Skip to Main Content

A primer on SEC investigations: The only way out is through

SEC investigations can have significant financial consequences, potentially placing a strain on standard D&O liability policies.



by Jennifer A. Keller, Esq. Senior Counsel and Executive Claims Specialist, Executive Liability

As the federal agency charged with the primary mission of enforcing securities laws and regulating the securities industry in the United States, the US Securities and Exchange Commission (SEC) has the authority to bring administrative proceedings and initiate civil litigation anywhere in the US. Its actions can be highly consequential in terms of financial impact. Consider these facts:

  • In fiscal year 2023, the SEC obtained orders for $4.949 billion in financial remedies—the second-highest amount in SEC history, after the record-setting financial remedies ordered in fiscal year 2022.
  • The agency’s 2023 fiscal remedies comprised $3.369 billion in disgorgement and prejudgment interest, and $1.580 billion in civil penalties. Both these sums were the second-highest amounts on record.
  • The SEC also obtained orders barring 133 individuals from serving as officers or directors of public companies, the highest number obtained in a decade.
  • In addition, the SEC distributed $930 million to harmed investors in fiscal year 2023, marking the second consecutive year with more than $900 million in distributions.
  • Finally, fiscal year 2023 was also a record-breaking year for whistleblowers: the SEC issued the most whistleblower awards ever for one year, totaling $600 million.

Often, the only way out of a SEC investigation is through—and at a price not for the faint of heart.1

Given the potential impact of the SEC’s actions, it is prudent to understand their processes and what to expect—including what, if any, insurance may be available to address the financial consequences insureds could face following SEC actions.

Triggers that can lead to an SEC investigation


No public company is immune from an SEC investigation. Even the best-run company can be subject to negative press, a disgruntled employee, unsupported claims by a class action lawyer or swings in the market price of its stock. Below are some triggers that can lead to an SEC investigation:

  • Tips and complaints: the SEC often receives tips and complaints from whistleblowers, investors, industry insiders or the public.
  • Market surveillance: the SEC monitors the financial markets for unusual trading activity or patterns that could indicate market manipulation or insider trading (e.g., unusual trading volume, rapid price fluctuations or other anomalies).
  • Corporate disclosures: this includes inaccurate or misleading information in a company’s financial statements or other filings with the SEC.
  • Insider trading: suspicious trading by company insiders such as officers, directors, or employees, ahead of significant company news or events.
  • Market manipulation: activities designed to manipulate the price of securities or create artificial trading activity, such as “pump and dump” schemes.
  • Regulatory violations: violations of security regulations or failures to comply with SEC rules.
  • Initial Public Offerings (IPOs): the SEC reviews the registration statements or offering documents for companies going public to ensure compliance with securities laws and address concerns about the accuracy or completeness of these documents.
  • Enforcement priorities: the SEC may initiate investigations based on its enforcement priorities, which shift over time based on market conditions, emerging risks, cyber security breaches and policy objectives.
  • Market events: market events, such as financial crisis or significant corporate scandals, can lead to broader investigations into systemic issues or specific companies and individuals involved.

Investigations: formal or informal


An SEC investigation can take two forms: formal or informal. An informal investigation can take two to three months and can lead to a formal investigation that can last for years.

In most cases, investigations are informal—or at least they begin as informal. An informal investigation, or “matter under investigation” (MUI), involves voluntary requests made by the SEC for documents or testimony. SEC staff (comprised of attorneys, accountants, and investigators) begin the examination process without the issuance of subpoenas. They examine brokerage records, trading data and any other information they can acquire without issuing an SEC subpoena. Following an informal investigation, SEC staff may elect to terminate the inquiry, enter into settlement negotiations with the target or pursue a formal investigation.

"No public company is immune from an SEC investigation."

While informal investigations may be termed “voluntary,” a company’s failure to comply may result in the SEC opening a formal investigation and issuing a subpoena compelling a response. If a target is unwilling to cooperate or to consider reasonable settlement options during an informal investigation, this can also lead to a formal inquiry.

If the SEC determines it will open a formal investigation, it first issues a “Formal Order of Investigation.” To obtain that, the SEC staff must articulate, usually in writing, the relevant facts it has discovered to date, the potential violations of the federal securities laws to be investigated and the specific staff members who will be conducting the investigation. A formal Order is then issued, as well as a public press release, which can negatively impact the public reputation of the company and its stock price.

