The Challenge of Enforcement in Securities Markets: Mission Impossible?

Weaknesses in the enforcement of regulation have been targeted by the G-20 as a priority concern for reform. But enforcement efforts in securities markets have proven difficult and uneven. The recent scandal in the United States, wherein a Ponzi scheme orchestrated by Bernard Madoff went undetected by the U.S. authorities for more than two decades, has once again highlighted the importance of effective enforcement of securities regulation, as well as the challenges that securities regulators around the world face in implementing credible enforcement programs. While in many instances it is individuals who bear the losses, we show that noncompliance with securities law can have serious system-wide impact and that the credibility of the system as a whole rests on the existence of effective discipline-the probability of real consequences for failure to obey the law. This paper explores the elements of enforcement, why it is so challenging, why it is important, and whether its effects can be measured. Through an analysis of the data gathered in the World Bank/IMF Financial Sector Assessment Program (FSAP), the paper examines how enforcement is being carried out around the world and draws conclusions regarding how countries are meeting the challenge of effective enforcement.


Weaknesses in the enforcement of regulation have been targeted by the G-20 as a priority concern for reform. But enforcement efforts in securities markets have proven difficult and uneven. The recent scandal in the United States, wherein a Ponzi scheme orchestrated by Bernard Madoff went undetected by the U.S. authorities for more than two decades, has once again highlighted the importance of effective enforcement of securities regulation, as well as the challenges that securities regulators around the world face in implementing credible enforcement programs. While in many instances it is individuals who bear the losses, we show that noncompliance with securities law can have serious system-wide impact and that the credibility of the system as a whole rests on the existence of effective discipline-the probability of real consequences for failure to obey the law. This paper explores the elements of enforcement, why it is so challenging, why it is important, and whether its effects can be measured. Through an analysis of the data gathered in the World Bank/IMF Financial Sector Assessment Program (FSAP), the paper examines how enforcement is being carried out around the world and draws conclusions regarding how countries are meeting the challenge of effective enforcement.

I. Introduction

A recent report of the Group of 20 countries (G-20) in response to the financial crisis of 2008 has highlighted the importance of the enforcement of financial regulations for financial stability:

“Achieving the objectives of the regulatory framework requires not only sound regulation but also effective enforcement. No matter how sound the rules are for regulating the conduct of market participants, if the system of enforcement is ineffective – or is perceived to be ineffective – the ability of the system to achieve the desired outcome is undermined.

It is thus essential that participants are appropriately monitored, that offenders are vigorously prosecuted and that adequate penalties are imposed when rules are broken. A regulatory framework with strong monitoring, prosecution, and application of penalties provides the incentives for firms to follow the rules. This, in the end, adds to the framework’s credibility and enhances investor confidence in the financial system”1.

In its report, the G-20 has recommended that effective enforcement be a priority for all financial regulators. The G-20 has thus recognized that addressing gaps or enhancing regulations must be accompanied by a commitment to effectively enforce those regulations.

In securities markets, the implementation of effective and credible enforcement programs has proven to be a challenge for regulators around the world. The 2008 scandal involving a Ponzi scheme run by Bernard Madoff, a prominent U.S. financier, has highlighted the difficulty in achieving such a goal, even for regulators that have made enforcement a priority. Madoff’s scheme, which is estimated at US$50 billion, went undetected by U.S. authorities for more than two decades. This episode has had a negative impact on the U.S. SEC’s reputation. The inability to prevent and detect such an enormous fraud illustrates why enforcement of securities law is so difficult and the extent of the damage inflicted illustrates why enforcement is so important.

Our paper explores the elements of enforcement, why it is important, and whether its effectiveness can be measured. Through an analysis of the data gathered in the World Bank/IMF Financial Sector Assessment Program (FSAP) and our experience in providing technical assistance, we examine the operational reality of how enforcement is carried out around the world and draw conclusions regarding how countries are meeting the challenge of effective enforcement.

We conclude that the existence of a good legal framework is incomplete without the real potential for enforcement. Enforcement is key to the credibility of regulators and, as such, fosters the achievement of all the goals of securities regulation (investor protection, fair and liquid markets, and financial stability). However, regulators throughout the world face significant challenges in implementing credible and effective enforcement programs. A combination of the need for extensive resources, strong institutional and political support, and a supportive legal environment make enforcement a particularly difficult challenge and has proven insurmountable in many jurisdictions. In particular, we have found that capacity issues, including political will and adequate resources, have proven a stronger challenge to regulators in developing credible enforcement programs than have gaps in the legal and regulatory framework.

We hope that the cross-country analysis that we have undertaken will serve as a helpful tool for countries to identify weaknesses in their enforcement programs and, as such, contribute to the discussions on addressing the recommendations of the G-20.

This paper is organized as follows. Section II discusses what we mean by enforcement; Section III discusses the importance of enforcement; Section IV provides an overview of the key elements of an enforcement program and how countries have incorporated these elements into national frameworks; Section V highlights the key factors that impact a regulator’s capacity to develop effective enforcement and describes the operational reality around the world; and Section VI analyzes the problem of measuring the effectiveness and importance of enforcement.

II. What is Enforcement?

There are three essential elements of securities regulation: the legal framework, the supervision program, and the enforcement program. Supervision and enforcement are tools of implementation, a means of fostering compliance with the legal framework and, often, the umbrella term “enforcement of compliance” is used to bring the two together. Compliance is a term used to describe adherence to laws, regulations, and rules. Supervision seeks to deter noncompliance with rules while enforcement seeks to detect and punish noncompliance. It is difficult to disentangle supervision and enforcement—both are aimed at promoting implementation of the rules, both involve similar exercises of authority and similar skills, and the success of each is tied to the other.

Regulators traditionally employ a series of supervision methods to foster and monitor compliance by firms. Supervision is ex ante—it seeks to prevent and/or identify problems early in the regulatory process, and these areas include: licensing standards and review processes, periodic and exceptional reporting requirements, on-site or field examinations and inspections, and good corporate governance standards. Supervision is generally not confrontational in the way that investigations and enforcement actions are: staff at the regulator often work with regulated entities to improve their level of adherence to laws and regulations. Compliance units within regulated entities have become an integral part of the regulatory framework and recognition of the importance of ex ante work in addressing problems has grown both within industry and among regulators.2

Enforcement, as we use the term here, is the disciplinary function of the regulatory system. Enforcement is an ex post tool used to punish breaches of laws and regulations as well as to deter future wrongdoings.3 This means that there are tangible consequences to noncompliance with regulation and violations of securities law. Enforcement requires a regulator to investigate both regulated and unregulated entities, bring an enforcement action against a person who has violated the rules, and apply a penalty if the action succeeds.

The entire spectrum of enforcement also goes beyond the regulator and concerns the criminal justice system and the court system as a whole. A broader analysis of the wider criminal justice system or private enforcement was beyond the scope of this paper—our focus is on the core of enforcement, which is at the regulator.

There is an interdependence between the legal framework (which must be well designed if supervision and enforcement are to work), supervision (which monitors compliance with the laws, works to prevent problems before damage occurs, and develops the practice that enforcement is built upon), and enforcement (which seeks to ensure that, if supervision has failed to ensure compliance and rules have been violated, there are consequences). Each of these three elements is crucial. It would be unsatisfactory to have enforcement alone—after all, it is an ex post address of the issue, which can never fully restore losses to investors or to the market. However, without enforcement, the law and supervision would remain unsupported and compliance would suffer in the absence of a deterrence mechanism. Further, it appears that among these elements, enforcement is the most challenging for regulators.

III. The Importance of Enforcement

The ability to carry out enforcement activity is intimately connected to the implementation of all regulatory standards because the ultimate possibility of an enforcement action gives the regulatory system its credibility. As the G-20 has emphasized, no matter how sound the rules are, if the system of enforcement is ineffective or perceived to be ineffective, the ability of the system to achieve the desire outcome is undermined.4

Securities regulation has its roots in investor or consumer protection and thus breaches of securities laws and regulations have been seen to impact only the individual investors affected by the particular transgression. Many enforcement matters do fall in this category, such as cases that deal with misappropriation of clients’ funds, provision of unsuitable advice by a securities firm, or fraud. However, many aspects of securities regulation have an impact beyond particular investors, and the breach of requirements can affect market cleanliness and undermine investors’ confidence. That may be the case, for example, in matters of market abuse, such as insider trading or market manipulation. A breach of obligations to clients, when done in a widespread manner by securities firms, can undermine market confidence. The current crisis has illustrated that gaps in securities regulation (and the lack of a robust regulatory framework) or failure to comply with existing regulation can also have an impact on financial stability. For example, the crisis highlighted the systemic effects that the lack of an appropriate regulatory framework for OTC derivative markets had on financial markets. More than ever, there is an acknowledgement of the importance of fostering implementation of robust regulatory frameworks for securities markets. As a result, supervision and enforcement of securities regulation cannot longer be seen as mere tools for investor protection; rather, they are tools that support the broader objectives of market confidence and system-wide stability. The cases below, which deal with breaches to different aspects of securities regulation, (from fair trading by securities firms and issuers’ disclosure obligations to fraud) demonstrate the broader effects that violations of securities regulation throughout the world can have on market confidence and market stability, and, thus, highlight the need for active supervision and enforcement.

