plans and procedures to prevent cybersecurity breaches in the first instance; and disclose material information regarding the occurrence of any cyber issues. In light of the creation of a specialized Cyber Unit, there likely will be an uptick in cyber-related enforcement due to a more focused approach to these issues and a team dedicated to bringing such cases. Accordingly, the industry should closely follow SEC action in this area to understand the level of care and measures that the SEC expects of the industry on various aspects of cybersecurity.

Subscribe to Dechert Updates