The SEC fined a large broker-dealer/investment adviser $3.6 Million because its inadequate compliance and supervisory program failed to stop a broker from stealing from clients. The broker, currently facing criminal charges, exploited a weakness in the firm’s control systems that allowed third party disbursements up to $100,000 per day based on representations that the broker received oral instructions. According to the SEC, the broker misappropriated $7 Million from four advisory accounts. Although the firm did have policies and procedures that included ad hoc manual supervisory reviews, the firm did not require authorization letters, call back clients to verify instructions, or record calls.
OUR TAKE: A motivated miscreant will find the weaknesses in your compliance and supervisory system. To avoid this type of theft, a firm should prohibit any third party money movement without the review of a supervisor or compli-pro.
The SEC fined and barred from the industry an anti-money laundering compliance officer for failing to file Suspicious Activity Reports. The SEC asserts that the AML CO ignored red flags about heavy trading in low-priced securities including specific alerts provided by the clearing firm and warnings from the SEC OCIE staff. The SEC also commenced proceedings against the previous AML CO for similar failures. The Bank Secrecy Act and the firm’s Written Supervisory Procedures specifically required filing of SARs for several transactions that the respondents ignored over a 2-year period. The SEC also fined the firm and its CEO.
OUR TAKE: This firm did not have the requisite compliance “tone at the top” when 2 compliance officers and the CEO all ignored AML red flags, yet the SEC seeks to hold the compliance officers specifically accountable. Also, compliance officers should take note that they don’t escape liability for past actions when they quit a job. The SEC can still bring charges against former employees for misconduct that occurred while they acted in a compliance function.
The SEC fined a deregistered investment adviser and barred its former principal for multiple compliance failures involving double dipping, Form ADV disclosures, fee rebates, and misrepresentations. The respondents recommended that clients invest in private funds in which the principal held ownership and managerial interests. Although the SEC acknowledges that clients knew about the conflict, the firm failed to list and describe the conflicts on Form ADV. The SEC also charges the firm with multiple compliance program failures including inadequate policies and procedures and failing to conduct annual testing of the compliance program.
OUR TAKE: There is no such thing as declaring regulatory bankruptcy: the SEC’s long arm won’t let a firm engage in wrongdoing and then simply de-register to avoid consequences. Compli-pros should also note that disclosure alone will not always cure significant conflicts of interest, such as fee double dipping for advisory services along with underlying products.
Today, we offer our “Friday List,” an occasional feature summarizing a topic significant to investment management professionals interested in regulatory issues. Our Friday Lists are an expanded “Our Take” on a particular subject, offering our unique (and sometimes controversial) perspective on an industry topic.
Every year, we offer our predictions on what will happen in the investment management regulatory world. Last year, we went 4-6 (not great on a test, but pretty good in baseball). We were right about the fiduciary rule, whistleblowers, state enforcement, and individual liability. We missed on our predictions of regulatory changes and how the industry would respond to the increased demand for bonds.
The current uncertain regulatory environment has changed our hubris to humility. Thus, it is with humble intent that we look forward to offer our 2018 predictions:
Predictions for the 2018 Regulatory Year
- More states will adopt fiduciary rules. Nevada has already adopted a uniform fiduciary standard in the wake of the DoL’s delay. We expect other states (e.g. California, New York, Connecticut) to follow.
- The SEC will propose a uniform fiduciary rule for retail advisers and broker-dealers. Chairman Clayton has spoken publicly about the need for the SEC to wade into the fiduciary waters. Expect a proposed rule this year.
- The SEC will commence significant cybersecurity enforcement actions. The staff has done a sweep and issued guidance. We have not yet seen significant enforcement actions. We expect several this year.
- There will be cases alleging C-suite wrongdoing in private equity. The SEC Enforcement Division has focused on the private equity industry for the last couple of years. Given their interest in prosecuting senior executives to deter unlawful conduct, expect a couple of big cases against private equity execs.
- FINRA will bring actions against firms for hiring bad brokers. Rather than simply prosecute the brokers, FINRA will dedicate some enforcement resources to firms that fail to screen out the bad brokers, thereby making it a firm responsibility.
- SEC and/or FINRA will bring cases alleging inadequate branch office supervision. Both regulators have expressed concerns about remote office supervision. Enforcement cases will ensure the industry’s attention.
- The SEC will commence significant marketing/advertising cases. Seemingly out-of-the-blue, the SEC warned advisers about misleading marketing and advertising claims. We are assuming that OCIE is uncovering a lot of problems.
- The SEC will propose a re-write of the custody rule. The custody rule has the right intent, but the rule itself is too open to interpretation and questions (see multiple FAQs). We think the Division of Investment Management will undertake a re-write (although maybe this is just wishful thinking.)
- The SEC will propose cryptocurrency regulations. Bitcoin futures are flying high. The SEC has expressed its opinion that it should regulate cryptocurrency offerings. We expect some rules.
- The SEC will re-propose the ETF rule. Plain vanilla ETFs should have a rule that allows them to proceed without an exemptive order. The SEC proposed and abandoned a rule several years ago. We anticipate that the SEC will resuscitate the effort.