A case in Brazil provides a dramatic example of the sudden loss of confidence that a breach of securities regulation can have on the financial sector. In 1989,5 the Brazil equity and derivatives markets were hit by a massive market manipulation: a group of investors, including a wealthy Brazilian, Nagi Robert Nahas, acting through multiple accounts and across three separate exchanges (in both the cash and derivatives markets), manipulated prices of certain instruments upward (concealing identity and violating rules against wash trading and other manipulative practices). The investors were able to use loose terms of settlement6 to leverage their positions (with credit from brokerage houses) and relied on price manipulation to keep the value of positions going upward (thereby paying for credit and creating profit). Once market price momentum turned against these fraudulent investors, they were unable to repay loans. A settlement default on one trading day caused a chain reaction of defaults: seven brokers and many investors defaulted. The Rio de Janeiro stock exchange was forced to cover losses (subsequently, it went bankrupt).

The events had a devastating effect on confidence in the Brazilian market, which ended its boom abruptly and declined 89 percent over the next 20 months; 10 brokers/dealers failed or were liquidated; and nine banks suffered serious losses. In a post mortem, Brazilian authorities made sweeping changes to regulation and oversight of the exchanges, who had failed to detect and deter this mass manipulation, and they also tightened up settlement rules and required improvements in market surveillance. Management of the exchanges and the regulator were severely criticized (the Chairman of the Commission de Valores Mobilieres was indicted for alleged participation in the fraud, although charges were dismissed subsequently). It was widely felt that officials did not act to stop rumored manipulations, at least in part because they were reluctant to spoil a boom. The seeds of this crisis were market abuse: fraudulently manipulating prices, exacerbated by a lack of controls in the settlement system, and loose margin lending. Had this fraud been detected before the fraudsters were able to gain as much credit and leverage as they did, there would have been much smaller consequences to the market.

Undetected abuse of market regulations has also had serious consequences in India in several trading manipulation scandals. In 1992,7 a group of investors led by a stock broker created fake securities used to obtain credit and funding for trading in the market, leading an unprecedented run-up in equity prices, and lax standards on the part of most banks contributed to the perpetrators’ ability to sell fraudulent notes. When prices eventually collapsed, the investors were unable to repay loans. Losses to investors and banks added up to more than US$800 million and several banks became insolvent.

In 2001, an Indian broker, Ketan Parkeh, used multiple accounts and shell companies to successfully bid up the price of a number of securities, in which he held large but undisclosed positions. He worked in collusion with promoters of the companies to put out false disclosures and conceal ownership of shares and trades. Parkeh fraudulently secured funding for his trading from various banks and brokerages and exploited loose terms of settlement.8 When another group of investors acted in concert to force prices in key securities downward, he was unable to continue making payments and a series of defaults then rocked the market. The sell-offs caused the main Bombay index, SENSEX, to plummet, and many investors found themselves in default positions when margin calls were made. Several small local banks experienced runs on the rumor of their credit exposure to Ketan Parkeh and, subsequently, a number of them became insolvent. Its exposure to the market scandal of 2001 put the Indian mutual fund, UTI, under the spotlight. Adverse market conditions caused by the scandal exposed poor internal governance, failure to meet basic internal control standards, and failure to impose sound investment policies in the fund. As a result of its lack of oversight, it reported billions in losses and had to be bailed out by the Indian government to the tune of US$2 billion, a huge fiscal cost that was absorbed, so that middle-class Indians, who invested in UTI by the millions, did not lose confidence in the Indian financial system.9

Noncompliance with rules governing internal controls and risk management can have a huge impact on market transparency and liquidity and can potentially threaten financial stability. A scandal at Société Générale in France in January 2008 illustrates the potential systemic consequences of failure to comply with internal control standards within brokerage firms. One futures trader was easily able to circumvent internal controls for over a year and build up an exposure in equity futures that could have led to the collapse of one of the largest banks in Europe. The unwinding of these massive positions may have had an impact on European equity prices generally (although this is unproven). In the end, Société Générale’s losses were in excess of US$1.7 billion. These losses were absorbed, but there would have been greater potential effects of the loss had these large positions been unwound in a less-hospitable market environment. The Société Générale scandal was much like the earlier scandal at Barings Bank, where a securities trader was able to circumvent internal controls and build up such significant exposures that the realized losses eventually rendered Barings insolvent and a buy-out was required. In the case of both Société Générale and Barings, noncompliance went undetected long enough to create a very serious risk to the institution and, potentially, to the markets more broadly.

The failure to comply with disclosure and accounting standards can undermine the transparency and liquidity of markets and, given sufficient size, can have an impact on financial stability. Two examples of extremely large accounting frauds that went undetected until they were significantly advanced include Enron and Refco, which were also two of the biggest bankruptcies in the United States and global history. In the case of Enron, senior management conspired to carry out accounting fraud, which created false profits which, in turn, drove up share prices. When the fraud was uncovered, the company collapsed and investors lost US$65 billion10 in market capitalization. The collapse of Enron did not have an impact on the wider market, but it did draw attention to the need for reform of auditing and accounting standards. It is not clear that, given different circumstances (a smaller capital market, a more fragile economic environment); such a collapse would not affect the broader financial sector by damaging confidence.

Refco was a holding company that operated both regulated and unregulated futures trading businesses and, as such, was one of the largest futures dealers in the world. In 2005, it emerged that the president of the company had falsified transactions with an offshore subsidiary (for a total amount of about US$10 million). Within days of the uncovering of the fraud, however, the business, with stated assets of US$48.8 billion, was bankrupt. Confidence in Refco evaporated and investors and counterparties abandoned closed-out positions very speedily, causing Refco to go into bankruptcy in a matter of days.11 Exposure to Refco (through extension of credit) caused major financial problems for a large Austrian bank that then required government support. Bank officials faced criminal charges after its financial collapse revealed fraud in the bank’s accounting as well.12

The lack of ability to enforce licensing requirements and other standards for investment schemes can have a systemic impact, which has been particularly devastating in some developing countries. In 1994, a scheme in Romania collapsed, leaving a debt of US$450 million. The collapse in 1994 of the MMM scheme in Russia, which had taken in an estimated US$1 billion from 1–2 million investors, appears to have severely stunted the growth of domestic investment. The collapse of Dafina Banka in Serbia in 1993 (which had offered an interest rate of 15 percent per month) wiped out deposits of about US$650 million. A more recent case has been that of Jamaica, where unregulated investment schemes started to proliferate in early 2000 and grew in size until 2008. While this growth might be a result of a more complex set of issues (lack of alternative investments available, for example), the lack of effective enforcement action against the managers of the schemes clearly played a role in their unfettered growth.

The most severe case of loss due to the collapse of unregulated investment schemes was that of Albania. When several Ponzi schemes collapsed in 1996, there was uncontained rioting, the government fell, the country descended into anarchy, and some 2,000 people were killed. Two-thirds of the Albanian population had participated in the schemes, which took in an estimated US$1.2 billion. At the time, there was no functional policing of financial services. An analysis of the macroeconomic impact of the collapse suggests that the civil unrest caused more sustained damage to the economy than the collapse of the schemes themselves.13

Even in countries with strong regulatory agencies, policing against unregulated financial services can be a challenge. In 2005, an unregistered asset management company in Australia, run by Giuseppe Marcolla, sold investors $A215 million worth of worthless securities. The Australian Securities and Investment Commission (ASIC) obtained a court order requiring Mr. Marcolla to cease his operations and put the company’s assets into liquidation. Mr. Marcolla was charged and convicted in both civil and criminal proceedings and the liquidation process was able to recover and return two-thirds of investors’ losses.14

In 2008, the U.S. SEC was severely criticized for failing to detect the Madoff fraud. While reliable data is not yet available, the fraud has been estimated at US$50 billion. The U.S. SEC has been accused of missing numerous red flags and ignoring tips on Madoff’s alleged fraud, including complaints by Harry Markopolos, a financial analyst, who sent detailed documents to the U.S. SEC, arguing that Madoff’s fund was fraudulent. The U.S. SEC and the U.S. Congress are both investigating the failure to act on the complaints. What is most surprising about the Madoff case, aside from the size and duration of the scheme, is that it happened in the United States under the watch of the U.S. SEC, which enjoys far-reaching legal authority to pursue investigations and puts a significant amount of resources into its enforcement program and, indeed, emphasizes its enforcement role (indeed, describing itself as a law enforcement agency). While post-mortems may uncover specific organizational failings, the case does dramatically underline the challenge even a well-situated regulator faces in enforcing securities law.

These examples illustrate the far-reaching effects of breaches of securities regulation. Failure to address or prevent violations is a failure of supervision. In each of the cases, an enforcement action was brought, but, in each case, significant damage had already been caused. While a credible and effective enforcement program must be in place as a key complement to supervisory actions, it does not replace adequate supervision, as the cases show. To a large extent, these cases also prove how difficult the task of enforcement is—detection was slow in many of the cases, deterrence insufficient, and punishment delayed. In each case, the reputation and credibility of the regulator as an enforcer was proven insufficient to deter large-scale violations of the law.

In order to create an effective enforcement program, regulators must have sufficient legal authority to investigate and to bring actions, and because this authority is often controversial (such as the authority to require phone or internet service provider records and the authority to levy meaningful fines against firms); this requires political commitment to regulation. A regulator must also be supported by an effective court system—if the courts are corrupt or inexpert or the process extremely slow; the malfeasants will exploit these weaknesses.

