Featured Sponsor

News this week

• SEC Seeks Public Comment to Improve Rules on RMBS/ABS 
  The SEC issued a concept release requesting public feedback on modernizing rules governing residential mortgage-backed securities (RMBS) and broader asset-backed securities (ABS).
  Key points:

  • Public RMBS offerings have been essentially dormant since 2013, and the SEC is seeking input on potential barriers (e.g., disclosure burdens, confidentiality/privacy of loan-level data) that may discourage issuers.

  • The release asks whether definitions, disclosure frameworks, or regulatory requirements should be revised to revive the RMBS market.

  • The comment period will be open for 60 days following publication.

• SEC Charges Former CEO of Invenia with $120M Offering Fraud 
  The SEC filed a civil enforcement complaint against Matthew Derrick Hudson (former CEO/co-founder of Invenia Technical Computing Corp.) alleging a $120 million fundraising fraud.
  Summary:

  • The complaint claims Hudson misrepresented the company’s financials, inflated revenue, net income, and cash metrics, and even forged documents (e.g. board resolutions, closing documents) to mislead investors.

  • One of the offerings allegedly was not authorized by the board.

  • The SEC seeks injunctive relief, disgorgement with interest, civil penalties, and a bar from serving as an officer or director.

• SEC Enforcement Action: Charges in Retail Ecommerce Ventures Case 
  The SEC brought charges against Taino Lopez, Alexander Mehr, and Maya Burkenroad (co-founders/COO of Retail Ecommerce Ventures LLC) for conducting fraudulent securities offerings.
  Highlights:

  • The SEC alleges misuse of investor funds and Ponzi-like payment schemes to satisfy earlier investors.

  • This case underscores the ongoing SEC focus on offering fraud and improper use of capital.

• CFTC Issues Proposal to Revise Business Conduct and Swap Documentation Requirements for Swap Dealers and Major Swap Participants 
  The CFTC published a proposed rule to update business conduct and documentation requirements applicable to swap dealers and major swap participants.

  • The proposal would modernize and perhaps streamline rules to reflect evolving derivatives markets, clarify documentation standards, and address deficiencies in current practices.

  • It may also seek to address inconsistencies or gaps in counterparties’ compliance frameworks.

    Implication: Firms in the derivatives space should assess whether their swap documentation, internal procedures, and oversight controls meet evolving expectations. Any misalignment could expose risks of control weaknesses or nonconformance.

• CFTC Obtains Order for Over $5.5M Restitution in Commodity Pool Fraud Case.
  The CFTC announced that a U.S. District Court approved a consent order against Michael and Amanda Griffis for a fraudulent commodity pool scheme, ordering them to pay $5,528,121 in restitution and $1,355,232 in civil penalties (total over $6.8M).

  • The order also permanently bans the defendants from trading or registering with the CFTC and bars further violations.

  • The case highlights the regulator’s continued enforcement focus on fraudulent offering structures under the Commodity Exchange Act.
    Implication: Even in non-bank markets (commodity pools), strong internal audit, oversight, and compliance monitoring frameworks are critical. Material misstatements or control failures in fund operations can lead to high penalties and bans.

• CFPB Ends Monitoring of Apple and U.S. Bank Early

  The CFPB filed court notices terminating enhanced compliance/monitoring obligations in consent orders it had with Apple and U.S. Bank, years ahead of schedule.

  • Under the original orders, Apple and U.S. Bank were required to comply with oversight and reporting obligations for five years.

  • The CFPB’s filings state that each company has satisfied the monetary penalty and redress obligations, and thus the bureau is “waiving any alleged noncompliance.”

  • The move aligns with a broader trend under the current administration of winding down or rescinding prior enforcement obligations.

  • For U.S. Bank, the original case involved allegations that it illegally blocked unemployed consumers from accessing pandemic unemployment benefits via its prepaid card operations.

  Implication:
  This action suggests the CFPB is dialing back continuing oversight burdens on previously regulated firms. For companies still under active consent orders, this could raise questions about the predictability and durability of compliance commitments. It may also influence how firms assess the risk of extensions or terminations of monitoring obligations.

• FINRA Board Approves Rule Proposals & Moves to Revamp Day Trading Rules (Sept. 24)

  FINRA’s Board of Governors held its September meeting (Sept. 17–18) and announced several key actions:

  • The Board approved four rule proposals (to be filed with the SEC) under its “FINRA Forward” modernization initiative, including amendments to corporate financing rules, outside-activities requirements, gifts limits, and Capital Acquisition Broker (CAB) rules.

  • Importantly, the Board approved a revision to replace the existing pattern day trading rule (including the $25,000 minimum equity requirement) with a new intraday margin rule that would apply existing maintenance margin standards to intraday exposures.

  • The Board also discussed a forthcoming regulatory notice to reduce unnecessary burdens and consolidate guidance on “negative consent” in account transfers/assignments.

  • Updates were also presented on the Consolidated Audit Trail (CAT), cybersecurity program, and FINRA’s “Forward” strategic reforms.

  Implications:

  • The shift from a strict pattern day trading rule to an intraday margin framework could materially alter how broker-dealers and margin accounts manage intraday risk and compliance controls.