The SEC has commenced enforcement proceedings against a fund manager and its principal/CCO for ignoring exam deficiencies about its compliance program and other violations. The SEC examined the respondents in 2010 and 2014 and noted several compliance deficiencies, which the SEC asserts the respondents ignored. The SEC charges the dual-hatted principal with failing to perform any work on the compliance program, adopting a stock manual that was not properly tailored to the business, or conducting any compliance review. The SEC also faults the respondents for charging compliance costs to the funds. The SEC additionally charges undisclosed conflicts of interest, misrepresentations, and valuation issues.
OUR TAKE: The SEC doesn’t always give you a second chance to fix cited deficiencies. But when they do and you don’t, expect an enforcement action. Also, this is another example of the failure of the dual-hatted CCO model, where an executive ignored his compliance responsibilities. Penny wise and pound foolish.
The SEC fined and censured a hedge fund firm for failing to stop its research analyst from sharing confidential information with his wife, who ran another hedge fund. The research analyst helped his wife start the competing firm and provided internal confidential information including investment models, research and recommendations. In fact, holdings of the two hedge fund firms significantly overlapped. After the respondent become aware and warned the research analyst about sharing confidential information, it failed to stop the conduct despite policies and procedures about email review and maintaining confidential information. The SEC faults the firm for failing to supervise and for failing to implement an adequate compliance program that would effectively monitor and halt unlawful conduct.
OUR TAKE: You must walk the compliance walk, not just talk the compliance talk. Registered firms must implement compliance policies and monitoring, not simply adopt broad policies and procedures that sound good.
A privately-held benefits consulting firm agreed to pay a $450,000 fine, and its former CEO agreed to pay over $500,000, for failing to disclose compliance failures during fundraising. The SEC maintains that the firm evaded state insurance licensing laws by rigging online examination courses and allowing employees to sell insurance without required licenses. The SEC charges that the firm violated the securities laws by failing to disclose the compliance failures when raising money from institutional investors during at least 3 financing rounds that raised over $500 Million. The related stock purchase agreements included false representations that the company complied with applicable laws including licensing requirements. The respondent has also faced regulatory actions by at least 40 states who have imposed more than $11 Million in sanctions. As part of the SEC settlement, the company created a Chief Compliance Officer position.
OUR TAKE: Be very careful when claiming compliance with applicable laws in disclosure or fundraising documents. You might want to ask your Chief Compliance Officer if any issues require more disclosure. The SEC can use holes in your regulatory compliance as a predicate to an enforcement action for securities fraud.
The SEC fined and censured a large investment adviser for failing to implement adequate compliance polices that could have prevented a managing director from cherry-picking trades for his own benefit. The MD had exclusive access to an omnibus account at the firm’s prime broker through which he allocated trades after the close of the trading day. According to the SEC, the MD allocated 99% of profitable trades to his own account. The SEC faults the firm for failing to adopt or implement adequate policies and procedures or supervisory controls. Ultimately, the prime broker discovered the cherry-picking scheme and terminated the block trading account. As part of the remedy, the SEC has required the adviser to pay client remediation based on first-day returns of less than .25%, the blended return earned on all of the accounts including the personal allocations.
OUR TAKE: Although the firm did not benefit from its employee’s misconduct, it suffers the regulatory consequences for failing to implement an adequate compliance and supervisory program to stop a bad actor. Firms without a compliance infrastructure have no defense against regulatory accusations involving rogue employees. Separately, it is worth noting that the SEC, for the first time (we think) has used a specific formula (based on total returns) to calculate client remediation in a cherry-picking case.
The SEC fined and censured a broker-dealer because its under-resourced compliance function failed to implement adequate employee and information monitoring procedures. The firm’s Chief Compliance Office, who also served as a relationship manager, was initially appointed despite a lack of compliance experience. He pleaded for more compliance resources, including the use of a third party compliance consultant, to monitor the firm’s 45+ registered representatives, but the CEO refused because the firm “needed to generate more revenue before it could spend more money on compliance.” As a result, the broker-dealer failed to review employee securities trading, review a sufficient number of emails, and monitor information barriers.
OUR TAKE: Registered advisers and broker-dealers should retain a fully-committed CCO – either through hiring or by retaining a third party compliance firm – that has significant compliance experience. Dual-hatting an unqualified internal employee will not satisfy the regulators. Also, firms must adequately resource the compliance function. Based on previous benchmarking studies, most SEC-regulated entities spend between 7%-20% of total operating costs on compliance, with a minimum of 5% of revenues.
The IA/BD subsidiary of a large bank agreed to pay almost $1.3 Million in disgorgement and a $1.1 Million fine for putting wrap fee clients in funds that paid a 12b-1 fee back to the selling reps. The SEC faults the firm for failing to recommend that clients move assets into lower-fee share classes as those classes became available over time. Although the firm disclosed that it may receive 12b-1 fees, it did not disclose that it actually received those fees and that lower classes were available. The SEC noted that the IA/BD made changes to qualified accounts but failed to implement similar changes to non-qualified accounts. In addition to best execution, fiduciary, and disclosure violations, the SEC criticized the firm’s compliance program because the respondent failed to update its compliance policies and procedures as institutional share classes became available.
OUR TAKE: A compliance program is not a static exercise that you can set and forget. As the markets and the business changes, firms must continuously review policies and procedures to determine if they still make sense given new realities. In this case, the wider availability of institutional share classes necessitated changes to the firm’s compliance practices.