The Chief Compliance Officer must be “competent and knowledgeable” in the Advisers Act, according to the compliance rule’s adopting release. An unqualified CCO in and of itself violates the compliance rule and can result in significant firm and personal liability. Every firm should retain a third party CCO firm or hire a qualified regulatory professional. Appointing whoever drew the short straw at the management meeting won’t cut it with the SEC.
CCOs must proceed with caution with WSPs and work expectations to avoid assuming responsibilities that s/he will not or cannot undertake. You may think you’re helping out or just being a good team player when, in fact, you are assuming significant regulatory liability. No good deed goes unpunished when the work doesn’t get done.
We think the standard should be much higher i.e. that a CCO should only be liable if s/he participated in the wrongdoing, actively covered it up, or directly and personally benefited. We in no way condone the lack of diligence alleged in this case. Perhaps, the CCO should have been terminated (or never hired in the first place). However, so long as the SEC continues to hold CCOs liable based on retrospective and subjective determinations of how well the CCO implemented the program, good compliance people will continue to either leave the industry or demand hazard pay.
The CCO should review the compliance manual or WSPs and ensure s/he understands and undertakes all designated responsibilities. If the CCO can’t or won’t follow the procedures, then s/he must revise the procedures to satisfy regulatory requirements while reflecting the firm’s accurate allocation of authority.
OUR TAKE: This is what we call “voodoo compliance” i.e. using purported compliance as a tool to further securities law violations. The SEC has become wise to firms that implement sham compliance programs.