When a Compliance Officer Breaks Bad

There has been considerable discussion in the compliance community around the Securities and Exchange Commission bringing charges against compliance officers. There are three areas that the SEC feels it is justified in bringing charges: (1) when the compliance officer is involved in the wrongdoing; (2) when the compliance officer impedes the examination or investigation; and (3) when the compliance officer is in wholesale failure. The latest SEC charges against a compliance officer fall into the first area.

Breaking Bad long

Yue Han was an associate in the compliance department of Goldman Sachs. That gave him access to the emails of the investment bankers to look for potential misconduct. The SEC claims that Mr. Han broke bad and used the information he gathered from those emails to spot upcoming M&A activity for his own personal gain.

Mr. Han has not settled the charges so this story is based only the SEC’s allegations. He left the country and may not dispute the charges. The SEC has gotten an asset freeze, so he will have to fight the claim if he wants the cash back.

The SEC claims that its case stems from its Market Abuse Unit’s Analysis and Detection Center, which uses data analysis tools to detect suspicious patterns. The SEC claims that its enhanced detection capabilities enabled SEC enforcement staff to spot Han’s unusual trading activity in two different accounts.

Four companies are at the center of the SEC’s case: Yodle, Zulily, Rentrak, and KLA.  In each case, he bought out-of-the-money options cheaply just before an acquisition was announced and recognized a big gain after an acquisition was announced. Goldman Sachs was an adviser in each of the deals.

In one of the Han trading accounts, the broker-dealer barred him from acquiring further trading in the account. I assume the firm noticed the suspicious trading.

The complaint leaves out whether or not Mr. Han cleared his trades with Goldman. I would assume not since the firms would have been on the blocked list.

I would guess that Mr. Han is not going to dispute the charges and try to re-gain his trading profits.

Sources:

 

Happy Thanksgiving

That means an extra long weekend for me. In Boston, the big traffic rush was on Tuesday night to avoid the traffic on Wednesday. I think most people have a half day on Wednesday or the day off. I hope you get to enjoy a long weekend before the push for year-end.

I’m going for the #OptOutside Friday instead of Black Friday. Look for me on bike, heading somewhere.

turkey thanksgiving

It would not be a holiday without some kind of government action. On Thanksgiving we get the presidential pardon of a turkey (or two): The Definitive History of the Presidential Turkey Pardon.

US Private Equity Fund Compliance Guide

If you are looking for something to read during the long Thanksgiving Weekend or a great holiday present, pick up a copy of the newly released The US Private Equity Fund Compliance Guide, Volume III. PEI Media just released this follow up that updates the original 2012 edition with the ongoing review and actions of the SEC.

Once you get your hands on the Guide, you should feel free to marvel at Chapter 8: SEC Examinations: How to Successfully Handle the Process. I’m sure the author of that chapter is brilliant. I’m also sure he is ruggedly handsome and kind to animals.

If you agree, I can offer you a 15% discount. Use the code AUT_COM3 when ordering.

compliance guide

TABLE OF CONTENTS:

Introduction

Section I: SEC focus areas

1. US regulatory developments and areas of increased SEC focus applicable to private equity fund advisers since 2012
Erik A. Bergman, Justin J. Shigemi and Reed W. Balmer, Finn, Dixon & Herling LLP

2. Must-know current SEC issues
Julia D. Corelli and Stephanie Pindyck-Costantino, Pepper Hamilton LLP

3. Valuation practices
James E. Anderson and Justin L. Browder, Willkie Farr & Gallagher LLP

4. Cybersecurity
Kari M. Rollins, Winston & Strawn LLP

5. Marketing in the US and EEA
Laura S. Friedrich and John Adams, Shearman & Sterling LLP

6. Due diligence and fundraising
David A. Smolen and Caroline Schimmelbusch, GI Partners

7. Form PF and Annex IV regulatory reporting requirements
Jeanette Turner and Paul Yau, Advise Technologies, LLC

8. SEC examinations: How to successfully handle the process
Doug Cornelius, Beacon Capital Partners LLC

9. SEC enforcement actions against private equity firms
Richard D. Marshall, Katten Muchin Rosenman LLP

10. Compliance officer liability: How to protect the compliance officer
Richard D. Marshall, Katten Muchin Rosenman LLP

11. Compliance roundtable
James Gaven, Welsh, Carson, Anderson & Stowe, Christopher Anderson,
KPS Capital Partners, Joel Wattenbarger, Ropes & Gray LLP

