Proposed Identity Theft Red Flags Rules

Identity theft is a serious problem. Title X of the Dodd-Frank Wall Street Reform and Consumer Protection Act increased the scope of firms that would be subject to federal regulatory requirements on identity theft rules. The Securities Exchange Commission and the Commodities Futures Trading Commission just published a proposed rule addressing that new scope.

Section 10889(a)(8), (10) of Dodd-Frank amended the Fair Credit Reporting Act by adding the CFTC and SEC to the list of federal agencies required to create and enforce identity red flag theft rules. The new rule proposal would require SEC-regulated entities to adopt a written identity theft program that would include reasonable policies and procedures to:

  • Identify relevant red flags.
  • Detect the occurrence of red flags.
  • Respond appropriately to the detected red flags.
  • Periodically update the program.

The proposed rule would include guidelines and examples of red flags to help firms administer their programs.

As newly registered investment adviser, this looked like a daunting prospect. The rule does list specific entities in its definition of “financial institution.” That means investment advisers and private fund managers are not excluded.

However, the requirements are further limited to a “transaction account: a deposit or account on which the depositor or account holder is permitted to make withdrawals by negotiable or transferable instrument, payment orders of withdrawal, telephone transfers, or other similar items for the purpose of making payments or transfers to third parties or others.” 12 U.S.C. 461(b)(1)(C).

Smartly, the SEC recognizes that most registered investment advisers (and private fund managers) are unlikely to hold transaction accounts and would not qualify as a “financial institution”. One of the questions soliciting comments in the proposed rule is whether the rule should “omit investment advisers or any other SEC-registered entity from the list of entities covered by the proposed rule?”

I think it makes sense to look at the account itself and not just the institution. Particularly in the case of private fund managers, there is usual limited windows when cash can come out of the accounts and be returned to investors.

Even if the limited partner interests are not a transaction account. It may make sense to look at the final rule as a model for some internal policies and procedures.

Sources:

Technical Problems

Sometimes things just go wrong. No matter how hard you try (or don’t) you need to expect the unexpected. Software and systems inevitable break and go down. And when a system goes down, it will inevitably go down at the least convenient time.

The key is testing, redundancy, and back-up. You can’t prepare for all of the potential problems. But you can prepare for some.

My latest technical problem happened right here. Something went wrong with the code that runs this website. Technical support offered some mumbo jumbo on what I could do. I only know just enough html and css to get myself in trouble. I tried a few things, but they each failed to work. I was in way over my head.

I could have spent hours and hours poring through the error logs and files. Or I could have hired someone who knew what they were doing to help out. I don’t have the time or money to do that.

That left me with one choice. Nuke it and start over. Fortunately, I have a system that runs regular back ups. And it worked.

The website’s design is still a mess. The problem appears to have resided somewhere in the old design. That can be fixed eventually. The key is that the data is still intact.

Lesson Learned. Prepare, back-up, and test. I think there is even an SEC rule on the topic.

I end with a recent cartoon from Saturday Morning Breakfast Cereal on the stock market, blame, and reward.

Compliance Bits and Pieces for February 24

These are some compliance-related stories that recently caught my attention:

The SEC’s Whistleblower’s Office did not email you

It’s spam, linked to a virus. [Insert joke here…]

Are Auditors Reporting Fraud And Illegal Acts? The SEC Knows But Isn’t Telling by Francine McKenna in re: The Auditors

Section 10A of the Securities and Exchange Act of 1934 requires reporting by auditors to the Securities and Exchange Commission (SEC) when, during the course of a financial audit, an auditor detects likely illegal acts that have a material impact on the financial statements and appropriate remedial action is not being taken by management or the board of directors…..

So I prepared a Freedom of Information Act (FOIA) request in June and then again in October for the same information Congress and the GAO had previously requested from the SEC. The first request I made covered the entire period since the last report to Congress, 2003, until the present. It also referred to a tracking system that the 2003 report said would be implemented to help track these submissions by auditors and the SEC’s actions on them.

AML Moneyball by C.M. Matthews in WSJ.com’s Corruption Currents

As the field of anti-money laundering software vendors gets more and more crowded, it’s not always easy to spot a stud from a dud.