Enforcement is also resource-intensive—it is a highly visible aspect of a regulator’s job and often involves the imposition of sanctions that cause serious financial loss to a prosecuted party (such as being barred from carrying on business in the industry) and, because of this, the hurdles for proof are high and establishing a case becomes resource-intensive. Most regulators operate under resource constraints—both in terms of shortage of personnel and in terms of lack of appropriate technology. Many regulators cannot pay staff well enough to attract all the necessary skills or cannot afford to train staff. The financial incentives to break the rules can be enormous, creating strong pressure on the regulator. The industry will always have more resources at hand than the regulator, but, in many jurisdictions, the fight is so uneven as to not exist at all. The regulator also has to have sufficient independence from both commercial and political interests to withstand intense pressure against strong enforcement. Even those regulators with comparatively robust legal frameworks, resources, and independence find enforcement a challenge—the U.K. Financial Services Authority (U.K. FSA) reviewed the causes of the financial crisis and concluded that an increased enforcement effort is required.15

The next two sections will discuss in detail the main challenges that regulators around the world have faced in developing credible and effective enforcement programs. Our conclusions are based on an analysis of the findings and results of the IOSCO assessments carried out in roughly 80 jurisdictions.

IOSCO Principles Related to Enforcement16

Principle 8: The regulator should have comprehensive inspection, investigation and surveillance powers.

Principle 9: The regulator should have comprehensive enforcement powers.

Principle 10: The regulatory system should ensure an effective and credible use of inspection, investigation, surveillance and enforcement powers and implementation of an effective compliance program.

IV. Framework for Enforcement

A robust framework that provides securities regulators with enough powers to investigate and sanction misconducts is key to enforcement.17 The main elements of this framework derive from the law and regulations, and include a host of provisions that grant government agencies (securities regulators and criminal agencies) the authority to investigate, to litigate, and sanction breaches of securities laws and regulations. In this section, we have enumerated these key elements and discussed our observations of how countries have fared in bringing these elements into place, using our analysis of the IOSCO Principles Assessments.

The IOSCO Principles set out the necessary elements of the legal framework for enforcement in Principles 8 and 9. Principle 8 refers to powers vis-à-vis regulated entities, while Principle 9 refers to powers with respect to third parties. Our experience with the IOSCO assessments suggests that the majority of the countries have robust legal frameworks for enforcement; although an important number of them still have critical gaps. As Figure 1 shows, roughly 65 percent of the countries were assessed as having fully implemented or broadly implemented Principles 8 and 9. Conversely, 35 percent of countries exhibited weaknesses that were considered critical, leading to partly and non-implemented ratings under Principles 8 and 9.18

Figure 1.
Figure 1.

Legal Powers for the Enforcement of Securities Regulation

Citation: IMF Working Papers 2009, 168; 10.5089/9781451873153.001.A001

Source: IOSCO assessments and staff estimates.

Not surprisingly, we found a correlation between the income level of a country and the robustness of its legal framework for enforcement. As Figure 2 shows, in particular, there was a clear difference in the level of implementation between the high-income countries (OECD and non-OECD) and the rest of the countries. It is noteworthy that upper-middle-income countries show a similar or even lower level of implementation than lower-income countries, but we believe this anomaly is due to timing—this category is dominated by countries in Eastern Europe, who were evaluated early in the FSAP process when they were acceding to the European Union and before significant regulatory reforms were implemented.

Figure 2.
Figure 2.

Legal Powers for the Enforcement of Securities Regulation by Income Level 1/

Citation: IMF Working Papers 2009, 168; 10.5089/9781451873153.001.A001

Source: IOSCO assessments and staff estimates.1/ Numbers in the table represent the average percentage-share of the applicable and assessed principles for all countries grouped in the ‘fully-’ and ‘broadly-implemented’ levels.

A. Clear Mandate

The legal framework should grant the regulator a clear mandate to enforce the law and regulations. A clear and transparent mandate creates public expectation that the regulator is there, not just to work with the industry, but to take on a disciplinary role when circumstances mandate it.

The assessments of the IOSCO Principles 8 and 9 show that most securities regulators have been given a clear mandate to enforce securities laws and regulations. However, in many countries, regulators have additional objectives that might conflict or appear to conflict with enforcement. For example, it is common for regulators in emerging market countries to have a mandate to develop securities markets, as well as to regulate them. If the mandate to enforce the law and sanction wrongdoing is not sufficiently clear, there can be a weakening of enforcement, particularly, if there is a belief that development will be impeded by enforcement of the rules. In developed jurisdictions, a regulator may have a mandate to maintain competitive markets, which may be seen as at odds with strict enforcement.19

B. Broad Authority to Investigate and Obtain Evidence

Regulators must have clear authority to investigate possible breaches of securities laws and regulations (Principle 9). This authority must allow the regulator to.20

  • enter premises of a regulated entity, without giving prior notification;

  • require the regulated entity to provide copies of all information and records and documentation (including electronic) relevant to the investigation;

  • require employees, officers, and directors to give verbal information related to the

  • investigation;21

  • require any person with information related to the investigation to give verbal information; and

  • require any person to provide records or documentation relevant to the investigation, including bank and telephone records.

The assessments show that most regulators do have explicit authority to open investigations. However, the successful completion of an investigation (one that can lead to a penalty for a violation of the law) requires access to a broad range of information. A significant number of countries still face challenges in accessing key information, particularly from unregulated persons.

Regulated entities

Much of the information that a regulator needs to complete an investigation is in the hands of regulated entities—documents related to clients’ brokerage/investment accounts and trading records in the case of investment firms—or information with respect to transactions, business decisions, and minutes of Board meetings in the case of public companies.

A successful investigation also requires verbal interviews and statements from key persons who are witness to events, including witnesses from among investment firm employees, and employees and insiders of public companies. For example, to determine whether an investment firm breached a duty owed to an investor (such as the requirement to give advice that is suitable to the individual, given his or her risk tolerance, financial position, etc.), the regulator would review the client’s file and interview the employee(s) in charge of the account. Thus, there is a need for regulators to have broad authority to seek information from regulated entities, both in the form of documents and testimony.

The regulator must also have the ability to enter the premises of regulated firms without prior notice and seize and copy documentation.22 This authority is particularly important in cases where the regulator fears that the information might be altered or destroyed if notice is provided. Finally, the regulator must have adequate means to enforce these powers—there must be sanctions for noncompliance with regulator’s orders or for providing false statements. Often, the regulator can obtain a court order requiring compliance and noncompliance; therefore, it becomes a matter for court enforcement. Of course, this in turn relies on the efficacy of the court system. The regulator should also have the right to remove or suspend the firm’s authorization or license for failure to cooperate.

The assessments show that in roughly 55 percent of the countries assessed, regulators have a wide range of investigatory powers vis-à-vis regulated entities. In some countries, there are gaps, however, particularly in emerging and developing countries, in regard to the mechanisms to enforce compliance. A few regulators lack the authority to enter into the premises of regulated entities without prior notice. That is the case, for example, of Barbados. In some jurisdictions, such as France, the regulator must seek a court order to seize documents, but a relatively streamlined specialized procedure is in place to do this. In most countries, regulators require a court order to enter a private home—effectiveness would require an efficient process to obtain the order, where appropriate.

Third parties

In some cases, key information might be in the hands of individuals or companies that are not within the regulatory ambit; for example, investors who have participated in a transaction that is under investigation. Also, companies that provide services such as banking institutions, telephone companies, and internet providers may have valuable information. Access to bank records is particularly important for the investigation of more serious misconducts, such as market manipulation or insider trading; since the regulator might need to monitor the movement of funds from the moment they leave the customer account, to identify who benefited from a transaction and, thus, potential transgressors, or to seize the funds. Telephone and internet service provider records can show whether communication was made from inside the target company, for example, in insider-trading cases. As in the case of regulated entities, the regulator should have mechanisms to obtain such information either directly or through other authorities, subject, of course, to due-process protections. In the latter case, it is particularly important that there be mechanisms in place (such as memoranda of understanding) to ensure effective and efficient cooperation from the other authority (for example, the securities regulator commonly needs cooperation of the banking regulator). There should also be mechanisms to enforce such power, including sanctions for noncompliance and for providing false information.

The analysis of the assessments shows that in a little over 50 percent of the countries, regulators do have compulsory powers vis-à-vis third parties. However, this is still a problem for many countries, in particular in emerging and developing markets. A key deficiency is the lack of legal authority to access bank records, which, in many countries, are subject to very strict secrecy provisions. While, in some countries, the regulator can gain such access via the banking regulator, the procedures or conditions for such cooperation are cumbersome and can, in practice, make such a gateway inadequate. In other countries, the securities regulator can seek this information via a court order; however, in some cases, the procedure is lengthy and cumbersome, therefore rendering the powers ineffective (for example, Brazil and Peru).23 Finally, in many countries, financial institutions are required to notify the account holder that his/her information is being released and the account holder may challenge the right of access to the information. In the United States, for example, the Right to Financial Privacy Act generally requires notice to individual customers of financial institutions or partnerships of less than five persons. Indeed this is a reasonable due-process protection. The problem, in practice, arises in countries where the procedures in place are extremely cumbersome and therefore can pose significant delays to the access of information. Where this is the case, courts should be empowered, as they are in the United States, to grant exceptions where there is a probability that the individual might destroy evidence, transfer funds, tip off suspects or otherwise obstruct the investigation.

The assessments show that access to phone records and information from internet service providers are two additional problematic areas. However, access to this information has proven to be critical in successfully pursuing enforcement cases. For example, in the high-profile case against Martha Stewart and her broker, Peter Bacanovic, in 2003 (for obstruction of justice and lying to investigators in an insider-trading case), key evidence was garnered from recorded telephone calls that Bacanovic’s assistant made to Stewart tipping her off on the sale of stocks from ImClone by ImClone’s CEO and his daughter at the time that a decision regarding a pending patent was to be made public.