Section II: Appendices

1. Spreading Sunshine in Private Equity
Andrew J. Bowden, director, Office of Compliance Inspections and Examinations

2. Private Equity: A Look Back and A Glimpse Ahead
Marc Wyatt, acting director, Office of Compliance Inspections and Examinations

3. Conflicts, Conflicts Everywhere – Remarks to the IA Watch 17th Annual IA Compliance Conference: The Full 360 View
Speech by Julie M. Riewe, co-chief, Asset Management Unit, Division of Enforcement

4. Cybersecurity Examination Sweep Summary
National Exam Program Risk Alert issued by the Office of Compliance

5. Cybersecurity Guidance
Issued by the Division of Investment Management

6. OCIE’s 2015 Cybersecurity Examination Initiative
National Program Risk Alert issued by the Office of Compliance Inspections and Examinations (OCIE)

7. Examination Priorities for 2015
Issued by the Office of Compliance Inspections and Examinations

SEC Brings Charges Against CCO for Custody Failure

Last week at the Coping With Regulatory Failure conference, representatives from Securities and Exchange Commission repeated the SEC’s line that the SEC is not after compliance officers. But yet another case of CCO liability came out and this one kicks the CCO out of the industry and levels a $60,000 fine.

Failure stamp over white background. High detail in high resolution.

The SEC panelists repeated the line that the SEC only goes after CCOs in three circumstances:

  1. The CCO participated in the fraud
  2. The CCO hinders the exam or investigation
  3. Wholesale failure of the CCO

It’s the “wholesale failure” standard that has left many CCOs wondering if the SEC understands that term.

With a new enforcement action ruling out that pins liability on the CCO I thought it was worth a look to see if it meets the SEC standard.

The SEC announced charges against Sands Brothers Asset Management last year. The charge itself was a fairly technical violation of the Custody Rule. Sands Brothers managed private funds. According to the SEC’s order instituting an administrative proceeding, Sands Brothers was at least 40 days late in distributing audited financial statements to investors in 10 private funds for fiscal year 2010. The next year, audited financial statements for those same funds were delivered anywhere from six months to eight months late. The same materials for fiscal year 2012 were distributed to investors approximately three months late.

That’s not good. But it is a bit technical.

The really bad part is the SEC has been after the firm to fix this problem for years. Sands Brothers and its co-founders first landed in trouble in 1999. The exam noted a deficiency for custody rule procedures. The firm thought it did not have custody, but as a manager of a private fund, it does have custody.

Sands Brothers landed in trouble again 2010 when the firm was the subject of an enforcement action for custody rule violations. The firm failed to submit an adequate audit and did not timely distribute audited financial statements.

“There is no place for recidivism in the securities markets… so now they [the Firm] face more severe consequences,” said Andrew M. Calamari, Director of the SEC’s New York Regional Office.

So it’s hard to have any sympathy for the firm for the Custody Rule violations.

But what about the CCO? These are the factors that apparently caused the CCO to be a “wholesale failure.”

  • The CCO knew or was reckless in not knowing about, and substantially assisted,
    SBAM’s violations of the custody rule. (The CCO had executed the notarized offer of settlement to enter into the 2010 Order on behalf of Sands Brothers.)
  • The compliance manual tasked the CCO with “ensur[ing] compliance with the restrictions and requirements of Rule 206(4)-2 adopted under the Advisers Act.”
  • Kelly engaged the auditors for full audits (but not surprise examinations)
  • The CCO signed representation letters to, and was a principal contact for, the auditors.
  • The CCO knew that the audited financial statements were not being distributed on time.
  • The CCO implemented no policies or procedures to ensure compliance with the custody rule – even after the 2010 Order and after Sands Brothers continued to miss its custody rule deadline year after year.
  • The CCO simply reminded people of the custody rule deadline without taking any more substantial action.
  • The CCO did not make any attempt to notify the staff of the Commission of any difficulties Sands Brothers was encountering in meeting the custody rule deadlines.

