Posts

Was Chrysler’s Vehicle Hacking Risk an SEC Disclosure Reportable Event?

[photo: K2D2vaca via Flickr]

[photo: K2D2vaca via Flickr]

Remember the data breach at JPMorgan Chase, exposing 76 million accounts to “hack-mapping“? Last October, JPMorgan Chase publicly disclosed the intrusion and exposure to investors in an 8-K filing with the Securities and Exchange Commission. The statement complied with the SEC’s CF Disclosure Guidance: Topic No. 2 – Cybersecurity.

Other companies whose customers’ data have been exposed also disclosed breaches in 8-Ks, including Target, TJX Companies, Heartland Payment, EMC and Google. (Firms NASDAQ, Citigroup and Amazon have not.)

Disclosure of known cybersecurity threats or attacks with potential material risks allows investors to make informed decisions. Stock share pricing will fluctuate and reflect the true market value once risk has been factored by investors — and not remain artificially high.

Fiat Chrysler America (FCA; NYSE:FCAU) has known for nearly a year about the risk that Chrysler vehicles could be hacked remotely, according to Fortune magazine Thursday.

Yet to date no filing with the SEC has been made, disclosing this specific cyber risk to investors, customers, and the public.

The SEC’s Disclosure Guidance, though, is just that — guidance. There aren’t any firm rules yet in place, and the guidance itself was published in October 2011. A lot has happened and changed about technology and cybersecurity risks since then; the guidance has not reflected the increasing threats and attacks to business’ data.

Nor does the SEC’s guidance distinguish between cybersecurity threats to service products (like banking services), versus hardlines or manufactured goods (like automobiles which offer software as an additional, non-essential feature). The software industry’s chronic security patching confuses any distinction; should software companies likewise include all security patches in their SEC filings, or continue as they have without doing so? It’s easy to see how revelations about Adobe Flash after Hacking Team was hacked have materially hurt Adobe and all companies relying on Flash — yet Adobe hasn’t released a statement at its website. (Only a statement addressing the 2013 threat to customer accounts is posted.)

Are financial services firms any more obligated than software firms? Are automobile companies, which claim ownership of on-board software, any more obligated than software companies? Read more

Blogger since 2002, political activist since 2003, geek since birth. Opinions informed by mixed-race, multi-ethnic, cis-female condition, further shaped by kind friends of all persuasions. Sci-tech frenemy, wannabe artist, decent cook, determined author, successful troublemaker. Mother of invention and two excessively smart-assed young adult kids. Attended School of Hard Knocks; Rather Unfortunate Smallish Private Business School in Midwest; Affordable Mid-State Community College w/evening classes. Self-employed at Tiny Consulting Business; previously at Large-ish Chemical Company with HQ in Midwest in multiple marginalizing corporate drone roles, and at Rather Big IT Service Provider as a project manager, preceded by a motley assortment of gigs before the gig economy was a thing. Blogging experience includes a personal blog at the original blogs.salon.com, managing editor for a state-based news site, and a stint at Firedoglake before landing here at emptywheel as technology’s less-virginal-but-still-accursed Cassandra.

Mapping Treasure: Looking Beyond the Yield of Traditional Insider Trading

Money by Kevin Dooley via Flickr

[graphic: Money by Kevin Dooley, via Flickr]

A former SAC hedge fund manager, who cooperated with law enforcement, avoided a prison sentence this week after the FBI’s investigation into insider trading found criminal activities. It’s a rather typical story in which persons unfairly benefited from information they would not otherwise have access to outside their work as traders. Six persons were ultimately convicted in connection with this case.

A fresh spin on insider trading also made news this week, when the SEC filed a lawsuit against two Capital One fraud investigators who made 1800 percent on their investment over three years, based on their use of a Capital One credit card user database.

The two investigators, Bonan Huang and Nan Huang, grew an investment of $147,300 to $2.8 million based on thousands of searches across a database comprised of credit card customer transactions. Noting the volume of use of credit cards at a particular fast food company, they bought and traded the company’s stock based on this data.

Over time they made similar stock trades based on transactional volume and other publicly available news about three different companies.

Had the database been one for sale by a company rather than their employer’s proprietary database, the Huangs would have been lauded as investment rock stars. But because the method they used “misappropriates confidential information for securities trading purposes, in breach of a duty owed to the source of the information,” the two men are being sued for insider trading.