Since, in most countries, these powers are granted only to the criminal authorities, in some countries the securities regulators compensate for these gaps by relying more heavily on criminal prosecution. However, as discussed in detail below, this remedy is not without problems, since criminal authorities might, and often do, have different priorities and the burden of proof for criminal cases is substantially higher. In some countries, criminal authorities and regulators are not considered counterparts and cannot easily share information. An additional challenge is the lack of expertise of both the criminal authorities and the judges.

Finally, many regulators lack effective mechanisms to enforce compliance with their requests for information or testimony. This is the case in Brazil, where there are no penalties for providing false statements to the Comissão de Valores Mobiliários (CVM), although there is an obligation to testify. Again, these powers are critical for effective enforcement. For example, in the Martha Stewart case, the conviction was actually for providing false information to the U.S. SEC in the course of an insider-trading investigation rather than for insider trading itself.

C. Ability to Act Immediately

Investigations and prosecution of cases can take a long time to complete and may not have an immediate impact on the market place. Damage to investors and the market place can be minimized if precautionary actions are taken quickly, including injunctions, suspension of trading or suspension of activities for a regulated entity, cease-and-desist orders, and the freezing of assets. For example, in Ponzi scheme investigations, freezing of assets prior to a formal decision becomes critical to the protection of investors’ interests. In the Madoff case, the U.S.SEC sought and obtained a freeze of assets and the appointment of a trustee, who also has the obligation to locate assets for distribution to investors. The judge provided the trustee with power to seize assets and records, demand documents, summon witnesses, and enter Madoff’s residences around the world, The aim of this process was to prevent him from further distributing assets to family and friends.

The assessment analysis shows that, in many countries, regulators lack key authority to take immediate action (Principles 8 and 9). Securities laws do not provide regulators with broad powers to impose a wide range of immediate measures. In many cases, the law only makes specific reference to a subset of powers and these usually apply only to regulated entities, such as suspension of trading or suspension of activities by a regulated entity. In practice, some countries have used the general powers granted to administrative agencies as the legal foundation to take precautionary measures that involve nonregulated entities, such as cease-and-desist orders in connection with the provision of regulated activities without a license (as is done in Costa Rica), but such frameworks usually lack provisions concerning more intrusive actions such as the freezing of assets.

A further complication may be the practical difficulties in seeking a court order where the regulator cannot take direct action. In some cases, the securities regulator can directly impose all or some precautionary actions. For example, the Ontario Securities Commission (OSC) in Canada can impose cease-and-desist orders as well as freeze assets directly, although, in the latter case, only for a limited period of time before seeking a court order; and the Superintendencia General de Valores in Costa Rica can directly issue cease-and-desist orders. In other countries, the regulator must seek a court order. For example, the U.S.SEC must seek a court order to bring an injunction, or seek a freeze of assets against an unregulated person. However there are procedures in place to ensure speedy resolution by the courts. In almost all countries, a freezing of assets requires a court order.24 In some countries, the necessity of obtaining a court order will grind proceedings to a halt, since courts are slow and inexpert in this technical area; and in other countries the court process works very quickly.

D. Authority to Bring Charges and Impose a Wide Range of Sanctions

Effective enforcement necessarily incorporates dissuasive sanctions (penalties), without which the enforcement process has no meaningful end result. The enforcement framework should make use of both noncriminal and criminal sanctions. Depending on the legal system, noncriminal sanctions are administrative (when imposed by an administrative body) or civil (when applied by a civil court) or both.

However, some systems rely solely on criminal sanctions, which can create a number of problems in practice. The regulator generally does not have prosecutorial jurisdiction and, thus, must pass the cases to a separate criminal authority. That authority has other competing priorities and will, inevitably, only pursue the most egregious or large-value cases. The burden of proof for criminal offenses is significantly higher than that required at the administrative or civil level (generally, beyond reasonable doubt versus preponderance of the evidence, respectively); this additional burden may prevent many matters from reaching resolution. Further, criminal prosecutors may not have the specialized skills required to successfully prosecute financial crimes. It is therefore considered best practice for the regulator to have direct power to prosecute matters (whether in a civil or administrative venue).

Our analysis of country assessments (under Principle 10) suggests there are a number of different ways in which noncriminal sanctions are built into enforcement systems. In some countries, the regulator has direct authority to impose “administrative” sanctions on both regulated and nonregulated entities (for example, OSC in Australia, Canada, Costa Rica, France, and Peru). More commonly, the regulator has direct authority to impose administrative sanctions on regulated entities, while in the case of nonregulated entities it has authority to bring a case before the civil courts, which, in turn, impose “civil” penalties (United States, Hong Kong, and Singapore).

The mechanism for applying sanctions is important, but so is the type of sanctions that can be applied. Whatever the system, it is important that the regulator has at its disposal a wide range of sanctions and remedies, including monetary penalties. For example, the SEC has civil and administrative remedies at its disposal. Civil remedies are sought in civil courts, while administrative cases are heard by an administrative law judge. Civil remedies available include emergency relief, which allows the SEC to protect the status quo while the final decision on a case is being considered. Emergency relief can include measures such as temporary injunctions, freezes of assets, and appointments of receivers. In some circumstances, such emergency measures do not require prior notification to the plaintiff. On final judgment, the SEC can seek the imposition of civil monetary penalties, disgorgement of ill-gotten benefits, and orders to bar an individual from serving as a corporate officer or director. Persons who violate a court order may be found in contempt and be subject to further monetary penalties or imprisonment. Remedies available in an administrative proceeding are very similar to those described above. For example, an injunction in federal court has a similar effect to a cease-and-desist order granted by an administrative law judge. The only important exception is the imposition of monetary penalties in nonregulated entities, which can only be pursued as a civil violation in federal courts. In 2006, ASIC brought an enforcement action against a public company for failing to make material disclosures to investors, and it succeeded in securing an ‘enforceable undertaking’ from the company to repay US$33 million dollars to investors (who had purchased the stock on a false understanding).25 In another case of failure to disclose in 2007, ASIC barred a number of individuals from serving as directors or officers of public companies.26

The IOSCO assessments reveal, however, that the lack of broad sanctioning powers is a common weakness across jurisdictions. Deficiencies vary. In some countries, the regulator lacks the authority to impose monetary penalties, although it can impose a more limited set of administrative and civil remedies (for example, in Jamaica, the Financial Services Commission can only impose cease-and-desist orders and seek some additional limited relief in court). In others, the regulator can only impose sanctions for minor infringements while sanctions for more serious breaches to securities laws are imposed by the government (for example, in Spain, the ministry of economy applies sanctions for more serious breaches, but not the Comisión Nacional del Mercado de Valores (CNMV)). In others, the range of monetary penalties has not been adequately calibrated and, thus, the sanctions are not severe enough to act as a deterrent (for example, the securities regulator in Finland can only apply a maximum fine of EUR100, no matter what the offence).27

The ability to ‘settle’ a case (that is, the authority of the regulator to reach an agreement with the offender without the case proceeding to full adjudication) is extremely important to effective enforcement. The authority to settle cases allows the regulator to efficiently dispose of cases, thereby reducing the cost of its enforcement program. For example, the U.S. SEC, which is recognized as a very active enforcement agency, settles roughly 90 percent of its cases prior to litigation. In practice, many regulators, especially in countries with civil law tradition, lack this authority (for example, Costa Rica, Mexico, and Peru).28

Regardless of the type of legal system, the use of settlement appears to require a level of confidence and credibility that may be difficult for many regulators to achieve. The regulator must be confident in its independence, have a credible reputation, and must not be burdened by a general distrust of government institutions (because of corruption, incompetence, or unfairness). The regulator must have a track record of successful enforcement actions or there will be no incentive for offenders to settle the action. The authority to settle must be accompanied by clear guidelines for settlement, in-house skill at negotiation, and sufficient political will within the regulator to vigorously pursue enforcement and to withstand criticism for dropping cases before they reach court level. Settlements must be subject to a level of transparency—in order to maintain the credibility of the system and to create a deterrence effect, the terms of settlement should be made public. The information available to us through the IOSCO assessments and our own technical assistance field work suggests that few regulators are in a position to settle cases with any regularity.

E. Active Criminal Enforcement

As indicated above, criminal proceedings should not be the only means of redress for violations of securities law. The possibility of criminal proceedings is, however, crucial to effective enforcement. Criminal sanctions, which are particularly appropriate for very serious cases, involving multiple offences or large sums of money, or widespread damage to investors or the public, are an important deterrent. There are also a number of sanctions that may be available in criminal cases that are not part of civil or administrative law, such as prison terms, extradition for trial, and deportation.

Our analysis of the IOSCO assessments (Principle 10) shows that, in practice, in many countries criminal authorities have not made financial crimes a priority. A recent example on how the lack of active and successful criminal enforcement can undermine the credibility of a regulatory framework can be found in the case of Canada, where the lack of criminal convictions leading to imprisonment has created a perception that enforcement is weak, in spite of all the disciplinary actions taken by the securities regulators and the self-regulatory organizations (which play a significant role in that jurisdiction).

Good coordination with criminal authorities will be required in order for the system to function optimally.29 Coordination between the regulator and the criminal prosecutor will ensure that information is passed quickly and effectively, that parallel proceedings are not in conflict, and that resources are shared where possible. The regulator should have the ability to share its investigatory information with the prosecutor. An exception to the full sharing of information is usually given for the right to avoid self-incrimination. Criteria for passing a case to the prosecutor should be developed. Generally, the most serious and damaging cases should be passed to the criminal prosecutor.