It’s hard to have much sympathy for the CCO in this situation. The Principals of the firm were also subject to bar and monetary fines, so the CCO was not singled out.

The ALJ decision had blamed the CCO for being “reckless” for not doing more to prevent the custody violations. The Settlement Order with the COO also said that he “knew or was reckless in not knowing about” the custody violations.

If we go by the SEC’s earlier standard, then the SEC is equating “reckless” with “wholesale failure.” It would have been much better for the SEC to use the standard is has been espousing: “wholseale failure”; rather than using the “reckless” standard in the order.

Sources:

Failure is from Graphic Leftovers under license

Compliance Bricks and Mortar for November 20

These are some of the compliance-related stories that recently caught my attention.

compliance bricks and mortar


Attributes of a Great Ethics and Compliance Leader by Jean-Marc Levy in Corporate Compliance Insights

The three most important qualities of a CECO are courage, a deep understanding of his/her business and emotional intelligence. These qualities go beyond the traditional role of an in-house lawyer at most organizations. As a CECO, spending time with as many leaders of other functions as possible can help hone these skills and support their usage.[More…]


Want to Avoid “General Solicitation?” Focus on Relationships! by William Carleton in Counselor @ Law

The theme of the new SEC guidance is this: a “pre-existing, substantive relationship” can be a terrific antidote to the virus4 of “general solicitation.”

Now, the concept of the pre-existing, substantive business relationship has been around for a long time. It’s been a way of demonstrating that a given deal is indeed private, and prior guidance from the SEC has long held that an issuer can extend the utility of the concept by including, not only persons the issuer knows, but also the relationships of a broker dealer participating in a given offering. [More…]


SEC’s Piwowar Takes Another Shot at ‘Flawed’ Enforcement Statistics by Bruce Carton in Compliance Week

In his remarks this week at the 34th Annual Current Financial Reporting Issues Conference, SEC Commissioner Michael S. Piwowar took another wisecrack at the way the SEC measures the effectiveness of its enforcement efforts. Speaking to an audience of primarily non-lawyers who prepare financial statements, Piwowar asked them to

imagine a world where GAAP or other reporting standards did not exist – where management could develop its own numbers based on its own poorly-defined criteria.  Management might be tempted to create numbers that provide the illusion of performance but in reality are largely irrelevant to measuring the actual performance of that organization.  Reported numbers might be distributed for public consumption without clear disclosure as to how they were derived.

[More…]


Whistleblower Tips Rise Again in 2015 by Christopher M. Varano in Securities Compliance Sentinel

The Securities and Exchange Commission released its 2015 Annual Report on its Whistleblower Program this week and announced another rise in the number of whistleblower tips that it received.  The SEC reported receiving 3,923 tips during its 2015 Fiscal Year, which is up from 3,620 in 2014 (as we previously reported), and up over 30% from 2012, which was the first full year that these numbers were reported.  Additionally, in its FY 2015, the SEC paid out $37 million to whistleblowers, which included a whopping reward of over $30 million to just one whistleblower.  The SEC’s Office of the Whistleblower (OWB) rewards whistleblowers for “their provision of original information that led to a successful Commission enforcement action with monetary sanctions totaling over $1 million” and can net tipsters between 10% and 30%, which is the statutory maximum allowed under the Dodd-Frank Act.[More…]

Are There Real Estate Fund Enforcement Cases Coming From the SEC?

Eighteen months ago, Andrew Bowden gave his Sunshine speech on the SEC’s disapproval of private equity fee compliance. Now, enforcement cases are being finalized on private equity fees. The SEC is just now finishing a focus on real estate funds. Should we be looking for real estate fund enforcement cases on the horizon?

Boston Skyline - Pink Panoramic

While listening to one of the panels at the Coping with Regulatory Change conference this week, a representative of the SEC mentioned that the SEC had been working on a exam focus of real estate funds. You may remember that Marc Wyatt mentioned this exam focus in a speech this spring at PEI’s Private Fund Compliance Forum.

Bowden’s speech set the stage for the fee and expense enforcement actions that are coming out. See Blackstone, Cherokee, Fenway for examples. It seems reasonable for there to be an 18 month window to examine, investigate, enforce, and settle the cases that SEC deems worthy.

