Clients and prospective clients often will ask us a series of questions: ‘Does my proposed activity violate a specific law or regulation?’ ‘If so, what are the potential consequences to me of that violation?’ ‘What is the likelihood that the violation will be detected?’ ‘In your view, is this a reasonable “business risk” to take?’
When analysing complex regulatory matters, especially those in which the relevant regulator’s position on the matter is not yet fully developed or is otherwise unclear, some clients may push us to attempt to prognosticate how likely it is that the regulator will become aware of the matter and pursue it as a possible regulatory violation. This inquiry is sometimes described as an assessment of ‘regulatory risk’ (which, in fact, is something quite different) or, as some more artfully call it, ‘detection risk’ or ‘discovery risk’.
It is never easy for legal counsel to respond to such a question. First, of course, one should not embark on a course of conduct suspected of being improper based on whether or not one will get caught. And, as counsel, we certainly cannot condone action that may violate applicable law or regulation simply because the chances of detection are viewed as relatively small. But trying to assess how a regulator might find out about a matter, which has always been a risky proposition, has gotten infinitely riskier as of late due to three recent developments: (a) the appointment of Mary Jo White as the chairperson of the Securities and Exchange Commission (SEC), (b) the SEC’s recent high-profile victories against certain banks, brokers and investment advisers and high-profile defeats in other matters (for example, the Mark Cuban case) and (c) the advent of a regulatory tool that is quickly growing in popularity — whistleblower bounties…
If you are registered and logged in to the site, click on the link below to read the rest of the DLA Piper briefing. If not, please register or sign in with your details below.