However, we have seen that, in practice, actual coordination and cooperation remain a challenge for many countries. Resources at both the regulator and the prosecutor are often constrained, and expertise is also a challenge. The prosecutor’s interest in financial markets matters may not be great and there may not be sufficient will to work together on the part of both organizations. Some regulators and prosecutors are also legally constrained from sharing confidential information.

F. Ability to Provide Cooperation to Foreign Regulators

It is a truism that financial markets operate across borders. Not only are wrongdoers able to move across borders, they are able to quickly move money across borders, execute transactions in more than one jurisdiction instantaneously, and communicate easily with colleagues in many jurisdictions. As a result, the ability to share information with counterparts in foreign jurisdictions and the ability to obtain information from foreign counterparts have become an integral part of successful enforcement.

Although a significant amount of cooperation takes place on an informal basis, operationally, it is important that there be clear rules under which such exchange of information will take place to facilitate the process. IOSCO has created a unique agreement, the Multilateral Memorandum for Information Sharing (MMOU), which sets the best practices standard for information sharing. The agreement was developed in 2002 and sets out standards and protocol for sharing of information between members, including the type of information that regulators should be able to obtain, the procedures to request such information, the authorized use for information obtained under the MMOU, and the principles of confidentiality that should guide the requests. IOSCO has set a deadline of 2010 for all IOSCO members to have either signed or committed to sign the MMOU.

IOSCO’s experience with the MMOU shows that many countries still face legal barriers that prevent them from fully cooperating at the international level, which, in turn, affects the effectiveness of enforcement programs globally. As of June 2009, only 52 countries have become signatories of the IOSCO MMOU, which represents 46 percent of the IOSCO membership.30 The main impediments reported by the screening committee of IOSCO are:

  • the lack of authority to obtain and/or share banking information—bank account information is often sought by foreign counterparts, who are trying to establish the identity of a transaction or whereabouts of profits; and this information is protected by confidentiality laws, which may extend to protection from sharing for regulatory purposes;

  • rules under which information will be passed to criminal enforcement—in many jurisdictions, the regulator can share information for regulatory purposes, but only on the assurance that it cannot be used for purposes of criminal investigation; and

  • the requirement existent in many jurisdictions that the misconduct under investigation be sanctionable not only in the jurisdiction requesting assistance but also in the jurisdiction from where assistance is being sought—the MMOU requires the regulator to be able to actively get the information being requested, even if the alleged conduct is not illegal in that jurisdiction.

While these MMOU provide the basis for cooperation, political will and resources are key to effective cooperation.

V. Enforcement Capacity

As important as a robust legal framework is the regulator’s capacity to effectively design and implement an enforcement program; as we have observed, it is not the law but the implementation and enforcement of the law that counts. Numerous factors have an impact on the capacity to enforce. Some are more obvious and easy to measure—such as the level of funding and resources of a regulator—while others are more subtle and difficult to quantify, such as the authorities’ willingness to actively enforce the legal framework.

The IOSCO Principles evaluate these issues via Principle 10, which approaches enforcement in the broadest sense, combining the supervision elements (which are also present in other Principles) and the disciplinary function. This combination is a reflection of how enmeshed are supervision and enforcement and how difficult it is to evaluate their effectiveness separately. Principle 10 is the only Principle in an IOSCO assessment that measures effectiveness of the enforcement program and is, therefore, our best measure of how well enforcement (even in the narrow sense) is done.

Evaluations of Principle 10 exhibit one of the lowest levels of implementation of all the principles (after only Principles 2 and 24). As Figure 3 below shows, in only about 50 percent of the countries did the assessors consider that the country had developed and implemented a credible enforcement program. Conversely, critical problems were found in the other 50 percent.

Figure 3.
Figure 3.

Implementation of a Credible Enforcement Program

Citation: IMF Working Papers 2009, 168; 10.5089/9781451873153.001.A001

Source: IOSCO Assessments and staff estimates.

As Figure 4 shows, only high-income level countries (OECD and non-OECD) were able to develop credible enforcement programs, for which roughly 80 percent of the countries were in the categories of implemented or broadly implemented. In the remaining countries, less than 30 percent of the countries had received implemented or broadly implemented grades. The assessments clearly underline the relationship between institutional strength (ability to implement) and income of the country. As with Principles measuring the legal framework, we found that upper-middle countries have faced as much, if not more, difficulty as lower-income countries, and the same explanation can be provided here.

Figure 4.
Figure 4.

Implementation of a Credible Enforcement Program By Income Level 1/

Citation: IMF Working Papers 2009, 168; 10.5089/9781451873153.001.A001

Source: IOSCO Assessments and staff estimates.1/ Numbers in the table represent the average percentage share of the applicable and assessed principles for all countries grouped in the “fully” and “broadly” implemented levels.

The analysis of these results vis-à-vis those of Principles 8 and 9 lead us to conclude that capacity issues pose an even greater challenge for effective enforcement than gaps in the legal framework. Below, we analyze the key factors that can affect regulator’s enforcement capacity and identify the main problems that countries have encountered in practice.

A. Independence and Political Will

Enforcement is a highly visible activity31 with considerable impact and, therefore, carries political risks with it. Without a strong decision-making ability and willingness to bear risks, it is unlikely that an organization will be able to take the necessary decisions. A strong decision-making ability comes from political independence, legal protection from adverse consequences of taking legitimate enforcement action, and from the presence of qualified and effective decision makers.

The IOSCO assessments of governance of regulators across many markets clearly show that strong institutional governance remains a significant challenge. Many regulators are not politically independent. Some do not have full autonomy, for example, relying on a ministry to license or revoke licenses, or to impose other sanctions. In other countries, particularly small developing countries, the regulator is not free from commercial influence. Independence is, in fact, the most significant weakness that we have found in our analysis of the IOSCO assessments, and, thus, Principle 2—which covers independence—exhibits the lowest level of implementation of all the Principles.32

Freedom from political or commercial interference is not enough. Full support for active enforcement from the senior management of the regulator is critical. Through our technical assistance work, we have found that, in practice, many regulators are concerned about the adverse effects that enforcement could have in the market and, at senior levels, could be reluctant to support a vigorous enforcement program.

In emerging markets, the argument is frequently made that strong enforcement can thwart the market by forcing the exit of the few participants (public companies and/or intermediaries) that the market might have and discouraging the entrance of new participants. Therefore, as long as the market remains in a developing stage the regulator has to be lenient and rely mainly on moral suasion. In the case of developed markets, the argument that has more recently been made is that strong enforcement could affect the competitiveness of the a market vis-à-vis other markets. For example, at least prior to the current financial crisis, the philosophy toward enforcement was perceived as a key difference between the U.S. and the U.K. markets, which could have an effect on listings. In this regard, some research had suggested that the United States might have been losing listings to London, due to its stricter regulations and strong enforcement approach.33

B. Staffing and Resources

Enforcement is a resource-intensive exercise. Investigations are time-consuming, requiring long hours of requesting, collecting, and analyzing data. A fully effective enforcement program also requires skilled legal counsel to build and prosecute a successful legal case against a wrongdoer. Investigators must have a variety of skills in order to be effective (including analytical skills and knowledge of the industry and markets) and prosecutors must have a full set of legal and litigation skills and an understanding of the financial markets.

These skills are often difficult to recruit, especially since securities regulators are generally unable to compete with the private sector on remuneration. In emerging market countries, where public sector pay scales are even more at odds with the private sector, this is an acute problem.

The IOSCO assessments reveal a chronic underfunding of many securities regulators, particularly in emerging market countries, which has undermined effective enforcement. Underfunding has affected both human and technological resources. At the human resources level, the aforementioned problem with salary is a serious concern in both hiring and retention of staff. Regulators are not only understaffed, but are also not able to hire personnel with expertise comparable to that of regulated entities. Technology is also important—while we believe that regulators surveillance systems or data systems should be commensurate with the state of development of the market, we have found that in many developing and some emerging market countries, the regulators lack effective tools for surveillance. In many cases, surveillance is still done manually without access to automated tools.

Understaffing or a lack of skilled and knowledgeable staff affects the ability of a regulator to take enforcement actions in a timely manner and impedes its ability to build successful cases.

C. Adequate Organizational Structure

How the enforcement function is organized (whether as a separate division or as one function within a larger department (for example, a supervision or legal department) can have a significant impact on effectiveness and efficiency. For example, when enforcement is part of a larger division, staff might have many different roles to fulfill, preventing them from specializing and developing sufficient skill in investigation and prosecution of enforcement actions. The creation of a separate enforcement division may help to foster specialization; however, in that scenario, effective coordination with other divisions (for example, those in charge of supervision) becomes critical. While there is no one clear way to ensure an effective internal structure, there does appear to be a strong trend among countries, where reform of enforcement is underway, in favor of establishing separate enforcement divisions. Countries like Brazil, Chile, and Portugal have recently made changes in their organizational structures in order to create specialized enforcement divisions, which also serve as a signal of their commitment to active enforcement. Other regulators with specialized enforcement units include ASIC in Australia, the OSC in Canada, and the U.S. SEC.

The position of the adjudication function within the framework is another design issue, which seems to be informed by the jurisdiction’s approach to due process. For example, in a few jurisdictions (Autorité des Marchés Financiers in Quebec, Canada, and CONASEV in Peru), it has been considered necessary to assign the adjudication function to an independent tribunal. In others, due process is considered satisfied as long as the adjudicative function is carried out by a different body/division than that in charge of investigation and prosecution/litigation. For example, in the OSC in Canada, separate divisions conduct the investigation and the litigation of the case, while the adjudication is done by the Commission itself.

The organizational structure should also support a fair and transparent process vis à vis the public and the regulated industry. Credible enforcement requires that market participants and the public as a whole believe that the system is being applied consistently and fairly. This requires the development of a system of controls for the enforcement function.

D. Effective Court System

Enforcement requires involvement from the courts at different levels and stages. The court is the direct arbiter in criminal and civil cases and is normally the appellate body in administrative matters. Therefore, the effectiveness of the enforcement framework of a country cannot be judged in isolation from the judicial system and how expedient and reliable court decisions are.

Most assessors mentioned the quality and effectiveness of the judiciary as an important challenge for the implementation of the IOSCO Principles.34 One of the most common problems identified by assessors is the lack of expertise of judges in financial matters and the lack of timeliness, due, in great part, to the volume of cases that they handle. Thus, in some countries, like Peru, financial regulators are helping to close the technical gap by developing training programs for the judges. Others have developed a cadre of judges who specialize in white-collar crime or, more generally, on adjudication of complex commercial matters.

Timeliness, or lack thereof, of the judicial system can have a serious effect on enforcement. For example, none of the alleged fraudsters charged in the 1992 repo scandal in India was ever given a final conviction (some are still under appeal). The main figure died in 2002 with an appeal still pending; he was involved or accused of several major frauds in the interim period. While he was barred from the financial industry by regulators, the extreme slowness of the court system allowed him to commit additional financial crimes.

Also, in a few developing countries, corruption was mentioned as a challenge for effective enforcement.

E. Role of SROs

Securities regulatory systems often make use of self-regulatory organizations. These are private or semi-private organizations that carry out some regulatory functions, ranging from trade associations that set enforceable codes of conduct to stock exchanges that set and enforce trading rules to full-service regulators of the investment firm industry (such as the Financial Industry Regulatory Authority (FINRA) in the United States and the Japanese Securities Dealers Association). The SRO role in enforcement can vary. Some SROs are responsible only for rule setting, others are responsible to detect wrongdoing (market surveillance) and report to the regulator, and others carry out investigations and sanctioning. In most jurisdictions, SROs are an integral part of the enforcement process and must be considered in assessing the effectiveness of the system as a whole. However, the IOSCO assessments show significant weaknesses in the conduct of supervisory and enforcement actions by SROs, which are sometimes hindered by a lack of authority over their members or are unable to overcome conflicts of interest involved in bringing disciplinary actions. It must be said that, in a few cases, SROs were more effective enforcers than the regulator.

In order to ensure incentives are in place for effective enforcement, the statutory regulator must have a strong oversight of the SRO. The IOSCO assessments (Principle 7) have shown that oversight is often weak.

The Nahas case illustrates the crucial role SROs play. The exchanges in that case did not act in coordination (thus, allowing information to be fragmented) and were not sufficiently aggressive in shutting down manipulative practices. The supervisor failed to impose high standards on the exchanges through its oversight. The failure of the Bombay Stock Exchange to detect and deter manipulation in the Indian equity market in 2001 led to regulatory reform in India and demutualization of the exchange (which was perceived to be unable to act in the public interest while it was owned by brokers).35 In 1994, the U.S. SEC brought an enforcement action against the National Association of Securities Dealers, overseer of the National Association of Securities Dealers Automated Quotation system (NASDAQ) for failing to adequately police its markets and allowing market makers to maintain artificially wide spreads (thereby profiting at the expense of investors on both buying and selling of those securities).

VI. Measuring the Effectiveness of Enforcement

The goal of an enforcement program is to ensure compliance with securities regulation, and securities regulation as a whole is designed to foster the development of fair, liquid, and stable markets. Indicators for the measurement of the effectiveness of the enforcement function should therefore be linked to achieving compliance and to fair, liquid, and stable markets. The task of measurement is, however, complex. It is difficult, if not impossible, to decouple the supervision and enforcement functions. There is lack of a body of work in measuring the success of regulatory systems in terms of contribution to fair, liquid, and stable markets. Further, there is inherent subjectivity in many of the indicators and the number of variables at work in any given measurement. Notwithstanding the challenges, the evaluation of enforcement efforts is critically important to an overall assessment of a regulatory system. Regulators, policy makers, and academics around the world are beginning the search for adequate measurement criteria in order to judge what is, and is not, effective.

A first generation of measurements focused on inputs and outputs. Input metrics include the level of resources (number of staff and salaries) assigned to enforcement. Output measures include the nature of actions taken (criminal or administrative), the specific type of sanction sought (prison, monetary penalty), and the number and amount of sanctions imposed (years of imprisonment, amount of monetary penalties). Some measurements relate to efficiency, such as the time required in taking a case from the investigation stage to adjudication. Others measure success rates, for example, the number of cases opened versus the number successfully concluded. Regulators in many countries use these metrics as tools to evaluate their performance and report them to the public and to the government bodies to which they are accountable. IOSCO assessors make use of this information in determining whether a regulator has in place an adequate enforcement program.

Such measures have also been used by academics to determine the importance of enforcement.36 Examining staffing levels and budget against financial outcomes, Jackson and Roe37 conclude that public enforcement—that is enforcement action undertaken directly by the regulatory authorities—is clearly associated with financial market development. The study acknowledges that the direction of causality cannot be proven. The authors’ prior assumption is that causation is bi-directional with strong financial markets inducing governments to protect an important constituency and an important market sector via enforcement.

Relying both on output and input metrics, Coffee38 concludes that the United States relies more heavily on enforcement than most countries around the world, including the United Kingdom and Canada, with the possible exception only of Australia. Such intensity relates not only to enforcement by the securities regulator, but also to criminal enforcement and private enforcement. In his view, this higher level of intensity probably contributes to the U.S.’s lower cost of equity capital and explains (at least in part) the valuation premium that cross-listing firms experience. It also explains the unwillingness of many foreign issuers to enter into the United States.39

Indeed, input and output measures combined can shed some light on the “intensity” of enforcement efforts from one country versus another, especially, if they are adjusted for size of the capital markets or the economy as a whole. However, as Coffee acknowledges, because enforcement is only one element on any compliance system, these measures alone do not support the conclusion that a system that relies more on ex ante (supervision) measures cannot achieve functionally equivalent results to a system that relies more on ex post (enforcement) measures.40

Some regulators, such as the U.K. FSA, have begun to use a second generation of metrics, designed to capture the outcome of the enforcement effort. These measurements include conducting surveys to measure investor (and market participant) perception of the effectiveness of the enforcement programs. This information is helpful to regulators, as it points to the outcome of the program (perception of credibility in the market place), although, as the other measurements describe above, it is an incomplete approach.

In addition, the U.K. FSA has sought to measure the ‘cleanliness’ of the market as a measurement of its enforcement program. The research focuses on the change in price ahead of corporate announcements as a measure of whether fair disclosure and insider trading rules are complied with. The U.K. FSA has commissioned several independent “cleanliness” reports and, in each case, the study has shown that price movements indicate the market is not entirely clean.41 Such studies offer important insights into the effectiveness of enforcement, albeit, with some limitations. Market cleanliness studies measure the whole effect of a compliance program, not only of the enforcement (sanctioning) function. In addition, it focuses only on one aspect of regulation (market transparency as it relates to material information). Finally, it is very difficult to distinguish between trades done with insider information and trades that are done by diligent investment research and intelligent speculation.

Measurement of the effect and effectiveness of enforcement is a challenge and most methods use proxy measures for both inputs and outputs, and none of these is a perfect measure. The evaluation of enforcement efforts is, nonetheless, of critical importance to an overall assessment of a regulatory system and to the continuous improvement of systems. In the IMF and World Bank FSAP assessments, measuring the effectiveness of enforcement is difficult for expert assessors. In our assessments, we use a combination of input (quality and amount of resources, legal framework, number of cases, and their resolution and timeliness) and output measurements (perception in the markets, responsiveness of regulated entities, etc.). While we cannot show through quantitative calculation how precisely important enforcement is to the strength of the regulatory system, by observation we have determined that, without doubt, a jurisdiction that does not enforce its rules has a failed regulatory system and has suffered a lack of market confidence as a result. The Madoff case has also highlighted how easily a regulator’s reputation can be affected when the perception exists that appropriate enforcement action is not taken in a timely manner.

VII. Conclusion

The recent financial crisis has drawn attention to the need to strengthen the regulatory framework for the financial sector around the world; in particular, to ensure that financial stability issues are properly analyzed and monitored. The G-20 has highlighted the role that enforcement plays in achieving the goals of financial regulation, including financial stability,42 and has recommended that financial regulators worldwide give priority to the development of effective and credible enforcement programs.

The Great Debate: U.S. Versus U.K. Model of Regulation

The U.S. SEC refers to itself as a ‘law enforcement’ agency. Its regulatory model is based on aggressive enforcement and a significant portion of its resources are devoted to enforcement activities.43

Other models of regulation do not emphasize enforcement. The contrast has usually been made between the United States and the United Kingdom. Until recently, the U.K. FSA applied a model of regulation with a greater emphasis on work done in ‘prevention’ rather than ex-post enforcement efforts.