The SEC has conducted a focus on real estate funds.

I would hope that all of the real estate fund managers have read the stories on Compliance Building over the last six years and made the compliant and ethical choices for their firms. If so, hopefully they came out of the exams with either clean exams or merely minor comments.

However, I fear that the SEC found real estate fund managers that were not being compliant and that were not acting ethically. That would mean that enforcement cases are in the pipeline.

When I asked that SEC representative whether there were enforcement cases in the pipeline against real estate fund managers. He or she gave the correct answer of “No comment.”

I leave it to you to interpret that response.

I think I see something on the horizon.

Image: Boston Skyline – Pink Panoramic by Noah B. Kaplan
CC BY NC

Rapid-Fire, Nuts & Bolts Tips from Former Regulators Now in the Private Sector

coping with regulatory change

I’m attending a conference sponsored by IA Watch: Coping with Regulatory Change. These are my brief notes.


Luis Mejia, Partner, Perkins Coie, Washington, D.C.; Walter Ricciardi, Partner, Paul, Weiss, Rifkind, Wharton & Garrison, New York; and Bruce Karpati, Global CCO/Director, KKR, New York provided their view, now that they are on the other side.

You either (1) eliminate the conflict or (2) disclose and mitigate. The challenge is identifying all of the conflicts. Assuming you find them all, can you mitigate them all.

The panel was critical of the several private equity enforcement actions. In the KKR case, KKR fixed the problem and refunded some of the fees during the exam. So why was it an enforcement action? Do you have to self-report and cut all the checks before the exam ends.

The SEC has been inconsistent with its interpretation of the “wholesale failure” of the CCO. But in the Blackstone case, the CCO was blamed for inadequate policies and procedures.

In the Delaney case, the panel had a hard time finding how the CCO was engaged in “wholesale failure.”

How do you protect yourself? Look at the steps the CCO took in Robare case. The firm had hired an outside consultant to help them understand the requirements.

There is the October 14, 2015 speech by Andrew Donohue for the role of compliance: Remarks at NRS 30th Annual Fall Investment Adviser and Broker-Dealer Compliance Conference.

Commissioner Gallagher gave a speech that its the firm that’s responsible for compliance. The CCOs should not be subject to strict liability for a failure.

The Asset Management Unit: Reflecting and Moving Ahead

coping with regulatory change

I’m attending a conference sponsored by IA Watch: Coping with Regulatory Change. These are my brief notes.


Anthony Kelly, Assistant Director, SEC’s Asset Management Unit, shared some of the activities of this part of the Securities and Exchange Commission.

For fees, the Unit is looking mis-allocation of private equity fees and expenses and whether the fees and expenses are properly disclosed. In the Cherokee case, the Unit found the fees and expenses for the fund manager for compliance should not be charged to the funds. In the Fenway case, the Unit felt the adviser was misleading its fund investors for charging related party consulting fees. Before that was the Blackstone case for mis-allocation.

Mr. Kelly encouraged self-reporting. There is a cooperation program and cooperation credit available. Not bringing an enforcement action is “extra-ordinary.”

He emphasized that the Unit is not targeting CCOs. It will defer to the good-faith determinations of the CCOs. It will bring action if the CCO is actively involved. It will bring actions against CCOs for hindering the exam or investigation. See the Wells Fargo case. The third area is the wholesale failure of the CCO in doing the job. (However, as he points out, there are two CCO liability cases in last year.)

Conflicts is a perennial area of focus for the Unit. It’s core to the fiduciary obligations of an investment adviser.

Discover the Priorities and Perspectives of the Office of Compliance Inspections and Examinations

coping with regulatory change

I’m attending a conference sponsored by IA Watch: Coping with Regulatory Change. These are my brief notes.


Marc Wyatt, Director, SEC’s Office of Compliance Inspections and Examinations, gave his perspective on the priorities that lie ahead for OCIE. Marc Wyatt Named Director of the Office of Compliance Inspections and Examinations last week.

He emphasized that OCIE does not want to be a “gotcha” regulator. OCIE’s job is deterrence. That is why OCIE publishes its exam priorities each year. OCIE wants to empower CCOs to be able to focus limited resources on issues. It’s not that OCIE only gets to 10% of registered advisers. OCIE wants to use the exams to deter other firms from doing bad things. Exams are very much risk-based and data driven.

