Home » Archives for April 2019

Month: April 2019

Large Bank Lied about Hedge Fund Due Diligence Process

The SEC fined a large commercial bank for failing to disclose that it only recommended hedge funds that paid a portion of the management fee back to the bank.  The bank marketed a robust due diligence process conducted by a purportedly independent, in-house research group performing a multi-step due diligence process to select hedge funds from an “extremely large universe.”  In fact, the bank only recommended hedge funds that paid back management fees that it called “retrocessions.”  Although the bank disclosed that it might receive revenue sharing and the amount actually received from each hedge fund, the actual due diligence process did not comport with marketing promises.  The bank, which is not a registered adviser or broker-dealer, was charged with violating the Securities Act’s anti-fraud provisions (17(a)(2)).

Check the marketing team’s enthusiasm at the door.  The SEC doesn’t allow firms an exception from the securities laws for product hype, regardless of how clients/investors may perceive the statements.  Rather than caveat emptor (buyer beware), caveat venditor (seller beware) governs sales of securities products.  

The Friday List: 10 Reasons Outsourcing Compliance Beats Hiring an In-House Chief Compliance Officer

Today, we offer our “Friday List,” an occasional feature summarizing a topic significant to investment management professionals interested in regulatory issues.  Our Friday Lists are an expanded “Our Take” on a particular subject, offering our unique (and sometimes controversial) perspective on an industry topic. 

Over the last several years, an increasing number of investment management firms have chosen to outsource the Chief Compliance Officer role and associated compliance function.  In our experience, these firms make this decision for rational business reasons based on an assessment that outsourcing the compliance function is better than hiring a full-time employee.  Usually, firms consider outsourcing because of an external event such as a less-than-perfect SEC exam or an institutional due diligence process that suggests unknown weaknesses.  Some firms decide to outsource after yet another internal CCO changes jobs.  Other times, firm management simply gets frustrated with the inherent limitations of the one internal compliance person.  Regardless, we list below the top 10 reasons investment firms should outsource the CCO role and compliance function rather than hire an in-house employee.

10 Reasons Outsourcing Compliance Beats Hiring an In-House CCO

  1. Experience: A team of professionals can draw on decades of aggregate compliance experience to address a firm’s regulatory challenges.
  2. Knowledge: No one person can provide the depth of knowledge of several compliance professionals working collaboratively. 
  3. Independence: A third party firm offers investors and other stakeholders an independent assessment of a firm’s compliance strengths and weaknesses.
  4. Industry best practices: A multi-person team working with multiple clients across the country has the industry vision to inform the compliance program.
  5. Accountability: A compliance firm stands behind its work and advice with a service level agreement and professional liability insurance. 
  6. 24/7/365 support: A person may take PTO, but a team of professionals is available at all times for any emergency including unplanned client due diligence and SEC exams.
  7. Personal liability: Serving as CCO involves significant personal liability, which is better left to professionals that understand and accept the regulatory and career implications. 
  8. Frees up internal resources: Internal personnel can focus on core activities such as portfolio management and fund-raising.   
  9. Management: Senior managers can avoid the confusing and time-consuming process of hiring, retaining, and managing an internal CCO, only to start the process anew in the event the CCO leaves. 
  10. Cost savings: Because of program efficiencies, outsourcing generally costs less than hiring a full-time employee. 

Fund Manager Did Not Conduct Adequate Investment Due Diligence

A formerly-registered fund manager was fined and censured for failing to conduct sufficient due diligence on underlying investments, which resulted in significant losses for the funds.  The fund manager invested $4 Million in a Norwegian trading strategy that promised repayment plus $40 Million in interest.  The fund manager represented that he conducted significant due diligence and that his financial advisers approved the investment.  In fact, the fund manager’s due diligence consisted of several phone calls and some Google searches.  Also, his lawyer, accountant, and fund administrator counseled further due diligence before investing. 

It is unclear how much due diligence is enough, but an investment that promises a 1000% return likely requires more than a few phone calls.  When financial professionals recommend a losing investment, they bear the burden of proving that their recommendations and due diligence satisfied their fiduciary and/or suitability obligations. 

Marketplace Lender Fined $3 Million for Overstating Returns Due to Coding Errors


A marketplace lender agreed to pay a $3 Million fine for overstating returns because of coding errors.  The SEC asserts that the firm’s legacy coding omitted charged-off loans from historical performance calculations once the charged-off loans were sold to a third party.  According to the SEC, the firm knew as far back as 2014 that its legacy code had significant issues but failed to fix the code affecting the return calculations.  The firm used the inflated returns in client reporting and marketing. 

As firms implement FinTech and RegTech, they cannot simply set it and forget it.  Compliance, operations, and IT personnel must work together in real time to ensure that systems reflect current regulatory requirements.  Technology is a great tool, but it is not the complete answer to regulatory compliance. 