The United States also has an extensive program of criminal enforcement, involving states attorneys general and the Department of Justice. There is also widespread use of private enforcement through class actions. These have been criticized as being unduly costly to companies (and therefore detrimental to market competitiveness, footnote the Bloomberg report), but have also been championed as the chief means of keeping management of public companies (for example) focused on the best interest of shareholders. Indeed, there has been much discussion in the press as to the role of the U.S. court system as the world’s enforcement mechanism vis á vis very large public companies. The U.S. SEC’s public enforcement efforts are also carried across borders, with investors around the world benefiting from its activities. The agency commits significant resources to cross-border enforcement. Recently, it brought an action to U.K. courts, successfully freezing the financial assets in the United Kingdom of a U.K. resident, who allegedly violated U.S. securities laws, indicating that its reach is international when required.

The reasons for this difference in the intensity of enforcement are harder to gauge. It may be, as Coffee notes,44 because a more dispersed ownership of U.S. companies (less-concentrated ownership means owners are less able to apply direct pressure to management and, therefore, external enforcement is required to prevent fraud). There are also, no doubt, differences in culture (both in terms of the use of the legal system and in terms of the regulated industry), which have informed these differences.

However, since 2007, the FSA has placed greater emphasis on the role of enforcement actions in securing its objectives. It has moved away from the philosophy of “not being an enforcement-led regulator” in favor of a more overt and aggressive philosophy of “credible deterrence.” Central to this new philosophy has been the realization that the FSA should use all the powers available to deter those inclined to break the laws and stop and prosecute those who break them. The FSA has, in particular, made greater use of its power to prosecute insider dealing and other offenses identified in the FSMA as criminal offences.45

Cases like the Madoff scandal draw immediate attention to the consequences of fraud on individual investors. But, as we have illustrated, violations of securities law and regulation can also have very serious system-wide implications that go far beyond the individual investor. The Nahas case, for example, has had a far-reaching and long-lasting impact on the Brazilian market. The market scandals in India have prevented market growth and have led to financial institution failures. Even the Madoff scandal is not just limited to losses to investors—the scandal may have a lasting impact on confidence in private wealth management (by many institutions who dealt with Madoff) and confidence in the markets generally.

There is an interdependence between the legal framework (which must be well designed if supervision and enforcement are to work), supervision (which implements the legal framework, works to prevent problems before damage occurs, and develops the practice that enforcement is built upon) and enforcement (which ensures that, if supervision has failed to ensure compliance and rules have been violated, there are consequences). Each of these three elements is crucial. It would be unsatisfactory to have enforcement alone—after all it is an ex post address of the issue, which can never fully restore losses to investors or the market. However, without enforcement, the law and supervision would remain unsupported and compliance would suffer in the absence of a deterrence mechanism. Further, it appears that among these elements, enforcement is the most challenging for regulators.

In spite of the critical role enforcement plays, the IOSCO assessments clearly show that many countries face significant challenges in implementing credible and effective enforcement programs in the securities arena. One of the strongest trends in the assessments has been the finding that weakness in capacity rather than gaps in the legal framework are at the core of the problem. The lack of broad powers to investigate, litigate, or sanction breaches of securities laws and regulations is an issue for many countries (in particular, developing countries), and, in many cases, the lack of such authority that has prevented the regulatory agencies from taking measures needed to maintain clean markets.46 However, the factors that affect capacity, such as the independence of the regulator from political or industry resistance to enforcement, level of the staff’s skill, and the extent to which resources are dedicated to the enforcement function have had a more pervasive effect.

The key elements in capacity—budget and staffing independence—are both linked to political support for the regulator. We can conclude, therefore, that such support is the first step to addressing the challenges ahead. The G-20 supports such a conclusion by recommending that national financial regulators and oversight authorities ensure that appropriate resources are available and that the enforcement function is independent from other activities or from external influences.47 Technical assistance and capacity building assistance to developing and emerging market countries to strengthen their legal and regulatory frameworks for enforcement are also steps in the right direction, and this should be a priority for international institutions, regulators, and international standard setters, such as IOSCO.


  • Samir K Barua and Jayanth R. Varma Securities Scam: Genesis, Mechanics and Impact,”, Indian Institute of Management, Ahmedabad, India 1993.

    • Search Google Scholar
    • Export Citation
  • Utpal Bhattacharya and Hazem Daouk When No Law is Better than a Good LawCEI Working Paper Series, Institute of Economic Research, Hitotsubashi University, June 2004.

    • Search Google Scholar
    • Export Citation
  • Ana Carvajal and Jennifer Elliott Strengths and Weaknesses of Securities Market Regulation: A Global AnalysisIMF Working Paper No. 07/259 2007.

    • Search Google Scholar
    • Export Citation
  • John Coffee Law and the Market: The Impact of Enforcement,” The Center for Law and Economics, Columbia University School of Law, Working Paper No. 304, April 4, 2007.

    • Search Google Scholar
    • Export Citation
  • Hazem Daouk, Charles M.C. Lee, and David T. Ng Capital Market Governance: How Do Securities Laws Affect Market Performance?Journal of Corporate Finance, vol 12, issue 3, 2006,

    • Search Google Scholar
    • Export Citation
  • City of LondonAssessing the Effectiveness of Enforcement and RegulationCRA International, UK, April 2009.

  • James Glassman, Smart investing for a deceptive market: Have companies mended their ways since the Enron scandal? Don’t count on it. Here’s how to invest intelligently and protect yourself from trickery,” Kiplinger’s Personal Finance, August 5, 2005

    • Search Google Scholar
    • Export Citation
  • Howell Jackson and Mark Roe, Private and Public Enforcement of Securities Laws: Resource-Based Evidence,” Harvard Public Law Working Paper No. 08-28, 2009.

    • Search Google Scholar
    • Export Citation
  • Christopher Jarvis, 1999, “The Rise and Fall of the Pyramid Schemes in Albania,” IMF Working Paper 99/98 (International Monetary Fund: Washington DC).

    • Search Google Scholar
    • Export Citation
  • Zachary A. Goldfarb In Cox Years at the SEC, Policies Undercut Actions: Red Tape Halted Cases, Drove Down Penalties”, Washington Post, June 1, 2009.

    • Search Google Scholar
    • Export Citation
  • Matthew Goldstein Inside Bawag’s Refco Role”, May 06, 2006,

    • Search Google Scholar
    • Export Citation
  • Rogerio Martins, Brazil: the Nahas Case,” a case study of The Toronto International Leadership Centre for Financial Sector Supervision, Toronto, Canada.

    • Search Google Scholar
    • Export Citation
  • Rafael La Porta, Florencio Lopez-de-Silanes, Andre Shleifer and Robert Vishny What Works in Securities Law?Journal of Finance, 2006.

    • Search Google Scholar
    • Export Citation
  • McKinsey ConsultingSustaining New York’s and the US’ Global Financial Services Leadership,” New York, 2005.

  • Nuno Monteiro, Qatar Zaman, and Susanne Leitterstorf, Update Measurement of Market Cleanliness,” Financial Services Authority Occasional Paper Series Number 25, March 2007.

    • Search Google Scholar
    • Export Citation
  • Supreena Narayanan Financial Market Regulation-Security Scams In India with historical evidence and the role of corporate governance”. 2004 Unpublished. At

    • Search Google Scholar
    • Export Citation
  • Australian Securities and Investments Commission press release 06-386, “Former Adelaide company director jailed,” Friday 3 November 2006.

    • Search Google Scholar
    • Export Citation
  • Australian Securities and Investments Commission press release 06-443 ASIC accepts an enforceable undertaking from the Multiplex Group, Wednesday 20 December 2006 website.

    • Search Google Scholar
    • Export Citation
  • Australian Securities and Investments Commission press release 07-35 ASIC commences proceedings relating to James Hardie, Thursday, February 15, 2007.

    • Search Google Scholar
    • Export Citation
  • City of LondonAssessing the Effectiveness of Enforcement and RegulationCRA International, UK, April 2009.

  • Committee of European Securities RegulatorsAn evaluation of equivalence of supervisory powers in the EU under the Market Abuse Directive and the Prospectus Directive: A report to the Financial Services CommitteeJune 21, 2007.

    • Search Google Scholar
    • Export Citation
  • Joint Parliamentary Committee Report on the Stock Market Scam and Matters Related thereto, Lok Sabha, New Delhi, India 2002

    • Search Google Scholar
    • Export Citation
  • G-20 Working Group 1 Enhancing Sound Regulation and Strengthening Transparency Final Report March 25, page 45,

    • Search Google Scholar
    • Export Citation
  • Market Crash 2001,”, December 20, 2002,

  • Securities Exchange Board of India, “Investigations in Market Manipulation in the Context of Recent Market Behaviour (Preliminary Report),” April 2007, Mumbai, India.

    • Search Google Scholar
    • Export Citation
  • Refco Chapter 11 Filings, United States Bankruptcy Court, Southern District of New York, October 17, 2005,

  • U.K. Financial Services Authority, “A regulatory response to the global banking crisis,” Consultation Paper SP09/2, p. 91.

The authors would like to thank Jeanne Balcom, Richard Britton, Christophe Caillot, Tanis MacLaren, Aditya Narain, Ian Tower and Nai Seng Wong for their insightful and extremely helpful comments on a previous version of this paper. While the paper is much stronger for their help and consideration, all inaccuracies and mistakes remain our own.


G-20 Working Group 1 Enhancing Sound Regulation and Strengthening Transparency Final Report, March 25, p. 45, (hereinafter Final Report).