Cybersecurity will be on the list for a long time. Retirement accounts and senior investors will also be on the list.

OCIE tries to be incremental. For cybersecurity, the first round was mostly information gathering. The next level is more testing. He was not willing to say how many firms OCIE is visiting. He wants it be statistically significant.

The pool of registrants is growing. There were 500 new registrants last year. The SEC is trying to specialize and get the skills for the new pool of registrants (private equity, hedge funds, etc.)

OCIE feels it is getting better aligned with institutional investors. Investors are doing much more due diligence and taking a deeper dive.

The vetting process for which firms to exam is also a set of data for the exam process. Of the two out of ten firms that examined, reviewing the other eight helps OCIE understand the risks.

How to avoid getting examined? These are red flags for the risk-based analysis:

  • A big swing in AUM?
  • Changes in key personnel
  • Aberrational performance
  • Areas for better understanding (OCIE wants to better understand a time of investing style, or there is a rule in process)

How to get exam staff out once they come:

  • Be efficient on document production
  • Question the exam staff about unclear document requests
  • Get clarification if a question is unclear.
  • Don’t dump documents trying to overload examiners
  • Make sure exam staff has access to key people
  • Day One presentation with CCO, being candid about risks, highlighting key people for follow-up meetings

In response to lowering risk rating, Mr. Wyatt was not willing to share criteria that would reduce. He pointed out there is a never-before examined exam initiative.

He pointed out the out-sourced CCO risk alert. Use that to look at your in-house CCO program.

Investment Management: What’s Next on the Rulemaking Front

coping with regulatory change

I’m attending a conference sponsored by IA Watch: Coping with Regulatory Change. These are  my brief notes.


Norm Champ, Investment Management Law Lecturer at Harvard Law School and former SEC IM Division Director, New York; and Robert Plaze, Partner, Stroock & Stroock & Lavan, Washington, D.C. came ready to talk about a broad range of issues.

Form ADV proposed changes and Form PF changes. These changes are all about getting better data and better understanding risks. The comment period just closed, but re-opened for the liquidity proposal. IA-4091 and 33-9776 will continue as other rules are proposed. The SEC has identified separate accounts as an area in which the SEC has little insight.

The next question is what is the SEC going to do with this data. Can the SEC keep information confidential? What happens if the SEC has the data showing the problem but does not see it? The SEC is concerned about disclosing the positions of investors being advised by registered investment advisers.

Other rule-making under consideration:

  • Liquidity in funds has moved ahead: (33-9922).
  • Derivative use in funds is another item.
  • Transition plans for advisers.
  • Stress tests for advisers and funds.

The Fiduciary Duty is the “keystone pipeline” of the SEC. It will not be able to go far enough to make investor advocates happy and will go too far for the brokerage industry. There are too different models, investment advisor and brokerage, clashing in the area of wealth management. There is also a clash with the Department of Labor who has proposed its own rule that applies to all retirement plans. There is a calsh between the disclosure model and the strict standard model.

The panel pointed out the problem with third party compliance audits is that there is no equivalence to GAAP. Public companies are subject to audits subject to GAAP. The problem with using this model for compliance is that there are no generally accepted compliance standards or practices that would, at least in part, standardize the compliance audit practice. For settlements that require a third party compliance audit, the settlement often rejects proposed compliance consultants because they lack credentials.

The panel equated third-party compliance exams to credit rating agencies. There was little regulatory oversight, with an industry mandate, and they did bad job rating. They played a big role in the 2008 financial crisis.

FinCEN has proposed a rulemaking for AML for investment advisers. FinCEN is not receptive to comments saying there should not be checking for terrorist money use.

Transition planning will likely be tackled after derivative use. To some extent its the next step after disaster recovery plans and business continuity planning. It’s a bigger issue given the scope of different firms and business models for investment advisers.

Dodd-Frank does have a statutory mandate for stress tests of advisers and funds. Of course the question is how you stress test an adviser given that an advisers capital should affect the client’s portfolio. Assets are supposed to be held by custodians, not the adviser.