In 2012, financial institutions will spend an estimated $504 million on AML software products. When a bank relies on software to filter AML watch lists or monitor suspicious transactions, there’s a lot of pressure to get it right.

Celent’s survey of AML compliance vendors is a good place to turn to for the confused financial institution (or AML vendors who want to keep up with their competitors). It reads like Moneyball for AML compliance professionals (though it’s doubtful the report has enough crossover appeal for a Hollywood movie).

Conflicts of Interest in Joint Ventures – the Rights of “Consenting Adults” in the Conflict of Interest Blog

The governance and operation of JVs can certainly raise conflict of interest concerns. For an employee of a JV’s co-owner who is either on the JV’s board or is seconded to the JV whose interests to be treated paramount? Given the inherent tension in situations of this sort, those involved have good reason to clearly articulate applicable duties and expectations.

SEC Sweep Letter for Private Equity Funds

The San Francisco Office of the SEC has an informal inquiry into the valuations of private equity funds. IA Watch has received a copy of the sweep letter from the Division of Enforcement directed to a private equity fund manager.

Some highlights in the request:

  • All formation and offering documents for the fund, including private placement memoranda, limited partnership agreements, and operating agreements
  • List of investors and capital commitments
  • List of all investments, realized amount, and gross IRR
  • All communications with investors regarding fund performance
  • Support for valuations of the fund assets for the most recent fiscal year

It seems to be a fairly short list for an SEC document request. But any SEC document request is intimidating.

The request shouldn’t be construed as indication that there has been a violation of the federal securities law. It’s indication that the SEC is continuing to look for funds and managers that manipulated valuations.

Sources:

Middle Names and Form ADV

When filling out Form ADV, Schedule A and Schedule B require you to disclose control persons, owners, and significant indirect owners of the investment adviser. The instructions call for the full legal name: Last name, first name, and middle name.

And the SEC means it. They require full legal names (last, first, and middle name). If there is no middle name or only a middle initial, the information provided next to the name should reflect as such; (NMN) or (MI ONLY).

Unfortunately, FINRA’s system does not place one of those red stars next to the middle name field indicating that it’s a required field. Similarly, the online IARD filing system’s completeness check does not pick up a missing entry for a middle name.

Dodd-Frankenstein

You would expect that a publication with a libertarian tilt like The Economist would not look favorably at the Dodd-Frank Wall Street Reform and Consumer Protection Act. They call it Too big not to fail. Being The Economist, the article argues with the facts on its side.

  • Dodd-Frank: 848 pages
  • Federal Reserve Act of 1913: 32 pages
  • Glass-Steagall act: 37 pages
  • Sarbanes Oxley: 66 pages

“The scope and structure of Dodd-Frank are fundamentally different to those of its precursor laws, notes Jonathan Macey of Yale Law School: “Laws classically provide people with rules. Dodd-Frank is not directed at people. It is an outline directed at bureaucrats and it instructs them to make still more regulations and to create more bureaucracies.”

It’s not a matter of more regulation. The focus should be on better regulation. Much of Dodd-Frank is just tacked on because it had the momentum to become law. I’m pretty sure extractive minerals had nothing to do with the financial crisis. But Section 1502 of Dodd-Frank requires public companies to make extensive disclosures on the use of conflict minerals in their supply chain.

There are some good things. An unregulated derivatives market was a bad thing. Although, I’m not sure they are getting the regulations right in the new regulated derivatives market.

The test will be the next financial crisis. I assume one will come. Inevitably there will be an oversupply of capital in some area of investment and investors will run in to trouble. Companies will be in trouble, consumer will be in trouble, and investors will be in trouble. Will Dodd-Frank succeed in reducing that likelihood and reducing the impact? Only time will tell.

Compliance Bits and Pieces for February 17

These are some compliance-related stories that recently caught my attention:


Lessons Learned on Compliance and Ethics by Tom Fox

In [Lessons Learned on Compliance and Ethics: The Best from the FCPA Compliance and Ethics Blog ] I have collected some of my posts which I think will help guide you in your own journey through the world of anti-corruption and anti-bribery compliance. I have broken the book down into the following chapters:

  • Some Thoughts on Best Practices
  • The Nuts and Bolts of Compliance
  • Investigations, Enforcement Actions and Legal Issues
  • Summing It All Up

Compliance Rocks: Adele is Phat (And Teaches Compliance Lessons) by Paul Liebman in Corporate Compliance Insights

Sidewalks are paved but students walk where they want to walk. Makes sense to me. Students want to get where they are going as quickly and directly as possible and do not feel the need to follow a path just because it has been paved.

