Home » Compliance

Category: Compliance

SEC Finds Pervasive Regulatory Failures by Registered Funds and Boards

 

The SEC’s Office of Compliance Inspections and Examinations (OCIE) has warned the registered fund industry about rampant regulatory violations involving compliance programs, disclosure, advisory contract approvals, and Codes of Ethics.  In a recent Risk Alert detailing common deficiencies and weaknesses uncovered during 300 examinations over the last two years, OCIE chided the industry for weak compliance programs including policies and procedures that failed to prevent violations of investment guidelines or to ensure fulsome disclosure in fund marketing materials; breakdowns in providing the Board with adequate fair valuation information and broker quotes; weak service provider and subadviser oversight; and inadequate annual reviews.  OCIE also criticized the information used to approve advisory contracts as well as shareholder disclosure in offering documents.  OCIE also warned that funds need to enhance their Codes of Ethics including reporting and how to define “access persons.”

Hire better service providers.  Not every lawyer knows the Investment Company Act Board approval, disclosure, and reporting rules.  Not every compliance person understands Rule 38a-1 and how to implement fund procedures and testing.  Not all administrator/distributors understand the differences between private funds and registered funds.  You wouldn’t hire a neurologist to perform surgery.  You shouldn’t hire just any lawyer or compliance consultant to implement your registered fund regulatory program. 

Firm Wrongly Relied on Inexperienced Compliance Associate

 

A broker-dealer was censured and fined for delegating certain regulatory obligations to an inexperienced compliance associate.  The firm filed forms with FINRA that certified due diligence about OTC issuers whose quotations it published.  The firm’s policies and procedures required the trader to conduct the necessary due diligence and a firm principal to certify the information.  In practice, an inexperienced compliance associate was tasked with obtaining the information and filing the Form 211s with FINRA by inserting the electronic signature of a principal.

This is an example of what we call compliance alchemy i.e. the appearance of compliance without actually complying.  The firm had the correct procedures and filed the right forms.  However, there was no substance behind the due diligence or the certifications.  The regulators have become wise to firms that simply check the box without actually doing the underlying compliance work. 

SEC Inspections Staff Chides Advisers for Weak Supervision and Compliance

The staff of the SEC’s Office of Compliance Inspections and Examinations (OCIE) has issued a Risk Alert reporting significant compliance and supervision deficiencies.  Based on data collected from a 2017 sweep of over 50 advisers, OCIE found significant weaknesses in how firms hired, supervised, and disclosed information about employees with disciplinary histories.  The OCIE staff also cited frequent compliance deficiencies including failures to supervise how fees are charged, what marketing materials are distributed, and whether remote workers complied with firm policies.  OCIE also discovered that many advisers allocated compliance responsibilities but failed to assign those responsibilities or neglected to require documentation.  The OCIE staff recommends that advisers “reflect on their practices” and implement such best practices as enhanced hiring due diligence, background checks, heightened supervision, and remote-office monitoring.

 

How many times must OCIE warn the industry about compliance, and how many enforcement actions will it take, before firms implement a legitimate compliance program?  An investment adviser should spend at least 5% of revenue on compliance, hire a dedicated Chief Compliance Officer, adopt tailored policies and procedures, test the program every year, and prepare a written compliance report of deficiencies and remediation. 

Hedge Fund Fined $5 Million for Weak Valuation Procedures

The SEC fined a hedge fund $5 Million, and its Chief Investment Officer another $250,000, for failing to properly value portfolio securities. The SEC maintains that the firm over-relied on the discretion of traders to value Level 3 mortgage-backed securities rather than use required observable market inputs. The SEC contends that the firm consistently undervalued bonds to maximize profit upon sale. The SEC faults the CIO for failing to properly review valuation decisions and ensure that the traders followed the firm’s valuation procedures. The SEC asserts violations of the compliance rule (206(4)-7) because the firm failed to implement reasonable policies and procedures to ensure fair valuation of portfolio securities. As part of the settlement, the firm hired an experienced Chief Compliance Officer rather than rely on its prior Risk Committee comprised of executives with limited regulatory and valuation experience.

Valuation is about process. Firms that buy Level 3 securities must create a consistent, documented and contemporaneous process based on objective criteria in order to defend pricing decisions. For compli-pros, one way to test valuation is to sample whether liquidation prices vary consistently (either always higher or lower) than the firm’s internal valuations before liquidation.

Dual-Hat Principal/CCO Caused Multiple Compliance Violations

The SEC charged an investment adviser’s principal, who also served as the firm’s Chief Compliance Officer, with multiple compliance violations. The SEC charges the respondent with (i) overcharging his client, (ii) overstating his assets under management, (iii) failing to disclose two client lawsuits, (iv) misrepresenting the reason he switched custodians, and (v) neglecting to maintain required books and records. The SEC also alleges that the principal aided and abetted violations of the compliance rule (206(4)-7) by purchasing a template compliance manual, omitting required policies and procedures, and failing to implement required procedures. The firm ultimately ceased operations, and the respondent agreed to pay over $500,000 in fines, disgorgement and interest.

