In a couple of speeches at Compliance Week 2014, SEC officials spoke of when it would be appropriate to bring an enforcement action against a Chief Compliance officer, or CCO.

SEC Commissioner Kara M. Stein said “If you read the facts in the cases we bring, you will see that they are not cases against CCOs that were promoting compliance.  Instead, they are cases against CCOs that were assisting fraud, ignoring red flags, not asking the tough questions, and not demanding answers.”

In another speech, Andrew Ceresney, Director of the SEC Division of Enforcement, noted:

• I have found that you can predict a lot about the likelihood of an enforcement action by asking a few simple questions about the role of the company’s legal and compliance departments in the firm.  Are legal and compliance personnel included in critical meetings?  Are their views typically sought and followed?  Do legal and compliance officers report to the CEO and have significant visibility with the board?  Are the legal and compliance departments viewed as an important partner in the business and not simply as support functions or a cost center?  Far too often, the answer to these questions is no, and the absence of real legal and compliance involvement in company deliberations can lead to compliance lapses, which, in turn, result in enforcement issues.
• But at the same time, I need to be clear that we have brought – and will continue to bring – actions against legal and compliance officers when appropriate.  This typically will occur when the Division believes legal or compliance personnel have affirmatively participated in the misconduct, when they have helped mislead regulators, or when they have clear responsibility to implement compliance programs or policies and wholly failed to carry out that responsibility.