The Huangs’ trading experience gives pause when one considers the value of metadata, and of the data breach at JP Morgan Chase this past year.

Metadata can offer a volume of transactional activity, though it will not disclose the value of a transaction. Imagine smartphones indicating they are being used at particular devices – point-of-sale devices – at any retailer, from fast food to hard lines. An uptick in overall activity at a specific retailer indicates greater volume of business, the data fresher than that reported in a 10-Q report filed publicly with the SEC. What could an investor do with this kind of data? One could imagine success not much different than the Huangs experienced, provided they also understood other publicly available information about the retailers under observation. Read more

Blogger since 2002, political activist since 2003, geek since birth. Opinions informed by mixed-race, multi-ethnic, cis-female condition, further shaped by kind friends of all persuasions. Sci-tech frenemy, wannabe artist, decent cook, determined author, successful troublemaker. Mother of invention and two excessively smart-assed young adult kids. Attended School of Hard Knocks; Rather Unfortunate Smallish Private Business School in Midwest; Affordable Mid-State Community College w/evening classes. Self-employed at Tiny Consulting Business; previously at Large-ish Chemical Company with HQ in Midwest in multiple marginalizing corporate drone roles, and at Rather Big IT Service Provider as a project manager, preceded by a motley assortment of gigs before the gig economy was a thing. Blogging experience includes a personal blog at the original blogs.salon.com, managing editor for a state-based news site, and a stint at Firedoglake before landing here at emptywheel as technology’s less-virginal-but-still-accursed Cassandra.

How Long Until ESPN Brand Is Damaged By Money Trumping Safety?

ESPN stands perilously close to damaging its brand with repeated recent moves that appear to place their income stream ahead of safety. After working closely with Frontline for well over a year on a project documenting the effects of concussion injuries in football and especially in the NFL, ESPN on Friday removed their name from the effort, only a few weeks before the documentary was slated to air. Today, Kevin Brockway is out with an article in the Gainesville Sun noting the frequency with which the University of Florida has been forced to schedule early season home football games during early afternoon hours when heat indices are at dangerous levels for both athletes and spectators.

The New York Times noted yesterday that ESPN wields overwhelming power when it comes to setting the times for college football games to start, in some cases not announcing kickoff times until only six days before the game. Brockway’s article in the Sun shows the impact of ESPN’s decision-making here in Gainesville:

When the Southeastern Conference unveiled its week one 2013 football season start times, the collective groan from Gator Nation was heard from Key West to Pensacola.

For the fourth time in the last six years, Florida was stuck with an afternoon kickoff for its season opener. This Saturday’s 12:21 p.m. start time against Toledo at Ben Hill Griffin Stadium will force fans to again stock up on sunblock and bottled water.

But we aren’t talking about a mere inconvenience with the starting time. Figures on fans treated for heat-related illness in previous years speak to the danger of kickoffs at this hour in August and September:

The burning question is why? Why would the SEC schedule an early-afternoon game for its southernmost member during a month when the average heat index (which measures heat and humidity) is at its highest point of the year?

The answer lies in television, and some factors beyond the SEC’s control. Nonetheless, Florida administrators aren’t happy about the prospect of another sweltering Saturday opener. They consider it a fan safety issue. In 2011, when Florida began the season against Florida Atlantic (7 p.m. kickoff), only six fans were treated by medical staff for heat-related problems. Last season, when Florida opened against Bowling Green (3:30 p.m.), 105 fans were treated for heat-related issues.

A 12:21 kickoff is likely to be even worse than a 3:30 kickoff if rain showers don’t intervene, as the stands on the west side of the stadium usually are in the shade by 3:30 but not at 12:30, while shade doesn’t hit the seats on the east side until early evening.

As for the concussion documentary, here is how the Times described ESPN dropping out of particpation:

On Thursday, ESPN, which has spent heavily in recent years to build its investigative reporting team, abruptly ended its affiliation with “Frontline,” a public affairs television series that was weeks from showing a jointly produced two-part investigative project about the N.F.L.’s contentious handling of head injuries. The divorce came a week after the N.F.L. voiced its displeasure with the documentary at a lunch between league and ESPN executives, according to two people with direct knowledge of the situation.