  • The approved rule proposals reflect an accelerating pace of regulatory modernization under the FINRA Forward umbrella, which could cascade into compliance, systems, and surveillance changes for firms.

  • Firms should assess whether their internal risk systems, margin risk controls, and supervision frameworks are aligned (or will need adjustment) under the new regime.

• Regulatory Notice 25-11: Reminder of Rule 8210 Compliance Obligations (Sept. 25)

  FINRA issued Regulatory Notice 25-11, titled “FINRA Reminds Members and Associated Persons, Wherever Located, of Their Obligation to Comply With Rule 8210.” 

  Key points:

  • FINRA emphasized that wherever a member or associated person is located, they must respond to requests for information or testimony under Rule 8210, and produce books/records, even if those are maintained abroad.

  • FINRA noted that it lacks subpoena power, so voluntary compliance with Rule 8210 is central to its ability to conduct investigations, exams, and enforcement.

  • The Notice underscores that noncompliance (or refusal or incomplete response) may lead to expulsion, bar, or other sanctions.

  • FINRA called out the risk of conflicting foreign laws: firms with operations or personnel in jurisdictions where laws restrict responding to foreign regulators should anticipate scrutiny and must ensure their systems and procedures allow compliance.

  Implications:

  • This Notice reinforces that internal controls, data lineage, and recordkeeping across jurisdictions must be robust, especially for firms with overseas branches or operations.

  • It underscores the importance of cross-border legal review and escalation procedures: firms should map where potential conflicts might arise and pre-emptively remediate or obtain legal assurances.

  • In a material weakness context, failure to respond to Rule 8210 requests is a severe risk—firms should ensure bite-through controls to monitor timely responses and completeness of data retrieval across jurisdictions.

• FINRA API Developer Center Updates: Credential Transfer & Dataset Enhancements

  FINRA’s API Developer Center published Release Notes on September 24, 2025, documenting enhancements and bug fixes to its API platform.

  Highlights:

  • API Credential Transfer documentation was updated: “FIRM and SRO SAAs automatically have ‘administrator’ level access to the API Account Transfer entitlement,” but they need to self-entitle “user” access to themselves or others to claim “orphaned credentials.”

  • The Branch Delta dataset was enhanced by adding a boolean field, “hasAdditionalChanges,” which flags whether additional changes (beyond creation) occurred for a branch record.

  • The Individual Registration Validation and Individual Registration Validation Details datasets gained a new field, registrations.categories, which provides registration categories when a regulator is an SRO.

  • Several bug fixes: e.g. registrations.status previously missing for some SRO regulators, and isInactiveOrSuspended intermittently missing, were addressed.

  Implications:

  • Firms that integrate with FINRA’s API (e.g. for registration, branch data, compliance automation) should review whether these changes affect their data pipelines or validation logic.

  • The credential transfer update has security and governance implications: “orphaned credentials” handling must be designed carefully in firms’ user management systems.

  • The enhancements in datasets (e.g. new flags, categories) offer richer data for internal surveillance and reconciliation—firms should consider leveraging them to bolster their control reporting and data integrity checks.

• OCC Reports Mortgage Performance for Second Quarter of 2025
  The OCC published its Mortgage Metrics Report for Q2 2025, covering first-lien mortgages held by national banks and federal savings associations.

  • Performance Trends: 97.5% of mortgages were current at quarter end, up from 97.3% a year earlier.

  • Delinquencies & Foreclosures: The share of seriously delinquent mortgages declined year over year. Servicers initiated 7,163 new foreclosures in Q2 (a decline from Q1) and completed 8,419 loan modifications (up ~6.7% from previous quarter).

  • Modification Types: 94.6% of modifications were “combination modifications” (e.g. interest rate reduction + term extension). 

  Implications:

• Declining delinquencies and active modifications are positive signals for credit risk and loss provisioning controls.

• However, the volume of modifications suggests ongoing operational complexity; firms should validate that internal processes, system safeguards, and reporting flows handling modifications are tightly controlled.

• Mortgage performance data is often fed into stress testing, allowances, and model back-testing—any misstatement could ripple into material weakness territory.

• OCC Announces Enforcement Actions for September 2025 (IAPs) 

  The OCC announced that, for September, there are no new enforcement actions against banks themselves, but several orders of prohibition were issued against institution-affiliated parties (IAPs).

  Examples include:
  • An order prohibiting Armando De Leon, a former store manager at TD Bank, for submitting fraudulent PPP applications (~$80k).
  • Carolyn Hicks, former assistant manager at a Wells Fargo branch - misappropriation of ~$25,000.
  • Charron Meadows, call center team manager at TD Bank - misappropriated ≥ $150,000.
  • Gerald E. Milligan II, former teller at PNC - false attestations and misuse of ~$141,530 in PPP proceeds.
  • Walther Riano-Vanegas, former teller at Wells Fargo - stole ~$15,670 from ATM withdrawals.

• Also, the OCC terminated cease-and-desist orders on two banks:
  • Gateway Bank, F.S.B. (Oakland, CA) - original order involved internal audit, BSA/AML, credit administration, etc.
  • Vast Bank, N.A. (Tulsa, OK) - original order related to capital, liquidity, risk management, new product controls, custody accounts, etc.

  Implications:

• The action underscores that oversight doesn’t end at the institution level; individual actors remain targetable. Controls over employee behavior, escalation, monitoring, and audit must be well maintained.

• The termination of enforcement orders indicates that banks can rehabilitate control regimes over time—but failure to maintain controls post-termination may create risks of regression.

• Management must not assume that termination equals permanent immunity from oversight or future weakness findings.

A thought from our Author Norm Osumi 

The Great Exodus: Why More U.S. Public Companies Are Going Private and What It Means for the Office of the CFO (2019 to 2025)

The U.S. public markets continue to shrink. In 1996, more than 8,000 companies were listed on U.S. exchanges. By 2024, the number of domestic operating companies, meaning firms that exclude funds, ADRs, ETFs, and SPAC shells, had fallen to fewer than 5,000. If you include all securities listed on the NYSE and Nasdaq, however, the tally is far higher. As of late 2024, about 7,500 tickers traded on those exchanges. Both figures are correct, but they capture different universes. The narrower operating-company measure is the one most often used to track the decline in public listings because it focuses on companies making the decision to remain public or to go private.¹

The list of those choosing to leave is striking. Over the past five years, American Campus Communities, Citrix Systems, Zendesk, Qualtrics, and Alteryx all accepted private equity bids. More recently, Squarespace, Smartsheet, PowerSchool, Everbridge, and Rover joined the exodus. The scale grew again in 2025 when Walgreens Boots Alliance and Electronic Arts agreed to go private. Each of these transactions shifted billions of dollars of market capitalization away from public shareholders and into the hands of private equity firms, sovereign funds, or strategic buyers.

Several forces are driving this wave of exits. The cost of compliance is one. Sarbanes-Oxley internal control requirements, quarterly reporting cycles, and ESG disclosures all add significant expense. Many CFOs argue that the constant focus on near-term earnings in public markets makes it harder to pursue long-term strategies.

Valuation differences also play a role. Public market multiples for mid-sized companies often trail their peers in private markets. Private equity firms, supported by record levels of dry powder and abundant private credit, have been quick to seize on this opportunity. They see businesses trading at discounts, acquire them, and then look to improve operations or grow them away from public scrutiny.

Strategic privacy is another motivator. Going private allows management teams to restructure, refine pricing strategies, or invest heavily in new technologies without exposing plans to competitors through quarterly filings. For many technology and consumer-focused firms, that advantage is compelling.

This trend is also reshaping the work of regulators. For the SEC, fewer registrants mean fewer filings and shareholder votes, but greater emphasis on monitoring private markets, investment funds, and hybrid financial products. The CFTC has become more engaged with the SEC as the boundaries between public and private markets blur. The PCAOB faces a different type of challenge. As the pool of public registrants declines, the funding model that relies on issuer-paid fees comes under stress. Recent debates in Congress about folding the PCAOB into the SEC highlight the uncertainty about how audit oversight may evolve.

For CFOs, the implications are immediate. Remaining public now means competing for investor attention in a market increasingly dominated by mega-cap firms. That concentration heightens volatility for mid-cap shares and increases the likelihood of unsolicited buyout bids. At the same time, preparing for a potential take-private requires readiness in quality-of-earnings reporting, debt covenant alignment, and 100-day operational planning under new ownership.

If the past five years are a guide, the next five could see an even more concentrated public market, with fewer opportunities for retail investors to participate in growth companies. Private equity and sovereign funds would hold a larger share of corporate America, while regulators adapt to an economy that is increasingly operating outside public exchanges.

The great exodus is not only about deals but also about structural change. For finance leaders, it is both a challenge and an opportunity. The Office of the CFO must be able to make the case for staying public while also being prepared for the possibility that private ownership offers the better path forward.

¹ Footnote: As of 2024, the NYSE listed about 2,817 companies and Nasdaq about 4,691, for a combined total of roughly 7,500 listed securities. These totals include ADRs, ETFs, SPACs, funds, and non-U.S. issuers. The figure of fewer than 5,000 refers only to U.S. operating companies on major exchanges and excludes those other vehicles.

Featured Sponsor

Weekly Podcasts

We want to keep you engaged with meaningful topics, so we create weekly podcasts and host periodic webinars.

In this episode, we're diving into the fascinating world of semiconductors with Aiga Ono, Chief of Staff at Rapidus Design Solutions in Santa Clara, California. Aiga brings a wealth of experience from her tenure at top Japanese semiconductor firms like NEC Electronics and Toshiba. We'll be discussing the evolution of transistor technology and the ambitious work Rapidus is doing to develop and mass-produce cutting-edge 2-nanometer semiconductor technology. Join us as we explore the challenges and innovations involved in Japan's quest to reclaim its leadership in the semiconductor industry. Don't forget to like, subscribe, and leave a review on YouTube, Apple, or Spotify.

Tune in to hear more.

/Here’s the audio version of the same:

To watch more podcasts, visit and follow us on ReportingNorms.ai.

Featured Sponsor