Troutman Pepper Locke’s Securities Investigations and Enforcement team counsels and defends clients through all stages of securities enforcement proceedings. Our attorneys have served in key government agencies and regulatory bodies, and bring their insight to bear in each representation. The team includes a former branch chief of the Division of Enforcement at the SEC, former enforcement lawyers, regulators and government attorneys, assistant United States Attorneys and former assistant attorneys general, as well as in-house counsel for public companies. Our lawyers and practice have been identified as leaders in the field by publications such as the Legal 500, SuperLawyers, Benchmark Litigation, and Chambers USA.

The Office of the Comptroller of the Currency (OCC) has issued a Notice of Proposed Rulemaking aimed at clarifying the permissible activities of national trust banks. The proposal seeks to amend chartering regulations to explicitly state that national trust companies may engage in nonfiduciary activities, such as asset custody, without being required to obtain a full-service national bank charter. However, the proposed rule does not address what specific nonfiduciary activities are permissible, nor does it indicate whether a national trust company must engage in a minimum level of fiduciary activities.

On January 9, the U.S. Supreme Court granted certiorari in Ongkaruck Sripetch v. U.S. Securities and Exchange Commission (SEC). The case arises out of an SEC civil enforcement action in the Ninth Circuit and squarely presents an important remedial question that the Court left open in Liu v. SEC, i.e., what counts as a “victim” for purposes of SEC disgorgement, and does the SEC have to show that investors actually lost money before it can obtain that relief?

Overview

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) recently announced an $11.5 million settlement of an enforcement action against a U.S.-based private equity and infrastructure investment firm (the firm) for violations of U.S. sanctions in connection with an investment indirectly backed by a sanctioned individual. The action provides important guidance on OFAC’s expectations regarding ownership, control, and indirect involvement by sanctioned persons, as well as the limits of relying on outside counsel when material facts are not fully disclosed. This is the latest in a series of similar enforcement actions by OFAC involving the same sanctioned individual and the complex trust structure he established to conceal his interest in U.S. investment funds, including a similar case in June involving a venture capital firm.

On December 16, the Federal Deposit Insurance Corporation (FDIC) proposed a new rule that would create a formal, bank‑centric process for issuing payment stablecoins. The rule is designed to implement the Guiding and Establishing National Innovation for U.S. Stablecoins Act (the GENIUS Act) and would apply to FDIC‑supervised institutions, state nonmember banks and state savings associations, that want to issue payment stablecoins through a subsidiary. With this proposed rule, the FDIC is seeking to “evaluate the safety and soundness of an applicant’s proposed activities based on consideration of statutory factors and support the responsible growth and use of digital assets and related technologies while minimizing the regulatory burden on applicants.”

On December 16, the Federal Reserve Board issued a Request for Information on a new special‑purpose “Payment Account” prototype, which is essentially a stripped‑down Federal Reserve Bank account designed for institutions focused on payments innovation. The goal with this specialized or “skinny” access is to give legally eligible, payments‑centric institutions a more predictable and lower‑risk path to access key Federal Reserve payment services, without changing who is legally eligible for Federal Reserve master accounts.

On December 17, the Office of the Comptroller of the Currency (OCC) proposed new guidance that would significantly streamline how community banks elect to be evaluated under the Community Reinvestment Act (CRA) by providing a simplified strategic plan form. Framed as part of Comptroller Gould’s broader initiative to reduce regulatory burden on community banks, the proposal would make the strategic plan option more accessible, more predictable, and less resource‑intensive for smaller institutions.

The Financial Industry Regulatory Authority’s (FINRA) 2026 Annual Regulatory Oversight Report is the most current and comprehensive statement of FINRA’s priorities and expectations for member firms. It does not create new legal obligations, but it is clearly designed as an exam and enforcement roadmap. The 2026 Report weaves together FINRA’s FINRA Forward modernization program, new and evolving risks (especially cyber‑enabled fraud and generative AI (GenAI)), and detailed observations on firms’ supervisory, operational, and financial controls. Firms should use it as a structured checklist for 2026 risk assessments, revisions to written supervisory procedures (WSPs), and enhancements to testing, surveillance, and training.

In today’s rapidly evolving digital landscape and expanded threat landscape, financial institutions feel at war and are under increasing pressure to balance innovation, data privacy, and regulatory demands. AI is accelerating that complexity, reshaping how organizations manage sensitive information and comply with a rapidly shifting legal environment.