Only retain service providers that have specialized knowledge and experience in asset management. You wouldn’t hire a family physician to perform surgery, so why would you hire a general practice accounting firm to conduct specialized regulatory audits? The same rationale applies to your lawyers, administrators, and compliance consultants.
FINRA has fined a large broker-dealer $10 Million for widespread anti-money laundering compliance failures arising from failed systems, insufficient resources, and poorly-designed supervision. FINRA charges that the firm’s wire transfer surveillance system failed to collect required data and thereby omitted information that should have been transmitted to the AML surveillance system. FINRA also faults the firm for significantly understaffing the AML surveillance team, resulting in cursory reviews. The firm was also faulted for improperly allocating supervisory responsibility over surveillance of penny stock trades. FINRA rules require member firms to implement an anti-money laundering program to ensure compliance with the Bank Secrecy Act. A FINRA Enforcement official chided the industry, noting that the regulator “continues to find problems with the adequacy of some firms’ overall AML programs, including allocation of AML monitoring responsibilities, data integrity in AML automated surveillance systems, and firm resources for AML programs.”
Anti-Money Laundering compliance remains a huge challenge for broker-dealers that must spend significant resources on both technology and personnel to ensure adequate monitoring. Regardless, we recommend upgrading your systems and processes before the regulators force your hand with enforcement actions and multi-million fines.
released its 2019 Examination Priorities Letter, spotlighting new areas
including online distribution platforms and fintech, regulatory technology, digital
assets, and fundraising for outside business activities. FINRA will closely scrutinize member firms’
participation with online securities distribution platforms and whether firms
are aiding the unlawful distribution of unregistered securities by handling
customer accounts and/or receiving transaction-based compensation. When using regulatory technology tools, firms
will be asked how they supervise third party vendors and how they protect customer
information. FINRA will work with the
SEC to ensure that member firms implement adequate controls and supervision when
engaging with digital asset offerings through marketing, clearing, and
recordkeeping activities. FINRA continues
its focus on outside business activities with a special emphasis on fundraising
for personal benefit. FINRA also makes
clear that it will continue to review firms for compliance with longstanding
priorities including suitability, fund share classes, private placements,
communications, AML, cybersecurity, senior investors, best execution, and
Compli-pros should read this Examination Priorities Letter together with the recently released Examinations Findings to create an inventory of compliance risks that the firm should immediately address through gap analysis and enhanced procedures. Our experience is that the FINRA examiners hew closely to the announced priorities.
Today, we offer our “Friday List,” an occasional feature
summarizing a topic significant to investment management professionals
interested in regulatory issues. Our
Friday Lists are an expanded “Our Take” on a particular subject, offering our
unique (and sometimes controversial) perspective on an industry topic.
As the partial federal government shutdown continues, the
investment management industry is beginning to feel the effects of reduced SEC
operations. The people most affected are those furloughed
SEC employees who lose compensation every day the shutdown continues. However, the entire industry has been affected. Below is our list of the top 10 effects of
the partial federal government shutdown.
Effects of the Government Shutdown
New product approvals. New products including registration statements must await approval until the furloughed workers return.
Exams. The OCIE staff has delayed ongoing exams until the shutdown ends. It is unclear whether the shutdown will reduce the total number of exams.
Enforcement litigation. While the SEC continues to conduct market surveillance, ongoing litigation that is not time-sensitive will be delayed.
Regulatory information. The SEC is not posting regulatory information or interpretations on its website during the shutdown
Exemptive applications/No Action Letters. Requested exemptive applications and no-action letters seeking relief from the black letter rules cannot go forward without SEC staff.
New rules. The SEC is not reviewing potential new rule initiatives or comments to current proposals.
Travel. Many of our clients and colleagues have delayed travel to discuss new initiatives or to attend meetings.
Service providers. With asset managers unable to launch new products, service providers such as lawyers and fund administrators must wait for their clients to go forward.
Conferences. It is unclear whether SEC officials will attend this winter’s industry conferences where they traditionally provide some guidance. Even if they do attend, any guidance will necessarily depend on how long the shutdown continues.
Industry outreach. The SEC will likely delay industry outreach to management, compliance professionals and boards.
hedge fund seeding platform created by a large asset manager agreed to pay over
$2.7 Million in disgorgement, interest and penalties for over-allocating
internal expenses. The respondent
created private equity funds to invest in third party hedge fund managers. The firm then created an internal group of
employees tasked with helping hedge fund managers in which the funds invested
to attract new capital, launch products and optimize operations. Pursuant to their organizational documents,
the funds would pay up to 50 basis points for these activities. The SEC charges that the respondent allocated
all the group’s compensation expenses to the funds even though they spent a
portion of their time on activities that benefitted the fund sponsor and
unrelated to the enumerated activities.
The SEC faults the firm for failing to implement appropriate compliance
policies and procedures and for making material misstatements.
Do not charge expenses to managed funds unless the organizational and disclosure documents are absolutely clear that the funds will bear the expenses. When doing internal expense allocations, always err to the side of benefitting the fund rather than the fund manager.
We expect several enforcement actions this year based on the failure to offer the lowest mutual fund share class available. We recommend that advisers conduct an internal reviews of recommendation practices and take action to reimburse clients.
The SEC fined and censured a now-defunct robo-adviser for disseminating misleading marketing information that purported to show outperformance versus competitors. The SEC asserts that the respondent understated the performance of competitor robo-advisers by using only publicly available information and failing to account for actual weightings. The SEC faults the firm for publishing information without the documents or data to support its performance claims. The SEC also maintains that the firm inflated its own performance by cherry-picking certain clients and time periods. The SEC faults the firm for failing to have policies and procedures requiring the review of marketing materials in part because the Chief Compliance Officer was not aware that social media posts constituted marketing materials under the Advisers Act.
We hate (HATE!) the concept of using a competitor’s name and/or information in marketing and advertising. You are inviting your competitor to prove you wrong and thereby call you out on a regulatory violation.
FINRA has issued a report on cybersecurity best practices to assist firms in the development of their cybersecurity programs. FINRA notes that it continues to see “problematic cybersecurity practices” during examinations and that firms identify cybersecurity as a “primary operational risk.” The report focuses on strengthening cybersecurity controls in branch offices, ways to limit phishing attacks, how to mitigate insider threats, the elements of an effective penetration testing program, and adequate controls for mobile devices. The report also includes an appendix that lists core cybersecurity controls for small firms including patch maintenance, access management, vulnerability scanning, and email protection.
The 19-page report does a good job describing every cybersecurity nightmare scenario, which may be instructive for those C-suite executives still in denial. The best part of the report is the small firm appendix that focuses on key issues.