As might be expected, there are now denials from the NFL that they exerted pressure and from ESPN that they bowed to pressure. Those denials do nothing to improve the optics of the situation, however, and it remains indisputable that ESPN withdrew its support just before the documentary slamming the NFL’s handling of concussions aired.

ESPN is in very dangerous territory right now. If Saturday proves to be especially hard on fans at early afternoon games in the South, the record is already clear on whom to blame for shifting games from their traditional evening kickoffs to the worst possible time for fan and player safety.

Many years ago, Jim got a BA in Radiation Biophysics from the University of Kansas. He then got a PhD in Molecular Biology from UCLA and did postdoctoral research in yeast genetics at UC Berkeley and mouse retroviruses at Stanford. He joined biosys in Palo Alto, producing insect parasitic nematodes for pest control. In the early 1990’s, he moved to Gainesville, FL and founded a company that eventually became Entomos. He left the firm as it reorganized into Pasteuria Biosciences and chose not to found a new firm due a clash of values with venture capital investors, who generally lack all values. Upon leaving, he chose to be a stay at home dad, gentleman farmer, cook and horse wrangler. He discovered the online world through commenting at Glenn Greenwald’s blog in the Salon days and was involved in the briefly successful Chris Dodd move to block the bill to renew FISA. He then went on to blog at Firedoglake and served a brief stint as evening editor there. When the Emptywheel blog moved out of Firedoglake back to standalone status, Jim tagged along and blogged on anthrax, viruses, John Galt, Pakistan and Afghanistan. He is now a mostly lapsed blogger looking for a work-around to the depressing realization that pointing out the details of government malfeasance and elite immunity has approximately zero effect.

“Cozy Ties Between Regulators, Politicians and Utilities” Gives New Nuke Agency in Japan, Business as Usual on Wall Street

Reuters reports this morning that Japan’s lower house of parliament has passed a law authorizing creation of a new nuclear regulatory agency. The second paragraph of the story stands out to me:

The 2011 Fukushima disaster cast a harsh spotlight on the cozy ties between regulators, politicians and utilities – known as Japan’s “nuclear village” – that experts say were a major factor in the failure to avert the crisis triggered when a huge earthquake and tsunami devastated the plant, causing meltdowns.

The underlying cause of the “nuclear village” where regulators are captured by the industry they regulate and the politicians also are owned by the same system applies equally as well to the situation that enabled the meltdown of global financial markets in 2008. There is far less recognition of the village aspect of Wall Street’s lack of regulation in the financial crisis, and where there have been moves ostensibly toward regulation or even prosecution of crimes, they have been a sham:

On March 9 — 45 days after the speech and 30 days after the announcement — we met with Schneiderman in New York City and asked him for an update. He had just returned from Washington, where he had been personally looking for office space. As of that date, he had no office, no phones, no staff and no executive director. None of the 55 staff members promised by Holder had materialized. On April 2, we bumped into Schneiderman on a train leaving Washington for New York and learned that the situation was the same.

Tuesday, calls to the Justice Department’s switchboard requesting to be connected with the working group produced the answer, “I really don’t know where to send you.” After being transferred to the attorney general’s office and asking for a phone number for the working group, the answer was, “I’m not aware of one.”

The promises of the President have led to little or no concrete action.

In fact, the new Residential Mortgage-Backed Securities Working Group was the sixth such entity formed since the start of the financial crisis in 2009. The grand total of staff working for all of the previous five groups was one, according to a surprised Schneiderman. In Washington, where staffs grow like cherry blossoms, this is a remarkable occurrence.

We are led to conclude that Donovan was right. The settlement and working group — taken together — were a coup: a public relations coup for the White House and the banks. The media hailed the resolution for a few days and then turned their attention to other topics and controversies.

But for 12 million American homeowners, collectively $700 billion under water, this was just another in a long series of sham transactions.

Perhaps in homage to the Schneiderman and other sham units, the Reuters article on Japan’s new agency does show a bit of caution regarding the new agency:

The legislation, however, swiftly came under fire for appearing to weaken the government’s commitment to decommissioning reactors after 40 years in operation, even as it drafts an energy program to reduce nuclear power’s role.

Under a deal ending months of bickering by ruling and opposition parties, the new regulatory commission could revise a rule limiting the life of reactors to 40 years in principle.

