Securities Industry Commentator by Bill Singer Esq

September 24, 2019
Andrei Tyurin a/k/a "Andrei Tiurin" pled guilty in the United States District Court for the Southern District of New York to one count each of conspiracy to commit computer hacking; wire fraud; conspiracy to violate the Unlawful Internet Gambling Enforcement Act;; and conspiracy to commit wire fraud and bank fraud; conspiracy to commit wire fraud; and conspiracy to commit computer hacking. Also charged with committing these crimes are Gery Shalon, a/k/a "Garri Shalelashvili," a/k/a "Gabriel," a/k/a "Gabi," a/k/a "Phillipe Mousset," a/k/a "Christopher Engeham"; Joshua Samuel Aaron, a/k/a "Mike Shields"; and Ziv Orenstein, a/k/a "Aviv Stein," a/k/a "John Avery." As set forth in part in the DOJ Release:

From approximately 2012 to mid-2015, TYURIN engaged in an extensive computer hacking campaign targeting financial institutions, brokerage firms, and financial news publishers in the U.S., including the theft of personal information of over 100 million customers of the victim companies.  TYURIN's hack of one financial institution headquartered in Manhattan resulted in the theft of personal information of over 80 million customers, making it one of the largest theft of customer data from a U.S. financial institution in history.  TYURIN engaged in these crimes at the direction of Shalon and in furtherance of other criminal schemes overseen and operated by Shalon and his co-conspirators, including securities fraud schemes in the United States.  For example, in an effort to artificially inflate the price of certain stocks publicly traded in the U.S., Shalon and his co-conspirators marketed the stocks in a deceptive and misleading manner to customers of the victim companies whose contact information TYURIN stole in the intrusions.

In addition to the U.S. financial sector hacks, TYURIN also conducted cyberattacks against numerous U.S. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.  Nearly all of these illegal businesses, like the securities market manipulation schemes, exploited the fruits of TYURIN's computer hacking campaigns.  Through these various criminal schemes, TYURIN, Shalon, and their co-conspirators obtained hundreds of millions of dollars in illicit proceeds.

Without admitting or denying the findings in the SEC PwC Order and the SEC Sprankle Order, PricewaterhouseCoopers LLP ("PwC") and PwC Partner Brandon Sparkle agreed to cease and desist from future violations. PwC agreed to pay disgorgement of $3,830,213, plus prejudgment interest of $613,842 and a civil money penalty of $3.5 million, and to be censured; and Sprankle agreed to pay a civil money penalty of $25,000, and to be suspended from appearing or practicing before the SEC, with a right to reapply for reinstatement after four years. Also, PwC agreed to perform a detailed set of undertakings requiring the firm to review its current quality controls for complying with auditor independence requirements for non-audit services and for evaluating its provision of non-audit services. As set forth in part in the SEC Release:

The SEC's order finds that PwC violated the SEC's auditor independence rules by performing prohibited non-audit services during an audit engagement, including exercising decision-making authority in the design and implementation of software relating to an audit client's financial reporting, and engaging in management functions. In connection with performing non-audit services for 15 SEC-registered audit clients, the order states that PwC violated Public Company Accounting Oversight Board (PCAOB) Rule 3525, which requires an auditor to describe in writing to the audit committee the scope of work, discuss with the audit committee the potential effects of the work on independence, and document the substance of the independence discussion. According to the order, PwC's actions deprived numerous issuers' audit committees of information necessary to assess PwC's independence. As further detailed in the order, the violations occurred due to breakdowns in PwC's independence-related quality controls, which resulted in the firm's failure to properly review and monitor whether non-audit services for audit clients were permissible and approved by clients' audit committees.
In a Complaint filed in the United States District Court for the Southern District of New York, the SEC charged former Nissan Motor Company, LTD. Chief Executive Officer Carlos Ghosn with violating anti-fraud provisions of the securities laws and also charged former and former Director Greg Kelly with aiding and abetting Ghosn's and Nissan's violations. Without admitting or denying the allegations, Ghosn and Kelly agreed to be permanently enjoined from violating or aiding and abetting violations of the anti-fraud provisions; and Ghosn agreed to a $1 million civil penalty and a 10-year officer and director bar, and Kelly agreed to a $100,000 penalty, a five-year officer and director bar and a five-year suspension from practicing or appearing before the Commission as an attorney. 