Upcoming 2012 SEC Regulatory Deadlines in Compliance Avenue

Congratulations to all newly registering investment advisers that have submitted their Forms ADV Part 1A and Part 2A via the Investment Adviser Registration Depository (“IARD”) in anticipation of the March 30, 2012 deadline! The Securities and Exchange Commission (“SEC”) generally has up to 45 days after receipt of the Form ADV to declare the registration effective and generally will notify an adviser via email once its registration is declared effective. Registrations may be declared effective at any time during that 45-day period. An adviser can also check on IARD under the heading “Registration/Reporting Status” to see if its registration has been declared effective. Below is a review and reminder of certain of the annual regulatory requirements that may be applicable to investment advisers…

Financing, Fundraising, Pre-Selling Are Starting to Blur… by William Carleton

It’s a reminder, as we watch some kind of crowdfunding securities law exemption develop in Congress, that there are other things to sell besides a share in the profits of a business. Does it mean that selling shares in the profits of a business are not interesting? Certainly not. But add another means to bypassing equity financing at the outset. This is not your grandfather’s bootstrapping.

Annals of private equity, Tamara Mellon edition By Felix Salmon

It’s always love and kisses when a private-equity company takes control of your firm: they promise investment, and growth, and riches beyond your wildest dreams. All of which came true for Mellon (who acquired her surname by marrying a man with 14 trust funds, but that’s another story). But then the clock strikes midnight, and your eager backers are forced — they have LPs to answer to, after all — to sell your company out from under you.

SEC to elevate role of the CCO By Jim Kim in FierceComplianceIT

In the nitty-gritty of an enforcement situation, smart companies are realizing that they will get credit from the regulators if they have appropriate compliance policies in place.

Tighter Rules on Advisory Performance Fee Charges

Under the Investment Advisers Act, an adviser can only charge a performance fee if the client was a “qualified client”. The SEC equates net worth with sophistication, so a “qualified client” had to have a level assets to prove their financial sophistication. Those levels are now officially increased.

The original standard was that the client had to have at least $500,000 under management with the adviser immediately after entering into the advisory contract (“assets-under-management test”) or if the adviser reasonably believed the client had a net worth of more than $1 million at the time the contract was entered into (“net worth test”). Those levels were increased to $750,000 and $1.5 million in 1985 to adjust for inflation.

The Dodd-Frank Wall Street Reform and Consumer Protection Act called for Section 205(e) of the Advisers Act to adjust those levels for inflation and re-adjust the levels every five years. The SEC also decided to toss out the value of a person’s primary residence, just as they did with the new accredited investor standards.

The rule now requires “qualified clients” to have at least $1 million of assets under management with the adviser, up from $750,000, or a net worth of at least $2 million, up from $1 million.

The SEC is using the same primary residence calculation they used in the new accredited investor standard. So, if you owe more on your mortgage than the value of your house, then you need to treat the overage as a negative asset. As the SEC did with the accredited investor standard, the SEC requires certain mortgage refinancings to be counted against net worth. If the borrowing occurs in the 60 days preceding the purchase of securities in the exempt offering and is not in connection with the acquisition of the primary residence, the new increase in debt secured by the primary residence must be treated as a liability in the net worth calculation. This is intended to prevent manipulation of the net worth standard, by eliminating the ability of individuals to artificially inflate net worth under the new definition by borrowing against home equity shortly before participating in an exempt securities offering. Once again, owning a house can only be a negative for the SEC standards.

While I used the CPI-I standard as the benchmark for inflation, the SEC chose to use the Personal Consumption Expenditures Chain-Type Price Index (“PCE Index”), published by the Department of Commerce. One of the questions from the SEC in the proposed rule was whether the PCE index was the appropriate measure of inflation. They’ve decided to use this index and continue to benchmark it against the original test amounts. In five years, you will be able to predict what the new levels will be.