“Does this reflect the sentiment of the citizens, who are seeking an exit from nuclear power?” queried an editorial in the Tokyo Shimbun daily. “Won’t it instead make what was supposed to be a rare exception par for the course?”

And as for the coziness between politicians in the US and the financial industry, we need look no further than Wednesday’s appearance by Jamie Dimon before the Senate Banking, Housing and Urban Affairs Committee. One of Marcy’s tweets during the hearing says all we need to know about that “hearing”:

BOB CORKER WIPE THAT SPOOGE FROM YOUR CHIN RIGHT NOW!

Japan’s response to its meltdown has been to shut down all nuclear plants while the framework for how they will operate if they are allowed to restart is debated. Imagine how much better off the world would be if JP Morgan Chase and Goldman Sachs had been shut down while a proper regulatory framework for them was developed.

Many years ago, Jim got a BA in Radiation Biophysics from the University of Kansas. He then got a PhD in Molecular Biology from UCLA and did postdoctoral research in yeast genetics at UC Berkeley and mouse retroviruses at Stanford. He joined biosys in Palo Alto, producing insect parasitic nematodes for pest control. In the early 1990’s, he moved to Gainesville, FL and founded a company that eventually became Entomos. He left the firm as it reorganized into Pasteuria Biosciences and chose not to found a new firm due a clash of values with venture capital investors, who generally lack all values. Upon leaving, he chose to be a stay at home dad, gentleman farmer, cook and horse wrangler. He discovered the online world through commenting at Glenn Greenwald’s blog in the Salon days and was involved in the briefly successful Chris Dodd move to block the bill to renew FISA. He then went on to blog at Firedoglake and served a brief stint as evening editor there. When the Emptywheel blog moved out of Firedoglake back to standalone status, Jim tagged along and blogged on anthrax, viruses, John Galt, Pakistan and Afghanistan. He is now a mostly lapsed blogger looking for a work-around to the depressing realization that pointing out the details of government malfeasance and elite immunity has approximately zero effect.

Jed Rakoff to SEC: Do you think I’m a tool?

Judge Jed Rakoff has rejected the SEC’s proposed wrist slap of Citibank for selling mortgage-backed securities it knew to be of poor qualify.

Effectively, what he did was join this complaint with SEC’s complaint–filed at the same time as they filed the proposed Citi settlement–against a Citi employee, Brian Stoker, in which the SEC explicitly alleged that Citi knew what it was doing when it dealt shitty securities it intended to short. By doing so, Rakoff imposed the same trial process on this complaint as on Stoker. Effectively, he’s saying, “If you’re prepared to prove that Stoker knew what he was doing in selling shitty MBS, you’re prepared to prove that Citi did too.”

But the rest of his ruling focuses more generally on his demand that the SEC stop treating him–and federal judges generally–as tools of their efforts to cover over corporate crime. When he uses “tool” in this passage, I couldn’t help thinking he mean tool both literally, but also in the derogatory sense.

Without multiplying examples, it is clear that before a court may employ its injunctive and contempt powers in support of an administrative settlement, it is required, even after giving substantial deference to the views of the administrative agency, to be satisfied that it is not being used as a tool to enforce an agreement that is unfair, unreasonable, inadequate, or in contravention of the public interest. [my emphasis]

After showing that Citi changed its mind, once it became clear Rakoff would be judging the issue, about the standard for judicial review in such cases,

In its original Memorandum in support of the proposed Consent Judgment, filed before the case had been assigned to any judge, the S.E.C. expressly endorsed the standard of review set forth by this Court in its Bank of America decisions, i.e., “whether the proposed Consent Judgment … is fair, reasonable, adequate, and in the publc interest.”

[snip]

In its most recent filing in this case, however, the S.E.C.
partly reverses its previous position and asserts that, while the Consent Judgment must still be shown to be fair, adequate, and reasonable, “the public interest … is not part of [the] applicable standard of judicial review.”

Rakoff then went on to argue that fact finding was necessary to serve the public interest, repeating his angry language about being used by the SEC.

Purely private parties can settle a case without ever agreeing on the facts, for all that is required is that a plaintiff dismiss his complaint. But when a public agency asks a court to become its partner in enforcement by imposing wide-ranging injunctive remedies on a defendant, enforced by the formidable judicial power of contempt,3 the court, and the public, need some knowledge of what the underlying facts are: for otherwise, the court becomes a mere handmaiden to a settlement privately negotiated on the basis of unknown facts, while the public is deprived of ever knowing the truth in a matter of obvious public
importance.