In an administrative proceeding, the SEC charged Nissan with violating the anti-fraud provisions of the Securities Exchange Act of 1934.  Nissan settled the charges, agreeing to pay a $15 million civil penalty and to cease and desist from committing or causing violations of the anti-fraud provisions. 

As set forth in part in the SEC Release:

[B]eginning in 2004 Nissan's board delegated to Ghosn the authority to set individual director and executive compensation levels, including his own. From 2009 until his arrest in Tokyo in November 2018, Ghosn, with substantial assistance from Kelly and subordinates at Nissan, engaged in a scheme to conceal more than $90 million of compensation from public disclosure, while also taking steps to increase Ghosn's retirement allowance by more than $50 million. Each year, Ghosn fixed a total amount of compensation for himself, with a certain amount paid and disclosed and an additional amount that was unpaid and undisclosed. Ghosn and his subordinates, including Kelly, crafted various ways to structure payment of the undisclosed compensation after Ghosn's retirement, such as entering into secret contracts, backdating letters to grant Ghosn interests in Nissan's Long Term Incentive Plan, and changing the calculation of Ghosn's pension allowance to provide more than $50 million in additional benefits. Kelly and Ghosn's Nissan subordinates misled Nissan's CFO and Nissan issued a misleading disclosure in connection with the increased pension allowance. The $140 million in undisclosed compensation and retirement benefits was never paid out to Ghosn.

SEC Charges Founder and CEO of Purported Online Adult Entertainment Marketplace with Fraudulent ICO Scheme (SEC Release), the SEC charged former founder and Chief Executive Officer of Fantasy Markets, Jonathan C. Luca, with violating the antifraud provisions of Section 17(a) of the Securities Act and Section 10(b) and Rule 10b-5 of the Securities Exchange Act and the registration provisions of Sections 5(a) and 5(c) of the Securities Act. Without admitting or denying the allegations in the Complaint, Luca consented to the entry of a final judgment that imposes permanent injunctions from violations of the charged provisions; orders him to pay a civil penalty of $15,000; and imposes a five-year officer and director bar and a five year conduct-based injunction prohibiting Lucas from participating in any unregistered offering of securities, digital or otherwise, except for securities transactions for his own personal account.  As set forth in part in the SEC Release:

[B]eginning in August 2017, Lucas raised approximately $63,000 in cryptocurrency from more than 100 investors through the fraudulent offer and sale of unregistered digital securities of Fantasy Market. As alleged in the complaint, Lucas made numerous materially false statements in a whitepaper and online to induce investors to participate in the ICO. Among other alleged misstatements, Lucas claimed that a "working-beta" version of the company's adult-entertainment platform existed when one did not, presented a fictitious management team, and misrepresented his own experience. After garnering media attention over investor complaints, the complaint states, Lucas returned the funds raised to investors.

Milwaukee Financial Advisor Sentenced to 30 Months in Federal Prison for Fraud Scheme that Targeted Elderly Victims (DOJ Release)
Chris Kubiak pled guilty in the United States District Court for the Eastern District of Wisconsin to one count of wire fraud, and he was sentenced to 30 months in prison plus three years of supervised release; and he was ordered to pay $379,977 in restitution to of his victims.  As set forth in part in the DOJ Release:

[K]ubiak worked as a financial advisor through Freedom Investors Corp, and Calton & Associates, Inc.  In that role, Kubiak arranged to have funds withdrawn from several elderly clients' investment accounts and mailed to their homes or wired to their bank accounts.  Kubiak falsely told the clients that the funds were bonuses or dividends that he would reinvest for them.  He solicited personal checks from the clients, but rather than reinvesting the money as promised, Kubiak deposited the funds into his own checking account and used the money for gambling and other personal expenses.  The scheme spanned a period of five years and was ultimately discovered by a victim's relative, who reported Kubiak to authorities.