Common obstacles to securing high levels of compliance include low levels of skills and resources or poor management and governance within regulated entities; compliance is a key responsibility of regulated entities and the health of the system depends largely on their willingness and ability to comply with rules and manage risk. Another common problem is the lack of skills and resources within the regulator resulting in a lack of knowledgeable staff, or the lack of political will within the regulator to tackles issues as they arise. This can be complicated by governance or management problems at the regulator, which result in poor internal communications, lack of decisiveness, and delayed responses or a lack of legal authority in the regulator to require information or to carry out inspections, constraining its ability to execute various supervision methods. A major obstacle to achieving an adequate level of compliance is a lack of credibility of the regulator. The compliance demands of a regulator that is known to never impose consequences will not be taken seriously in the marketplace. Thus, the lack of effective enforcement will undermine the entire compliance program.


Enforcement can also have a remediation role in systems where the regulator has the authority to require the disgorgement and return of ill-gotten gains.


Final Report, p. 44.


The details of this case are taken from Rogerio Martins, “Brazil: the Nahas Case,” a case study of The Toronto International Leadership Centre for Financial Sector Supervision.


Settlement was T+5 and brokers could make loans on the proceeds of the sale at T+0. This was prohibited for wash sales, but Mr. Nahas was nonetheless able to finance his wash trades with T+0 financing.


“Securities Scam: Genesis, Mechanics and Impact,” Samir K Barua and Jayanth R. Varma, Indian Institute of Management, Ahmedadhad, India 1993.


At the time, the Indian system employed ‘badla,’ which allowed deferral of cash settlement (carry forward) for an extended period of time.


See Securities Exchange Board of India, “Investigations in Market Manipulation in the Context of Recent Market Behaviour (Preliminary Report),” April 2007, Mumbai, India. Following the scandal, the Securities Exchange Board of India instituted many reforms, including instituting governance changes at the Bombay Stock Exchange, ultimately designed to improve market monitoring; increased its own staffing; and began more on-site inspection work. See “Market Crash 2001,”, December 20, 2002,


James Glassman, “Smart investing for a deceptive market: Have companies mended their ways since the Enron scandal? Don’t count on it. Here’s how to invest intelligently and protect yourself from trickery,” Kiplinger’s Personal Finance, August 5, 2005,


Refco Chapter 11 Filings, United States Bankruptcy Court, Southern District of New York, October 17, 2005,


Christopher Jarvis, 1999, “The Rise and Fall of the Pyramid Schemes in Albania,” IMF Working Paper 99/98 (International Monetary Fund: Washington, DC).


ASIC press release 06–386, “Former Adelaide company director jailed,” Friday, November 3, 2006.


U.K. Financial Services Authority, “A regulatory response to the global banking crisis,” Consultation Paper SP09/2, p. 91.


The International Organization of Securities Commissions (IOSCO) is the global standard setter for securities regulation. The IOSCO Principles are used in the IMF/World Bank Financial Sector Assessment program to evaluate the strengths and weaknesses of a country’s regulatory system. For a complete discussion of the findings from the assessment program, see our earlier paper, Ana Carvajal and Jennifer Elliott, “Strengths and Weaknesses of Securities Markets Regulation: A Global Analysis,” IMF Working Paper 07/259, 2007.


The authority to impose sanctions can rest with the regulator or a regulator can request sanctions to be imposed by a court. Most systems have a mix of the two—the regulator is able to impose administrative sanctions and the court imposes civil or criminal sanctions. As we note later, most systems will not be effective unless the regulator has some direct sanctioning ability.


In an IOSCO assessment, there are five possible grades, fully implemented (where all necessary requirements are fulfilled), broadly implemented (where most are fulfilled), partly implemented (where significant shortcomings are found), not implemented (where substantially all of the requirements are not met), and not applicable.


For example, in the post-mortem of the Madoff crisis, analysis of the diminishment of the U.S. SEC’s enforcement program has emerged, suggesting that pressure to maintain market competitiveness led to a lighter touch in enforcement (Zachary A. Goldfarb “In Cox Years at the SEC, Policies Undercut Actions: Red Tape Halted Cases, Drove Down Penalties,” Washington Post, June 1, 2009).


This authority is wide ranging and can impinge on the right to privacy of individuals and legal persons. The authority should therefore also be subject to due-process requirements of administrative, criminal, and civil law.


The right against self-incrimination.


Regulators do not generally have the right to inspect public companies without a court order, but they should have the right to require issuers to provide information.


In Brazil, the request to lift bank secrecy in one case has taken three years and the final decision is still pending, due to the numerous appeals that the opposing party has lodged. The CVM can also seek access via the central bank, which is the banking regulator. However, legal staff of the central bank has interpreted the provisions in a very narrow way and that sharing of bank information can only be done when the case is being investigated by both entities.


The Ontario Securities Commission, Autorite des Marches Financiers, and other regulators in Canada do have direct authority to impose a freeze of assets.


ASIC press release 06–443 ASIC accepts an enforceable undertaking from the Multiplex Group, Wednesday, December 20, 2006 website.


ASIC press release 07–35 ASIC commences proceedings relating to James Hardie, Thursday, February 15, 2007.


Committee of European Securities Regulators, “An evaluation of equivalence of supervisory powers in the EU under the Market Abuse Directive and the Prospectus Directive: A report to the Financial Services Committee,” June 21, 2007.


The situation appears to be changing. In fact, in Brazil the CVM has been given this power.


One common shortcoming is a lack of skill and expertise on the part of regulatory investigators in gathering evidence in a way that satisfies the more rigorous criminal proceeding. Another is the lack of understanding of financial markets on the part of public prosecutors.


Twenty countries have committed to sign the agreement, but are required to make changes to their legal frameworks to be able to do so. Source: IOSCO, June 2009.


While in most countries investigations are confidential, once charges have been filed an enforcement matter becomes public. The media and public are often very interested in enforcement matters. The outcome can have a highly visible impact: awarding fines, banning individuals from the industry, imprisonment, etc.


See Carvajal and Elliott.


See “Sustaining New York’s and the US’ Global Financial Services Leadership,” a McKinsey Consulting study commissioned by New York City Mayor, Michael Bloomberg, and Senator Charles Schumer in 2005. The conclusions have been hotly debated. We are unaware of any definitive academic research on the issue.


The IOSCO assessment requires assessors to look at whether certain preconditions for effective enforcement of securities laws are in place, including the effectiveness of the judiciary.


Parliament of India, Joint Parliamentary Committee Report on the Stock Market Scam and Matters Related thereto, Government of India, 2002 and Narayanan, Supreena (2004): Financial Market Regulation-Security Scams In India with historical evidence and the role of corporate governance. Unpublished.


Howell Jackson and Mark Roe, “Private and Public Enforcement of Securities Laws: Resource-Based Evidence,” Harvard Public Law Working Paper No. 08-28, 2009.


In their research, Jackson and Roe refute earlier work by La Porta that suggested that private enforcement rather than public enforcement matters more for financial market development. Rafael La Porta, Florencio Lopez-de-Silanes, Andre Shleifer and Robert Vishny “What Works in Securities Law?” Journal of Finance, 2006. 1998, Law and Finance, Journal of Political Economy.


John Coffee “Law and the Market: The Impact of Enforcement,” The Center for Law and Economics, Columbia University School of Law, Working Paper No. 304, April 4, 2007.


Moreover, based on his research, Coffee argues that the level of enforcement rather than legal origins explain better the national differences in costs of capital and valuation premium, see Coffee, pp. 4–5.


Other academic studies have attempted to tie strong regulation with certain market outcomes. Hazem Daouk, Charles M.C. Lee, and David T. Ng “Capital Market Governance: How Do Securities Laws Affect Market Performance?” Journal of Corporate Finance, vol 12, issue 3, 2006, the authors link some measures of good regulation to market outcomes (liquidity, cost of capital), but the aspects of regulation they choose are not the only factors that can affect the outcome. Further, they do not measure the quality or even quantity of enforcement activity. Utpal Bhattacharya and Hazem Daouk “When No Law is Better than a Good Law” CEI Working Paper Series, Institute of Economic Research, Hitotsubashi University, June 2004, use proxy measures to describe enforcement (whether a country is measured as corrupt or has the rule of law). They show that using these measures, when insider trading laws exist, but are judged not to be enforced, creates greater problems for market liquidity than where no law exists at all. A recent City of London and industry-sponsored study argues that market outcomes across a group of developed countries (Australia, France, Germany, the United Kingdom, and the United States) are similar despite differences in approach to supervision and enforcement, although, of course, each of these countries has some form of an enforcement program, see “Assessing the Effectiveness of Enforcement and Regulation” CRA International, City of London, April 2009.


See for example, Nuno Monteiro, Qatar Zaman, and Susanne Leitterstorf, “Update Measurement of Market Cleanliness,” Financial Services Authority Occasional Paper Series Number 25, March 2007.


The private right to sue is an avenue of discipline on market participants, issuers, and investment firms. However, it often produces incomplete results: bringing a civil law action is not a realistic option for many individuals, it is rarely available to prevent damage, is usually ex post and after value has been destroyed, assets transferred, and wrongdoers have gone bankrupt. In many countries, private law enforcement is unrealistic because of its slowness and the lack of expertise of courts as well. The LaPorta paper concluded that private law enforcement was more important than public enforcement, but that paper did not separate the variables contributing to market outcomes and, further, it did not take into account the probability that jurisdictions with strong legal frameworks (the basis of private recourse) are also those with strong public regulators.


Statistics for enforcement staff in SEC and FSA, see annual reports at and




FSA, A regulatory response to the global banking crisis, Consultation Paper, SP09/2, p. 91.


The Albanian ponzi schemes and the Nahas case are but two examples where a lack of authority impeded earlier or more robust enforcement.


Final Report, p. 45.

The Challenge of Enforcement in Securities Markets: Mission Impossible?
Author: Ana Carvajal and Ms. Jennifer A. Elliott