Initiating a formal SEC investigation triggers the SEC’s subpoena authority. Subpoenas may require documents (duces tecum) or require testimony (duces ad testificandum). The SEC generally reserves formal investigations for more serious matters involving large amounts of money or affecting a larger number of shareholders; however, this is not always the case.

Responding to an SEC investigation is not the same as responding to private litigation. Company defense counsel will work with the SEC lawyers; a combative tone and aggressive tactics are dangerous and rarely advisable. Unlike in private discovery, where companies can seek judicial assistance if the plaintiff is being unreasonable, SEC investigations have no recourse to the courts as a practical matter. While a company’s defense counsel may tactfully seek to narrow the scope, they will almost never succeed in causing the SEC to abandon its requests. There are also no limits to how many subpoenas the SEC may issue—third and fourth subpoenas are not uncommon, and the documents collected can run into the millions of pages.

"An informal investigation can take two to three months and can lead to a formal investigation that can last for years."

At the end of the document phase of the investigation, and sometimes while documents are still being produced, the SEC may seek the testimony of company personnel—including but not limited to the CEO and CFO. The SEC can either ask for voluntary unrecorded interviews or send subpoenas requiring personnel to appear for formal testimony with a court reporter; either way, personnel will be required to testify under penalty of perjury.

Unlike a deposition, the testimony session is controlled exclusively by the SEC, with few limits on the staff’s ability to ask questions. Further, there is no requirement for the SEC staff to notify the company about subpoenaed third parties, and only counsel for the witness may attend. In an accounting case, for example, the SEC might spend months talking to a company’s CEO, CFO, COO, controller, lower-level accounting personnel, external auditors, the company’s Audit Committee and business partners. Each witness will need to be extensively prepared to testify about events that may have taken place years before. In many cases, witnesses will need individual counsel, separate from corporate counsel, due to the potential for conflicts of interest. Outside counsel will also remain involved. This results in significant legal fees.

Responding to an SEC investigation, even if the investigation results in no charges being filed, will commonly result in mid-seven-figure legal bills, with eight-figure bills not out of the question.

Wells Notices and Submissions


After considering the evidence available during a formal investigation, the SEC may or may not choose to issue a Wells Notice. A Wells Notice is a formal letter that summarizes the Enforcement Division’s findings and indicates that the SEC intends to pursue charges against the company. Responding to a Wells Notice by way of a Wells Submission is optional and provides a party with a means to highlight deficiencies in the SEC staff’s investigation.

The SEC is very often willing to discuss settlement of its cases before and during the Wells process. Often, the SEC will meet with counsel to discuss the case and may allow counsel to review the investigative records so that informed and productive settlement discussions can take place. The staff does not have any authority to commit the SEC to a settlement at this point in the process; instead, any agreement reached between the staff and a party is regarded as a commitment by the staff to recommend to the SEC that the terms of the settlement agreement negotiated by the staff be accepted.

While settlements recommended by the staff are frequently accepted by the SEC, it is not unusual for the SEC to reject proposed settlement terms and provide direction to its staff about more acceptable settlement terms. Settlements are typically entered on a “neither admit nor deny” basis, thus limiting the settlement’s res judicata effect on subsequent related civil proceedings—including but not limited to securities class actions and shareholder derivative lawsuits.

Presentation to the SEC


If the SEC Enforcement Division staff believes that charges are warranted, the final stage in the investigative process is for staff members to present their findings to the SEC for review. Upon reviewing the findings, the SEC can authorize the Enforcement Division to initiate enforcement proceedings.

Enforcement proceedings


If deemed warranted, the SEC may bring either a civil action or an administrative proceeding. In fiscal year 2023, the SEC filed 784 total enforcement actions, a three-percent increase over fiscal year 2022.

A civil action is a legal action by the SEC initiated by filing a complaint in the United States District Court seeking a remedy or sanction. This often involves a court-ordered injunction, which prohibits further acts or practices that violate securities laws or the SEC’s rules. Additionally, the SEC has the authority to pursue civil monetary penalties or the return of illegal profits (disgorgement). The court may further choose to bar or suspend an individual from serving as a corporate officer or director. The matter may be pending for years, as is typical of other matters pending in federal court.

