Photo of Toby M. Galloway

tgalloway@winstead.com
817.420.8262

Toby Galloway is Chair of Winstead's Securities Litigation & Enforcement Practice Group. He also practices in the areas of white-collar defense, governmental & internal investigations...  Read More

and commercial litigation. Before developing his private practice, he served as an attorney with the United States Securities and Exchange Commission, in roles of increasing responsibility, for more than 11 years.

During his last four years at the SEC, Toby was the chief trial counsel for the Commission’s Fort Worth Regional Office. In this capacity, he supervised all litigation for a four-station region. In addition, he handled his own caseload, prosecuting civil enforcement actions involving alleged violations of the federal securities laws. He also served as a Special Assistant United States Attorney for the Northern District of Texas, prosecuting white-collar crime.

 

 

Toby routinely practices before the SEC, CFTC, FINRA, DOJ, Texas State Securities Board, and other state securities regulators, as well as the PCAOB and other regulatory and law enforcement agencies. Toby represents public companies, audit committees and special committees, hedge funds, private equity funds, asset managers, broker-dealers, registered investment advisers, accountants and lawyers, and other institutions in government investigations, securities law enforcement and litigation. He also represents aggrieved investors, and handles complex commercial litigation and has experience in healthcare fraud.

On Tuesday, August 29, 2023, Bitcoin once again loomed large over financial markets after the D.C. Circuit Court of Appeals vacated an SEC order that rejected Grayscale Investments’ (“Grayscale”) application to list a spot Bitcoin exchange-traded fund (“ETF”) on NYSE Arca. The price of Bitcoin initially jumped almost seven percent on the news. But as of this writing, the market has erased nearly all those gains.

Background

With the increased prevalence of digital assets, the SEC received numerous applications to list and trade shares of digital assets as ETFs on various exchanges. As the most well-known digital asset, Bitcoin represents the focal point for many of these applications. The key distinction between these applications is whether the ETF is based on the spot or the future market.

Continue Reading A Potential Big Win for Bitcoin: A Federal Court Overturned the SEC’s Refusal to List a Spot Bitcoin ETF

The issue of whether the sales of digital assets constitute investment contracts (and therefore securities) remains at the forefront of SEC regulatory issues. Yesterday, in SEC v. Terraform Labs, a federal judge in New York rejected a fellow judge’s recent ruling in SEC v. Ripple Labs[1] that XRP was not a security when sold to the public on secondary markets.

On Monday, U.S. District Judge Jed Rakoff denied Terraform Labs’ motion to dismiss an SEC enforcement action.[2] In that case, the SEC alleged that Terraform Labs and its founder, Do Kwon, defrauded investors and sold digital assets in unregistered securities offerings. In its motion to dismiss, Terraform Labs argued that purchasers of UST did not have an expectation of it being an investment. In allowing the SEC’s case to proceed against Terraform Labs and Kwon, Judge Rakoff declined to follow the recent ruling in SEC v. Ripple.

Continue Reading Federal Court in Terraform Labs Rejects Ripple Decision

In a recent and highly anticipated decision, a court in the Southern District of New York held that Ripple’s cryptocurrency token – XRP – is not inherently a security.  In a setback to the SEC, the court also held that certain sales of XRP to retail investors through blind “bid/ask” transactions[1] were not securities transactions when considering the economic realities and under the totality of the circumstances.  SEC v. Ripple Labs, Inc., et al.[2] 

The court delivered its decision on these “programmatic sales” of XRP to retail investors, as well as its decisions on “institutional” and other types of sales of XRP, when ruling on competing summary judgment motions.  Even though the court’s rulings were limited to the transactions at issue and could be appealed, its decision undermines the SEC’s current position that it requires no additional authority from Congress to regulate both sales of tokens and cryptocurrency trading platforms. 

Continue Reading Ripple’s Legal Waves: Ripple Summary Judgment Ruling Could Have Wide-Ranging Impact

Last week, the U.S. Securities and Exchange Commission brought five insider-trading cases against a slew of individuals. The U.S. Attorney’s Office for the Southern District of New York also announced parallel criminal charges against the defendants in four of the five cases. These cases contain examples of the classical theory and the misappropriation theory of insider trading.

These cases were the result of close coordination with the SDNY and SEC, and they appear to be the result of an enforcement sweep. Increasingly sophisticated data analytics and market surveillance make it highly likely that those who wish to exploit material nonpublic information will be caught, with severe consequences, including disgorgement, criminal restitution, civil penalties, and incarceration.

Continue Reading SEC and DOJ Go On An Insider-Trading Enforcement Spree

Action Implicates Attorney-Client Privilege and Other Concerns

Factual Background

On January 10, 2023, the SEC filed a subpoena enforcement action against Covington, a large law firm that was victimized by the so-called Hafnium cyberattack by Chinese state actors.[1]  Hafnium reportedly was engaged in espionage to determine priorities of the incoming Biden administration in November 2020.  The SEC seeks names of Covington clients whose information was accessed by the attackers.  Covington has refused to supply the name of its clients, arguing that such information is protected by the attorney-client privilege and work-product doctrine, and that compliance with the subpoena would be unduly burdensome.

Continue Reading SEC Files Subpoena Enforcement Action Against Covington & Burling, Seeking Names of Clients Impacted by Chinese State-Sponsored Cyberattack

Recent Enforcement Action

The requirement that financial firms preserve books and records is nothing new.  But how do such firms keep track of employees’ communications on applications like Signal or WhatsApp? 
Continue Reading Financial Regulators Focus on Preservation of Ephemeral Messaging

Corporate officers and directors sometimes view having a Rule 10b5-1 trading plan as an impenetrable barrier to facing insider-trading charges.  But a recent case announced by the SEC demonstrates that such plans are not bulletproof.[1]  If an executive enters into such a plan while in possession of material nonpublic information, insider-trading charges could ensue.
Continue Reading SEC Charges Public Company Executives with Insider Trading Despite Trading Through Purported Rule 10b5-1 Trading Plans

Recently, in SEC v. Spartan Securities Group, Ltd, et al.[1], a Florida federal court held that the Securities and Exchange Commission (“SEC”) could seek disgorgement and direct funds to the Treasury because the defrauded victims could not be identified.[2]
Continue Reading Florida District Court Permits the SEC to Pay Disgorgement to the US Treasury Where Victims of the Fraud Could not be Identified

On May 3, the SEC announced that the Cyber Unit in the Division of Enforcement is renamed the “Crypto Assets and Cyber Unit” and will expand by 20 positions to approximately 50 positions.[1]  Regulation of digital assets has been a key initiative of SEC Chair Gary Gensler, who previously chaired the CFTC.

The press release emphasizes the explosion of crypto markets in recent years and says that the Crypto Assets and Cyber Unit will be vital to protect investors and efficiently regulate financial markets.  The expanded unit will concentrate on investigating securities violations relating to:
Continue Reading SEC Expands and Renames Cyber Unit to “Crypto Assets and Cyber Unit”

On April 5, the Public Company Accounting Oversight Board levied a $100,000 fine against Scott Marcello, the former Vice Chair of Audit at KPMG.  The penalty is noteworthy for two reasons: (1) it’s the largest monetary penalty ever levied by the PCAOB in a case settled with an individual; and (2) it’s the first matter in which the PCAOB has sanctioned someone for failure to reasonably supervise, despite being authorized to impose sanctions on this basis under the Sarbanes-Oxley Act of 2002 (SOX).  See Section 105(c) of the Sarbanes-Oxley Act of 2002 (SOX).
Continue Reading The PCAOB Brings First Failure-To-Supervise Case