3 The Second Circuit has described the contempt power as “among the most formidable weapons in the court’s arsenal.”

At which point he really starts to vent.

An application of judicial power that does not rest on facts is worse than mindless, it is inherently dangerous. The injunctive power of the judiciary is not a free roving remedy to be invoked at the whim of a regulatory agency, even with the consent of the regulated. If its deployment does not rest on facts–cold, hard, solid facts, established either by admissions or by trials–it serves no lawful or moral purpose and is simply an engine of oppression.

Read more

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Tide, Tigers and Other Pro Football

ESPN tells me that the BIGGEST COLLEGE FOOTBALL GAME EVAH is being played today between Number 1 LSU and Number 2 Alabama. Got a pretty tough hill to climb to beat the Stanford/USC game last weekend though; we shall see. No question about these two teams defenses, they are both big, tough and fast. The game is at fabled Bryant-Denny Stadium in Tuscaloosa, so the home turf factor certainly goes to the Tide. But the Tigers have the Honey Badger X-Factor. The Honey Badger is LSU cornerback/roving hit man Tyrann Mathieu. Both teams have competent QBs, although neither Jarrett Lee nor AJ McCarron have really been tested so far in a situation where the game depended on their arms, so their stats are a little misleading. Really so far, it is basically a wash and the teams are pretty similar. Except Alabama has Trent Richardson, who is simply a punishingly good running back; by the end of the game, that may well be the difference.

A week or two ago, I might have thought #14 Kansas State could give #3 Oklahoma State a run for the money; but not now, and not in Stillwater. A third late game of note is #9 South Carolina at #7 Arkansas. Marcus Lattimore’s season ending knee injury cost the “Cocks maybe the best all around RB in the nation, but his fill in, Brandon Wilds has been picking right up where Lattimore left off. The Hogs just kill SC every year, but I am going to go out on a limb and say the Gamecocks get the upset. The fourth key game is yet another late game, with ASU traveling to the Rose Bowl to take on UCLA. Hard to believe, but if the Bruins manage a win, they would be in the lead for the Pac-12 Southern Division berth in the conference championship game. The Bruins have rebounded from a lousy start to the season, but I don’t think they have the horses to match points with Brock Osweiller and the Devils.

Honorable mentions go to Texas A&M/Sooners; potential upset there, but it is in Norman. In early action, Iowa is Hawking all over the Wolverweenies so far as are the Longwhores over the Texas Tech Red Raiders.

Oh, and in the sick news of the week, legendary ex-Penn State Defensive Coordinator Jerry Sandusky has been indicted on 40, count em 40, counts of various deviant sexual assault of minor boys over a fifteen year period between 1994 and 2009. Sandusky retired from PSU in 1999, but the current Athletic Director and a second school athletic oversight official have also been charged in the matter with perjury and failure to report. JoePa has been left out, presumably because he did report when he supposedly first heard of Sandusky’s conduct (which was in 2002 after Sandusky had left PSU), but it sure doesn’t look like Paterno did much in the way of followup when he had to have known nothing had come of his report. Pretty bleak day in University Park.

In more positive news, the fine folks in Deetroit have organized to try to unsuck the Lions’ home games. From the Free Press:

A petition to dislodge Nickelback from the Detroit Lions’ Thanksgiving Day game has turned into a whole mess of petitions.

Rolling into its second day, the Great Nickelback Debacle continued to generate heated Internet chatter and international headlines, as the original fan campaign against the rock band closed in on 35,000 signatures.

Now THAT is a worthy effort; here is the petition. Nickelback?? You gotta be fucking kidding me. Deetroit Motor City, what the hell were you thinking??

UPDATE: Aaaaannnddd here come the “other pro-football players”, the ones that work for money instead of Escalades, free tattoos and money. I get the choice of 49ers at Skins or the Jets Jets Jets getting Circled By Wagons. I am kind of watching both, but am more interested in the Bills. Say this though, Frank Gore is an animal. Dude is really good. San Francisco is not a fluke, they can play. Hey, look, Sanchez is on the ground getting dirty near his own end zone already! Fancy that….Hey, wait, the Sanchize drove the Jets all the way down to the Bills endzone ….. and was promptly intercepted with a 20 yard runback.

Actually, now that I look at the schedule, Skins/49ers may be the second best early game; yuk what a lousy slate. Tampa Bay and Saints might be interesting, but it is in Nawlins, and Le Bon Temps Roulet there. The late slate is much better with Bolts/Cheesers, Pats/Gents, Bengals/Titans, and Baby Jesus at the Black Hole all being pretty interesting matchups. This is the kind of weird game the Bolts often somehow win, but for the life of me, I cannot see how they are gonna stop the Cheese Offensive. I don’t think the Pats could stop Bad Eli, much less Good Eli. Isn’t this where the famed “gelling of the young Belichick defense” is supposed to be happening? No signs of that so far this year.

Most unfortunately, I will be watching none of those games, because I get the extra pleasure of being given the Rams and Cardinals as my only late afternoon game. That is a fair fight. Of losers. Oh well, the Sunday and Monday Night games are both superb this week. Big Ben and the Stillers are back in form, and they might just have some payback in the offing for the Ravens. And Flacco and the Baltimore offense are regressing. Bears at Philly just depends on which Bears show up. But it seems Vick and teh Iggles are starting to click finally, so Philly looks good here.

Crack open a cold one and shove some chips and salsa in yer maw and let’s rock.

Bmaz is a rather large saguaro cactus in the Southwestern Sonoran desert. A lover of the Constitution, law, family, sports, food and spirits. As you might imagine, a bit prickly occasionally. Bmaz has attended all three state universities in Arizona, with both undergraduate and graduate degrees from Arizona State University, and with significant post-graduate work (in physics and organic chemistry, go figure) at both the University of Colorado in Boulder and the University of Arizona. Married, with both a lovely child and a giant Sasquatch dog. Bmaz has been a participant on the internet since the early 2000’s, including active participation in the precursor to Emptywheel, The Next Hurrah. Formally joined the Emptywheel blog as an original contributing member at its founding in 2007. Bmaz grew up around politics, education, sports and, most significantly, cars; notably around Formula One racing and Concours de Elegance automobile restoration and showing. Currently lives in the Cactus Patch with his lovely wife and beast of a dog, and practices both criminal and civil trial law.

Letter from Nigeria Goldman

FROM: Mr. Lloyd Blankfein

200 West Street

New York, New York

202-555-MOTU

TO: CEO

Chump City, ForeignLand

Dear Sir:

I have been requested by the Facebook Company to contact you for assistance in resolving a matter. The Facebook Company has recently concluded new agreements to share its users’ identities. The contracts have immediately produced moneys equaling US$50,000,000,000. The Facebook Company is desirous of harvesting user identities in other parts of the world, however, because of certain regulations of the Securities and Exchange Commission, it is unable to move these funds to another region.

You assistance is requested as a non-American citizen to assist the Facebook Company, and also the Goldman Sachs, in moving these funds out of America. If the funds can be transferred to your name, in your non-United States account, then you can forward the funds as directed by the Facebook Company. In exchange for your accommodating services, the Facebook Company would agree to allow you to retain 10%, or US$5 billion of this amount.

However, to be a legitimate transferee of these moneys according to American law, you must presently be a depositor of at least US$1,000,000 in a Special Purpose Vehicle which is regulated by the Goldman Sachs.

If it will be possible for you to assist us, we would be most grateful. We suggest that you meet with us in person in Chump City, and that during your visit I introduce you to the representatives of the Facebook Company, as well as with certain officials of the Goldman Sachs.

Please call me at your earliest convenience at 202-555-MOTU. Time is of the essence in this matter; very quickly the Securities and Exchange Commission will realize that the Goldman Sachs is maintaining this amount on deposit, and attempt to levy certain depository taxes on it.

Yours truly,

Lloyd Blankfein

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

SEC Inspector General: Yes, BoA Got Special Treatment

The WaPo reports that an SEC Inspector General report shows that the SEC gave Bank of America lenient treatment when it fined BoA for its funny business surrounding the Merrill Lynch acquisition, but did not place limits on BoA’s ability to issue securities that would normally be placed on a firm that violates securities law.

The inspector general found that the SEC showed leniency in the first settlement. He did not find that Bank of America’s status as a bailed-out bank affected the settlement’s price tag. Rather, he found that the SEC exempted Bank of America from other sanctions.

Like many of its competitors, Bank of America has long enjoyed a special status with the SEC that allows it to issue securities more easily.

Customarily, a firm that agrees to settle violations of securities law related to disclosures would lose this special status, thereby penalizing the firm with a lengthier and costlier process for issuing securities.

In settlement discussions with the SEC, Bank of America asked to retain that special status. The SEC, at first, declined, insisting that firms that violate the disclosure requirements of securities laws must suffer the consequences of those actions.

The agency reversed course in a last-minute meeting with Bank of America before the full commission voted to approve the settlement.

“In this meeting, BofA argued that the dire state of the financial markets made it critical that it be able to raise money quickly” by issuing securities, according to the inspector general’s report.

SEC officials decided to allow the bank to retain the special status because it had received taxpayer bailouts and “it would not be in the interest of the market or investors to prevent them from getting to the market,” according to the report.

This first settlement, btw, was the one Judge Jed Rakoff rejected, saying this of the settlement itself:

Overall, indeed, the parties submissions, when carefully read, leave the distinct impression that the proposed Consent Judgment was a contrivance designed to provide the S.E.C. with the façade of enforcement and the management of the Bank with a quick resolution to an embarrassing inquiry…

Mind you, this IG finding appears to represent the facade of oversight. In addition to finding the teeny fine and the way it was assessed to be no problem, SEC’s IG also had no problem with the way Treasury and the Fed were involved in the merger of BoA and Merrill Lynch.

The whole thing sort of makes you wonder about what other special treatment BoA has been getting all this time, all in an effort to avoid admitting that it is insolvent. Maybe Julian Assange can help us out there?

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

SEC to Ratings Agencies: Really, We Mean Business

Yesterday, the SEC told ratings agencies they mean business. They will prosecute agencies for fraud.

In the future.

It did so in a report of investigation into explicit fraud on the part of Moody’s in which the SEC declined to prosecute for jurisdictional reasons.

At issue is a programming error that caused Moody’s to give credit ratings up to four notches higher to some complex debt products than the products deserved. Moody’s discovered the coding error in January 2007. But then ratings committee members in Europe decided not to downgrade the credit ratings for those products because doing so–admitting the coding error–might make Moody’s look bad.

In this particular case we seem to face an important reputation risk issue. To be fully honest this latter issue is so important that I would feel inclined at this stage to minimize ratings impact and accept unstressed parameters that are within possible ranges rather than even allow for the possibility of a hint that the model has a bug.

The Financial Times learned of and reported Moody’s decision in May 2008 after which, in July 2008, Moody’s ‘fessed up to the problem.

Internal Moody’s documents seen by the FT show that some senior staff within the credit agency knew early in 2007 that products rated the previous year had received top-notch triple A ratings and that, after a computer coding error was corrected, their ratings should have been up to four notches lower.

But in the interim period, as part of a registration application to be a recognized ratings agency, Moody’s made the following representations to the SEC:

Accordingly, Exhibit 2 to the MIS application provided the procedures and methodologies used by MIS to determine credit ratings and, among other things, stated therein that the “Relevant Credit Rating Process Policies” included the MIS “Core Principles for the Conduct of Rating Committees.” The actions of the rating committee that evaluated the affected credit ratings for the CPDO notes did not comply with these Core Principles. Most notably, the Core Principles stated that “Moody’s will not forbear or refrain from taking a rating action based on the potential effect (economic, political or otherwise) of the action on Moody’s, an issuer, an investor, or any other market participant.” The Core Principles also stated that “[i]n arriving at a Credit Rating, the [rating committee] will only consider analytical factors relevant to the rating opinion.” Because the committee allowed concerns regarding the potential reputational impact on Moody’s to influence decisions not to downgrade the affected CPDOs, the process did not comply with the procedures listed in the MIS application. [my emphasis]

In other words, Moody’s promised to the SEC that it did not do what it had done in 2007, choose not to downgrade the credit rating of an entity because doing so would hurt Moody’s.

Financial Times first reported of SEC’s investigation into Moody’s in May 2010–almost two years after Moody’s admitted they had been gaming their ratings. But yesterday, SEC basically said they weren’t going to prosecute Moody’s for making false representations to the SEC because–given that the financial products being rated and the decisions not to downgrade their ratings all took place in Europe–it wasn’t sure it had jurisdiction to prosecute.

Mind you, the Financial Reform bill has made it explicitly clear that the SEC can prosecute ratings agencies for stuff they do overseas.

The Commission notes that, in recently enacted legislation, Congress has provided expressly that federal district courts have jurisdiction over Commission enforcement actions alleging violations of the antifraud provisions of the Securities Act of 1933 or the Exchange Act involving “conduct within the United States that constitutes significant steps in furtherance of the violation, even if the securities transaction occurs outside the United States and involves only foreign investors” or “conduct occurring outside the United States that has a foreseeable substantial effect within the United States.”

So the punchline of this report–showing that Moody’s clearly was cooking the books but concluding that because the books were cooked in Europe, SEC isn’t sure it can do anything–is a stern warning to ratings agencies going forward:

This report serves to caution NRSROs that, where appropriate, the Commission will utilize recent legislative provisions granting jurisdiction for enforcement actions alleging otherwise extraterritorial fraudulent misconduct that involves significant steps or foreseeable effects within the United States. The Commission also cautions NRSROs that they should implement sufficient and requisite internal controls over policies, procedures, and methodologies used to determine credit ratings.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

SEC: CoxSlackers & BushWackers Fiddled While Wall Street Burned

The big outrage de jour making the rounds in the media currently is the porn scandal at the Securities and Exchange Commission (SEC). This report from the Washington Post is typical of the reporting coming out of the main media:

Republicans are stepping up their criticism of the Securities and Exchange Commission following reports that senior agency staffers spent hours surfing pornographic websites on government-issued computers while they were supposed to be policing the nation’s financial system.

California Rep. Darrell Issa, the top Republican on the House Oversight and Government Reform Committee, said it was “disturbing that high-ranking officials within the SEC were spending more time looking at porn than taking action to help stave off the events that put our nation’s economy on the brink of collapse.”

He said in a statement Thursday that SEC officials “were preoccupied with other distractions” when they should have been overseeing the growing problems in the financial system.

Would it be too much for the media to actually think for a moment before they perform stenography for alarmist Darrell Issa? Because even a moment’s pause would yield the realization that Republican outrage on this is absurd and duplicitous. In fact the SEC – IG report produced for another of the Republican howlers, Iowa Senator Charles Grassley, proves the pornification of the SEC was born and grown during the Bush/Cheney Administration and the leadership of Republican stalwart and longtime Issa colleague and friend Chris Cox. The IG Report also demonstrates quite clearly that the vast majority of the incidents occurred during Cox’s reign during the second Bush term, although there were some that continued on during the Obama Administration.

But it is not just that the problem was born and matured under Bush and Cox, it is the fact that it is symptomatic for the emasculation and gutting of the SEC which occurred at their hands and express direction. It was not a bug, but a feature. As Bloomberg News reported last year:

Under former SEC Chairman Christopher Cox, the agency instituted policies that slowed cases and led enforcement-unit lawyers to conclude commissioners opposed fining companies, the Government Accountability Office said in a report today. An unidentified attorney said it was “widely felt” commissioners prevented the division from “doing its job,” according to the report.

“Some investigative attorneys came to see the commission as less of an ally in bringing enforcement actions and more of a barrier,” the GAO said. Cox’s policies “contributed to an adversarial relationship between enforcement and the commission.”

The non-partisan GAO report on the Bush/Cox SEC found poor management, determination to not pursue cases, lack of transparency, and collusion with business interests. It was the Republican philosophy and direction which neutered the SEC. It is little wonder they took to surfing the net for porn, they literally had nothing else to do under Republican “leadership”.

So perhaps the media stenographers ought to remember this when suddenly howling duplicitous Republican shills like Issa and Grassley want to tar, feather and undermine the SEC now that Democratic leadership, led by Mary Schapiro, have cleaned the agency up, turned it around and put it back to work doing its oversight and enforcement job.

On a related note in things financial, our friend Selise is going to be along in comments to discuss her Seminal Diary on financial reform and the commendable Fiscal Sustainability Conference and Teach-In occurring next week in Washington DC. This is a worthy effort and is supported by a variety of progressive interests including Jamie Galbraith and my friend and former colleague, Ian Welsh.

(graphic by nathan bransford)

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.