Speaking for one of the victims, a relative described the debilitating emotional and mental distress suffered by her loved one who had long known and trusted Kubiak to grow her small nest egg.  In sentencing Kubiak, the Court emphasized the need for punishment and deterrence, both for Kubiak and for others who might be similarly tempted to prey upon the elderly.           

Client Associate Takes 4 Years of Rep's CE ( Blog)
A bank robber is caught red-handed. At trial, his lawyer argues that it wasn't felony bank robbery but merely his client politely requesting that patrons of the bank raise their hands over their heads and simply suggesting that the teller hand over the bank's cash. As idiotic as that seems, consider a recent FINRA regulatory settlement.

SEC Charges Previously-Barred Broker and His Firm with Offering Fraud (SEC Release)
In a Complaint filed in the United States District Court for the Eastern District of New York, the SEC charged Christopher Fulco a/k/a Christian Anthony, Jonathan Stewart, and Michael Barron; and JM Capital Holdings LLC with violations of the antifraud provisions of Section 17(a) of the Securities Act  and Section 10(b) of the Securities Exchange Act and Rule 10b-5 thereunder, and the securities registration provisions of Sections 5(a) and 5(c) of the Securities Act. The SEC seeks permanent injunctions, disgorgement, prejudgment interest, and civil money penalties against Fulco and JM Capital, and disgorgement and prejudgment interest from the Relief Defendant Jamie Milione. The SEC Release asserts in part that Fulco

cold-called investors, including many elderly retirees, and solicited investments in a number of private companies, some of which he claimed were about to substantially increase in value following initial public offerings. In truth, the SEC alleges, defendants never invested the money in the manner represented; instead, Fulco used the money to fund his lifestyle, gamble at casinos, take vacations, and purchase luxury goods. Fulco also allegedly transferred almost $100,000 of investor money to his ex-fiancé, whom the SEC has named as a relief defendant. Throughout the three-year offering fraud, the SEC alleges that Fulco used a series of aliases to conceal his true identity from investors and created fictitious documents to induce investors to transfer money to JM Capital.
After a seven-day trial in the United States District Court for the Southern District of New York, former senior investment banker Sean Stewart was convicted of one count of conspiracy to commit securities fraud and tender offer fraud; one count of conspiracy to commit wire fraud; six counts of substantive securities fraud; and one count of substantive tender offer fraud. Sean Stewart's father,  Robert Stewart, pled guilty to one count of conspiracy to commit securities fraud and tender offer fraud and was sentenced to four years' probation, with the first year to be served in home detention, and $150,000 in forfeiture. Richard Cunniffe pled guilty to one count of conspiracy to commit securities fraud and tender offer fraud, one count of conspiracy to commit wire fraud, three counts of substantive securities fraud, and one count of substantive tender offer fraud, and was sentenced to one year of probation, and $900,000 in forfeiture. As set forth in part in the DOJ Release:

In early 2011, SEAN STEWART, who at the time held the position of Vice President in the Healthcare Investment Banking Group of a global bank headquartered in Manhattan ("Investment Bank A"), began tipping his father, Robert Stewart, with nonpublic information about upcoming mergers and acquisitions.  The first of these tips related to the acquisition of Kendle International Inc. by INC Research, LLC, which was announced publicly on May 4, 2011.  SEAN STEWART represented Kendle in the confidential negotiations that led to the deal announcement.  Based on inside information from SEAN STEWART, Robert Stewart purchased Kendle stock and passed the information to another individual to trade on his behalf, and earned several thousand dollars in profits after the acquisition of Kendle was publicly announced. 

The second deal about which SEAN STEWART tipped Robert Stewart was the acquisition of Kinetic Concepts, Inc. ("KCI") by Apax Partners, announced on July 13, 2011.  Robert Stewart passed the inside information to another co-conspirator, Richard Cunniffe, to trade on Robert's behalf.  Robert Stewart and Cunniffe earned more than $100,000 in profits after the acquisition was publicly announced. 