As for private  funds, Rule 205-3(b) requires a look -through from the fund to the investors in the fund. Each “equity owner … will be considered a client for purposes of the” limitation.  If the fund is relying on the 3(c)(7) exemption from the Investment Company Act then the fund’s investors should be “qualified purchasers”  and you won’t need to look much further. If the fund is using the 3(c)(1) exemption, then it will need to take a closer look at its investors to make sure that each is a qualified client.

Sources:

Occupy the SEC

In jest, I wrote that we should occupy the SEC, but noted that they are very open to comments and influence by the public. One of the comments to that story was from a group organized as Occupy the SEC and they were planning to comment on the Volker Rule.

They submitted a massive comment letter attacking not only the proposed regulation. It is a 325 manifesto.

“We believe the Volcker Rule is important to the future of the banking industry and, if strongly enforced, will help move our financial system in a more fair, transparent, and sustainable direction. Prohibiting banking entities from engaging in proprietary trading and banning their sponsorship of covered funds are key elements to regulating the financial system and giving force to the Dodd-Frank Act. At its core, the Volcker Rule seeks to make sure that if a banking entity fails, it does not bring down the whole system with it. We appreciate the momentous challenges that the Agencies continue to face in effectively implementing the Rule, and we present these comments to assist them in their task.”

Like most commenters, and even Mr. Volker himself, Occupy the SEC labels the proposal a “500-page web of complexity”. But rather than complain and make some generic statements, Occupy SEC provides very detailed comments on the text of the rule, specific textual changes to the regulation, and answers to hundred of the questions presented in the proposed rule.

From the perspective of private equity funds, Occupy the SEC wants to make sure the rule is broad enough to cover a broad scope of entities by making some changes to the definition of “covered fund” and “ownership interest”.

The comment letter is an impressive piece of work.

Sources:

What the SEC Wants Next Year

It is time once again for the Securities and Exchange Commission to sing for its supper. Even though it’s an independent agency, supposedly insulating it from political pressure, it still needs to go back to Congress each year to get funding. The budget request for FY 2013 totals $1.566 billion, an increase of $245 million (19 percent) over the agency’s FY 2012 appropriation.

The SEC included several performance goals that caught my attention.

  • Percentage of firms receiving deficiency letters that take corrective action in response to all exam findings. The SEC has a goal of 93%. I still find that number shockingly low. If the regulator says you’re doing something wrong, I would expect that number to be closer to 100%.
  • Percentage of attendees at the Compliance Outreach program that rated the program as “Useful” or “Extremely Useful” in their compliance efforts. For FY 2011 the target was 80% and the actual was 86%. Apparently positive responses in SEC program evaluations could increase SEC funding.
  • Percentage of investment advisers, investment companies, and broker-dealers examined during the year. For FY 2011 the plan was to examine 11%, but the SEC only achieved 8%. The FY 2012 is 9% and the 2013 estimate is 11%.  There is a separate goal for high risk advisers, but measures have not been in place for a few years.
  • Percentage of exams that identify deficiencies, and the percentage that result in a “significant finding” This one leaves me nervous as a goal. It’s hard to parse the indicator because it covers all SEC examination, not just investment advisers. The Actual number for FY 2011 was 82% with 42% having a significant finding.  I hate to see enforcement target and deficiency targets.
  • Average Cost of Capital.  Here is a metric I would like to learn more about. The SEC states that FY 2010 was 10.99% and FY 2011 was 10.67%. Frankly, I have no idea what those percentage mean.
  • Survey on whether SEC rules and regulations are clearly understandable.  This a great goal. Unfortunately, the measure has no data, no data source and no goal.

From the SEC examination side, the Office of Compliance Inspections and Examinations is looking to add an additional 65 positions to the exam staff to “address the disparity between the number of exam staff and the growing number and complexity of registered firms; and more effectively risk target, monitor, and examine market participants.”

The Division of Investment Management is requesting 40 additional positions, largely to focus on the “major milestone” when private fund advisers begin to file systemic risk information with the SEC on Form PF in late FY 2012.

Now it’s up to Congress to decide how mush to put in the SEC’s kitty. Anyone willing to bet that the SEC gets most of what it asks for? No, I didn’t think so.

Sources: