On Oct. 24, 2023, Gurbir Grewal, the Director of the U.S. Securities and Exchange Commission’s (SEC) Enforcement Division, spoke to the NY Bar Association Compliance Institute about his views concerning faltering public trust of bank and investment institutions.[1] He discussed the importance of creating a “culture of proactive compliance,” enforcing whistleblower protection, the off-channel communications cases and extraordinary cooperation.[2] He then discussed compliance officer liability.[3] Although regulators periodically discuss this issue, the stakes are high. Firms should pay attention.

Grewal outlined three situations where the SEC has brought enforcement actions against compliance personnel:

  1. “Where compliance personnel affirmatively participated in misconduct unrelated to the compliance function;
  2. Where they misled regulators; and
  3. Where there was a wholesale failure by them to carry out their compliance responsibilities.”

Grewal’s statements suggest that the first and second categories of cases are self-explanatory.

In the first situation, compliance officers will be charged if they violate securities laws that may have nothing to do with their compliance responsibilities.[4]

In the second situation, compliance officers will be charged if they deliberately and intentionally falsify documents or mislead the SEC and other regulators.[5]

The third situation is more nuanced. Grewal stated that these are cases where firms do not conduct any compliance inquiries and fail to remediate quality control issues. In one case, Grewal described the SEC’s September order against a partner at a public accounting firm who oversaw the firm’s quality control policies and procedures.[6] The partner failed to address various deficiencies identified by the Public Company Accounting Oversight Board (PCAOB).[7]

In another case, the SEC charged a registered investment adviser for failing to carry out his compliance responsibilities by not updating a training handbook to reference securities laws and conducting compliance training and annual reviews of the program.[8] Grewal described these situations as having “no education, no engagement and no execution,”[9] emphasizing the “wholesale failure by them to carry out their compliance responsibilities.”[10]

Grewal tempered his comments by stating that it is “rare” for the SEC to target compliance officers, stating that the SEC has brought “only a handful” of cases against compliance personnel.[11] Grewal’s remarks emphasize the importance of establishing and implementing meaningful compliance policies and procedures.

Grewal’s remarks are an important reminder to compliance officers and the lawyers who advise them. Compliance officers must understand the issues raised in the aspects of their company’s business within their responsibility and take affirmative steps to understand and address compliance risks by executing meaningful compliance policies and procedures. 

[1] See Gurbir S. Grewal, Dir., Div. of Enforcement, Remarks at New York City Bar Association Compliance Institute, Sec. and Exch. Comm’n (Oct. 24, 2023), [Hereinafter “Grewal Oct. 24, 2023 Remarks”].

[2] Id.

[3] Id.

[4] On June 29, 2023, the SEC charged Jordan Meadow, a NY-based broker-dealer, and Steven Teixeira, the CCO of an international payment processing company, for trading material non-public information Teixeira obtained by secretly accessing his girlfriend’s personal laptop. See Grewal Oct. 24, 2023 Remarks; see also SEC Charges Stockbroker and Friend with Insider Trading, Sec. and Exch. Comm’n (June 29, 2023), The U.S. Attorney for the Southern District of New York criminally charged Meadow and Teixeira with insider trading and other federal securities law violations. See id; see also U.S. Attorney Announces Charges in Four Separate Insider Trading Cases Against 10 Individuals, Including Drug Company Employees, Investment Firm Executive Director, And SPAC Investors (June 29, 2023),

[5] On Sept. 17, 2020, the SEC charged and fined Gilder Gagnon Howe & Co. CCO with “aiding and abetting the firm’s [compliance] policies and procedures violations” and intentionally falsifying compliance reports provided to the SEC. See Grewal Oct. 24, 2023 Remarks; see also, In the Matter of Gilder Gagnon How & Co. LLC, et al., Admin. Proc. File No. 3-20014 (Sept. 17, 2020), In a similar case, on Sept. 30, 2023, the SEC charged Acadia Research Corp. CCO Meredith with “aiding and abetting” and backdating and falsifying records she provided to the SEC in response to an insider trading inquiry of her previous employer. See Grewal Oct. 24, 2023 Remarks; see also, In the Matter of Meredith A. Simmons, Admin. Proc. File. No. 3-20114 (Sept. 30, 2020),

[6] See Securities and Exchange Commission, “SEC Charges National Office Partner at Marcum for Causing Widespread Quality Control Deficiencies” (Sept. 12, 2023)

[7] Id.

[8] See In the Matter of Two Point Capital Management, Inc., and John McGowan, Admin. Proc. File No. 3-21249 (Dec. 5, 2022),

[9] Gurbir S. Grewal, Dir., Div. of Enforcement, U.S. Sec. & Exch. Comm’n, Remarks at New York City Bar Association Compliance Institute (Oct. 24, 2023), available at

[10] Id.

[11] Id (stating circumstances for recommending charges of “such actions are rare.”).


Jump to Page