The dual hat CCO model (i.e. a senior executive also serving as the Chief Compliance Officer) doesn’t work. The dual-hat CCO usually does not have the time, expertise, or interest to do the job properly. Also, a CCO must have enough independence from the business to properly enforce the applicable regulatory and compliance obligations.

Federal Court Says that Outside Advice is Not a “Get-Out-of-Jail-Free Card”

The United States Court of Appeals for the D.C. Circuit upheld the SEC’s decision that an investment adviser failed to fully disclose mutual fund revenue sharing even if it sought and relied on the advice of outside compliance consultants. The Court found that the adviser acted negligently by failing to fully disclose the conflict of interest inherent by receiving shareholder servicing payments for investing in certain funds offered by its broker/custodian. Although the record was unclear about whether the adviser sought or relied on an outside compliance consultant’s advice, the Court decided that it didn’t matter because “any reliance on such advice was objectively unreasonable because [the adviser] knew of their fiduciary duty to fully and fairly disclose the potential conflict of interest.” The Court did, however, throw out the SEC’s claim that the adviser intentionally filed a misleading Form ADV, because the SEC failed to show that the adviser acted with the requisite intent to deceive.

As we have previously reported, this case argues in favor of seeking outside advice because it will help defend against the claim that you acted with intent, which would draw more punitive penalties. However, the Court here makes clear that relying on outside advice, even though you (should) know otherwise, will not exonerate you from claims that you acted negligently.

SEC Alleges that RIA and Principal Ignored Compliance Obligations

The SEC has commenced enforcement proceedings against an adviser and its principal for disregarding its compliance obligations for over 10 years.  The SEC alleges that the firm did not even draft or adopt compliance procedures until an SEC examination commenced in 2015, 11 years after it initially registered.  The SEC also asserts that the principal named two individuals on Form ADV as Chief Compliance Officers even though neither person had responsibility for compliance, and one of the individuals did not even know that he was named as CCO.  The SEC also charges the firm with failing to conduct annual compliance reviews, comply with the custody rule, and maintain required books and records. 

The SEC will offer no quarter to RIAs who ignore their basic compliance responsibilities.  At a bare minimum, firms must appoint a dedicated and qualified CCO, adopt tailored policies and procedures, annually test the program, and generally attempt to comply with the Advisers Act.  The initiation of proceedings, rather than a settled order, suggests that the SEC intends to pursue aggressive penalties. 

Compliance Failures Cost BDC Manager $4 Million in Penalties and $2.6 Billion in Assets

 A BDC manager’s compliance failures led to nearly $4 Million in fines, disgorgement and penalties and the loss of its advisory business.   The SEC charges the firm with misallocating overhead expenses to the registered Business Development Companies it managed and with overvaluing portfolio companies.  The SEC maintains that the registrant used material nonpublic information about BDC portfolio companies to benefit affiliated hedge funds that it managed.  In 2014, the firm had over $2.6 Billion in assets under management but withdrew its adviser registration in 2017 following the SEC enforcement action.  The SEC asserts violations of the compliance rule (206(4)-7) in addition to a laundry list of other securities laws violations.

Failure to implement an effective compliance program has consequences beyond penalties and fines.  The negative impact to a firm’s and its principals’ reputations could ultimately bring down the entire franchise. 

Compliance Failures Lead to Firm’s Demise

 Compliance deficiencies led to the demise of a private fund manager because of failures to enforce a consistent redemption policy, deliver audited financial statements, and file accurate Form ADVs.  According to the SEC, the firm allowed certain clients and insiders the ability to redeem before the stated 90-day redemption policy.  The firm also failed to deliver audited financials as required by the custody rule.  The SEC also cites the firm for filing inaccurate Form ADVs, including claiming SEC registration eligibility even though the firm had less than $100 Million in assets under management.  The SEC attributes the failures to the firm’s deficient compliance program which used a template manual and did not require annual compliance reviews.   

 OUR TAKE: Failure to implement an adequate compliance program can have real-world implications for the viability of your firm.   A tight compliance program will support a more coherent operating environment that will prevent sloppy business practices that will lose clients and attract regulators. 

 

Broker-Dealer Failed to Discipline Commission-Sharing Traders

 The SEC fined a broker-dealer $1.25 Million for failing to take sufficient disciplinary action against brokers that shared commissions in violation of firm policy.  The SEC asserts that the one broker, who ultimately became a supervisor, assigned accounts to junior traders in exchange for off-the-book kickbacks paid by personal checks.  The transactions violated the firm’s policies and procedures and books and records requirements.  Upon discovering the arrangement 13 years after it began as a result of a FINRA investigation, the firm responded by issuing a memo condemning the activity and offering the participants the opportunity to resign.  The SEC faults the firm for failing to discipline the wrongdoers.

OUR TAKE: Having policies and procedures, but taking no significant action against those who violate them, eviscerates their purpose.  This compliance voodoo – the mere appearance of a compliance program – will draw the ire of the regulators.