"Responding to an SEC investigation is not the same as responding to private litigation."

Historically, another venue where the SEC can seek sanctions is administrative. Unlike civil actions, administrative proceedings are overseen by an independent administrative law judge (ALJ). The ALJ presiding over a hearing will evaluate the evidence presented by the SEC as well as the target of the investigation and, after the hearing, will issue an initial decision that includes factual findings and legal conclusions with a recommended sanction. Both the SEC and the targeted defendant(s) have the option to appeal all or part of the ALJ’s decision to the SEC itself. The SEC can uphold, reverse, or send the decision back for further hearings. Administrative sanctions may include cease and desist orders, suspension or revocation for broker-dealer and investment advisor registration, censures, bars from the securities industry (including lawyers and accountants appearing before the SEC), civil monetary penalties and disgorgement. Since little discovery takes place during administrative proceedings, the matter will likely be pending for months, if not years.

Administrative proceedings have been subjected to complaints due to perceptions that it is unfair for the ALJ, who is paid by the SEC, to apply rules created by the SEC to a complaint written and prosecuted by the SEC. Of significance is a ruling by the U.S. Supreme Court in June 2024, which curtailed the SEC’s use of administrative proceedings, stating that the accused has a right to a jury trial when financial penalties are on the table.2 The Supreme Court upheld a Fifth found that the SEC’s use of ALJ administrative proceedings violates the Seventh Amendment, at least when it is used to impose civil penalties on a defendant. The Court’s analysis focused on whether the SEC could impose civil penalties in-house when it accuses individuals or businesses of committing securities fraud. The Court ruled that it could not, because securities fraud echoes the type of common law fraud traditionally heard by juries and because civil penalties are “designed to punish and deter, not to compensate” victims of alleged fraud.

Though the SEC has curtailed its use of administrative courts to litigate in recent years, it currently has over 200 open administrative cases on its docket.

Directors and Officers insurance


As the foregoing discussion confirms, SEC investigations are typically expensive. One possible avenue for parties subject to an SEC investigation to meet their expenses is through directors and officers (D&O) insurance coverage. However, such policies do not automatically cover all aspects of potential expenses connected with an SEC investigation.

A modern D&O policy will typically cover defense costs and expenses incurred by individual officers and directors in a SEC investigation, subject to the policy’s retention—that is, that portion that is borne by the company before the policy begins to pay. However, recall that the SEC will sometimes send informal or voluntary requests, so coverage for the cost of complying with such requests will depend on the specific language of the policy. Coverage is also generally afforded to “insured persons.” However, depending on policy language, lower-level employees questioned by the SEC might not be covered as “insured persons.”

"Responding to an SEC investigation, even if the investigation results in no charges being filed, will commonly result in mid-seven-figure legal bills."

In addition, the company’s own defense costs in complying with an SEC investigation have been historically excluded by its D&O policy. Modern company investigation coverage is typically provided only by an endorsement or rider; without endorsement, there would be no such coverage because an SEC investigation by itself does not meet the definition of a Securities Claim—a specific subset of claims typically limited to claims alleging a violation of securities law or rule.

For example, coverage investigation of the company may be covered if it is related to a securities or derivative litigation, subject to the policy’s retention. Such coverage often requires that the investigation of the entity must be simultaneous with an investigation of an “insured person.” Given that the company is the one in possession of the lion’s share of documents, what coverage is afforded, if any, may be of critical importance to that entity.

In conclusion, the potential exists for a large gap between the company’s expenses during an SEC investigation and the coverage afforded by a standard D&O liability policy. Cost/benefit analysis is always prudent, of course; however, companies should be aware of the different components of their risk in this area, and of the endorsements that may be needed to make their liability coverage more comprehensive.

1 The SEC’s Division of Enforcement (Enforcement Division) conducts the agency’s investigations, which are typically nonpublic. The Enforcement Division is staffed primarily with attorneys and accountants. Headquartered in Washington, DC, the Enforcement Division has staff in each of the SEC’s 11 regional offices. While each regional office theoretically handles investigations within its geographic jurisdiction, those boundaries are often fungible. Thus, a company located in New York could easily be investigated by staff in the Los Angeles or Atlanta regional offices.
2See Securities and Exchange Commission v. Jarkesy, 144 S.Ct. 2117 (2024).