SEC Commissioner Questions Informal Staff Guidance

SEC Commissioner Hester Peirce recently criticized unpublished staff guidance that operates as de facto legal precedent without going through a process that ensures transparency and accountability.  Referring to the securities regulatory framework as a “compliance minefield” where the wrong move can be a “matter of professional life or death,” Ms. Peirce questioned the propriety of informal staff positions about specific products or types of businesses.  She characterized sub rosa staff guidance as secret law that binds firms without legislative authority, effective oversight, or consistency. 

We agree that unpublished staff guidance can result in industry favoritism and (perceived) unfairness.  The next question is how the SEC addresses Ms. Peirce’s very legitimate concerns. 

Firm’s Weekly Email Reviews Were Not Adequate According to FINRA

FINRA censured and fined a broker-dealer for inadequate email reviews.  Although the firm, through its President/CCO, conducted weekly reviews, FINRA charges that the firm’s random sampling and lexicon-based reviews were not sufficient given the firm’s size and risk areas.  The firm used 24 search terms provided by its email provider, but FINRA asserts that the search terms did not reflect a meaningful assessment of risk areas and resulted in a large number of false positives.  FINRA faults the firm for failing to change the email reviews “[d]espite the obvious indications that the firm’s lexicon system was not reasonably designed.”  FINRA also criticizes the firm’s Written Supervisory Procedures for omitting specific email review procedures. 

Just doing email reviews isn’t enough.  A firm must conduct effective email reviews that can statistically assess whether supervised persons are complying with the securities laws.  We call this “compliance alchemy” i.e. the appearance of compliance without the implementation of adequate procedures and testing.

SEC Warns About Failures to Protect Personal Information

The SEC’s Office of Compliance Inspections and Examinations has published a Risk Alert calling out advisers and broker-dealers for their failures to protect personal information.  Based on deficiencies identified over the last 2 years, the SEC found failures related to privacy notices, policies and procedures, and physical safeguards.  The SEC faulted registrants for failing to deliver initial and annual privacy notices or for delivering notices that did not accurately reflect policies and procedures.  The SEC found firms that completely failed to adopt policies and procedures by simply restating the Safeguards Rule.  Other firms either adopted weak policies and procedures or failed to properly implement them.  Some common deficiencies included unsecure laptops, unencrypted emails, inadequate training, insufficient control of third-party vendors, inadequate incident response plans, and shared login credentials.  OCIE states that the Risk Alert is intended “to assist advisers and broker-dealers in providing compliant privacy and opt-out notices, and in adopting and implementing effective policies and procedures for safeguarding customer records and information.” 

Compli-pros should ensure the annual testing program includes the privacy notice process and the implementation of policies and procedures to avoid the highlighted issues.  It may make sense to combine the testing with the required cybersecurity assessment. 

Day Trader Lied About Track Record

The SEC charged an unregistered day trader for lying about his trading success and misappropriating client funds. The defendant convinced clients to hire him by asserting that that he had done very well as a day trader over several years and then promised over 50% annualized returns.  Once retained, the trader did very poorly and siphoned client assets for personal expenses.  According to the SEC, he then concealed his misconduct by delivering false account statements and implementing a microcap wash sale scheme.  The defendant also faces criminal charges brought by the U.S. Attorney’s Office for the Eastern District of New York.

Lying about your investment track record constitutes securities fraud, subjecting you to civil and criminal penalties.  Do not make performance claims unless you can affirmatively support your claims with hard data. 

Charged CFO/GC Agrees to Cooperate to Avoid Big Penalty

The former Chief Financial Officer/General Counsel of a technology company settled an enforcement action which included requiring him to pay over $400,000 in disgorgement and interest. The CFO/GC avoided a civil penalty by agreeing to cooperate in a related enforcement action.  The SEC charges the CFO/GC with turning a blind eye to inflated financial statements prepared by the CEO to help sell insider shares in secondary market transactions.  The CEO recently settled charges by agreeing to pay more than $17 Million.  Although the respondent did not have a financial background, the SEC asserts that he knew or should have known that the financial statements were misleading based on internal communications with the CEO and internal accounting professionals.

Corporate executives cannot avoid accountability by claiming that they were just following orders.  The SEC has maintained that senior executives have a duty to investors and the markets to stop financial wrongdoing at the companies they steward.  Once charged, the SEC will often use its leverage to encourage cooperation in cases against others in the C-Suite.

Investment Adviser Sentenced to Over 7 Years in Prison

A financial adviser was sentenced to more than 7 years in prison and ordered to pay over $3 Million in restitution for misappropriating client funds by forging client signatures and altering account statements.  The SEC alleged that the defendant made 56 unauthorized withdrawals from client account over a five-year period.  The SEC also charged that the defendant lied to her firm and provided fake documentation to hide her activities.  The SEC charged her with violating the Advisers Act and with securities fraud.  The prison sentence arose from parallel criminal proceedings brought by the U.S. Attorney for the District of Massachusetts for wire fraud, investment adviser fraud, and aggravated identity theft.

Although the SEC does not have criminal prosecution powers, it has the discretion to refer matters to the U.S. Attorney once it uncovers securities wrongdoing.  If the DoJ can make a federal criminal case because of fraud or theft, an investment adviser can end up a guest of the state for several years.