In the summer of 2011, SEAN STEWART learned that the Financial Industry Regulatory Authority ("FINRA") was conducting an inquiry into suspicious trading in Kendle securities, including trading by Robert Stewart.  SEAN STEWART at first falsely claimed to compliance officials at Investment Bank A that he did not recognize his father's name on a list of individuals who traded prior to the public announcement of Kendle's acquisition.  After FINRA and compliance officials at Investment Bank A recognized the connection between SEAN STEWART and his father, SEAN STEWART told a series of lies to those compliance officials, to make it seem as if Robert Stewart had decided on his own initiative to invest in Kendle without the benefit of inside information. 

In October 2011, Sean Stewart joined an investment banking advisory firm headquartered in Manhattan ("Investment Bank B") and was later promoted to Managing Director.  During his tenure with Investment Bank B, SEAN STEWART provided his father with tips concerning non-public acquisition negotiations involving three more public companies:  (1) the acquisition of Gen-Probe Inc. by Hologic, Inc., announced on April 30, 2012; (2) the acquisition, by tender offer, of Lincare Holdings Inc. by Linde AG, announced on July 1, 2012; and (3) the acquisition of CareFusion Corp. by Becton, Dickinson & Co. ("Becton"), announced October 4, 2014.  Investment Bank B represented Hologic in connection with its acquisition of Gen-Probe; Linde in connection with its acquisition of Lincare; and CareFusion in connection with its acquisition by Becton.  As before, Robert Stewart passed the information to Cunniffe in order to place trades for the two of them. 

During the course of the scheme, SEAN STEWART became aware that his father was having financial problems.  Rather than loan his father money, SEAN STEWART gave his father stock tips so that his father could profit from the information that STEWART stole from Investment Bank A and Investment Bank B and their clients.  In total, with respect to all five deals, Robert Stewart and Cunniffe earned profits of more than $1.1 million.

"The SEC Has Processes to Manage Information Technology Investments but Improvements Are Needed" (SEC Office of Inspector General / Office of Audits)
As set forth in part in the Executive Summary portion of the OIG's Report:

What We Found 

We determined that the SEC increased its funding for IT initiatives over the FY 2017 level as required by the Consolidated Appropriations Act, 2018. In addition, the agency used funds allocated to the 11 IT investments we judgmentally selected for review for their intended purposes. 

However, the SEC's management of steady state investments (investments to maintain and operate IT assets in a production environment) needs improvement, because the SEC's Office of Information Technology (OIT) did not view such investments as IT investments for the purposes of capital planning and investment control. The SEC's spending on steady state investments has gradually increased in recent years and, in FY 2018, steady state investments represented 71 percent of the agency's total IT investment expenditures (that is, $217 million of the $307 million spent that year). Improving agency management of steady state investments could promote more effective decision-making and provide greater assurance that such investments (1) deliver value, (2) do not unnecessarily duplicate or overlap with other investments, and (3) continue to meet the SEC's needs. 

In addition, the SEC can better manage and document deviations from approved plans for investments to develop, modernize, and enhance IT assets (referred to as DME investments). Five of the six DME investments we reviewed were rebaselined in FY 2018; however, we could not always determine compliance with aspects of the SEC's capital planning and investment control policy that address managing and documenting deviations from approved investment plans. This occurred because OIT had not established detailed formal rebaselining procedures. Without procedures that ensure a complete and accessible audit trail of each investment's lifecycle, the SEC's rebaselining processes may lack the transparency needed to ensure effective oversight of its DME investments. 

Also, 5 of the 11 IT investments we reviewed involved purchases of hardware assets. We found that OIT needs to improve the documentation of hardware assets investment planning and to demonstrate investment outcomes because OIT had not established processes to do so. Without such processes, the SEC risks hardware assets in use reaching their end-of-life/end-of-service, thereby increasing the risk of equipment failure and the potential for data loss. 

Finally, the SEC's Office of Acquisitions extended on a sole-source basis two contracts for IT acquisitions we reviewed without adequate documentation to support independent government cost estimates used for the estimated extension prices. This occurred, in part, because guidance that urged personnel to document any and all methods used to complete independent government cost estimates was "for informational purposes" and contracting officials did not use it. 

During our audit, two other matters of interest that did not warrant recommendations came to our attention. These matters related to the SEC's selection of its enterprise IT project and portfolio management system, and contract actions impacting the SEC's data centers. We discussed these matters with agency management for their consideration.