Doug Cornelius

Compliance for Enterprise 2.0 at Lockheed Martin

Andrew McAfee, Associate Professor at Harvard Business School lead a discussion with Christopher Keohane, Social Media Program Product Manager at Lockheed Martin IS&GS – CIO – Architecture Services and Shawn Dahlen, Social Media Program Manager, Lockheed Martin IS&GS CIO Office to talk about their Unity enterprise 2.0 platform at Lockheed Martin.

The Lockheed Martin guys really caught the attention of the crowd in their smaller session at the 2008 edition of the Enterprise 2.0 Conference. This earned them a seat on the big stage.

Business Case

They started with the business case. The 9-11 Commission noted that one of the problems was that information was siloed at the intelligence agencies. As a government contractor, Lockheed pays close attention to the government’s position. The appeal of a enterprise 2.0 / collaboration platform was the ability to create content and share it among the team.

In addressing the ROI concern, they made it easy by making a small investment. There was a budget available of a few thousand dollars for experimental projects. They got up and running in a small group with that small investment. [If your investment is small, the return does not have to be big to find a positive ROI. Start small.]

Legal Concerns

They knew legal would have questions and raise concerns. Christopher and Shawn approached them early to help with approval and buy-in. Legal was unfamiliar with the tools. But they were familiar with export laws, data privacy limitations and other considerations that needed to be in place.

Legal was able to help design the controls, processes, and procedures that would need to be in place to make Unity compliant with the laws that affect the internal operations of the company. They did not leave legal as a last minute approval to check the box. They got them engaged to help identify risks and problems.

[If you don’t bring legal into the process and leave them with a late in the process “yes” or “no” decision. You’re going to get a “NO!” Inevitably you will not have addressed an internal policy or regulatory concern. Especially if the project is being run out of the IT group, where they are often not involved in the business processes.]

Evolution versus Revolution

To echo the keynotes on Tuesday, Shawn and Christopher took an approach that was both evolutionary and revolutionary. Migrating from MS Word documents to blogs and wikis is evolutionary. Opening up the information for sharing is revolutionary.

The Generational Issue

Shawn and Christopher pointed out that the generational issue runs both ways when using 2.0 tools. They acknowledge that their team was a bunch of 20-somethings. They had trouble figuring out how to use these tools in the business setting. They had trouble using them to collaborate among themselves.

The older generation and managers of the business understand the business process. They were surprised that heir most prolific bloggers are 40-something senior managers. ( I am not surprised. I had the same experience at my old law firm when we started deploying 2.0 tools. The partners and senior attorneys contributed more information than the younger associates.) It is the seasoned workers who have the knowledge and understand the business needs. If the tools are easy enough to use, they will use them.

Technology

They used Microsoft’s SharePoint as the platform for Unity. When pushed, they neither endorsed the product nor said anything bad about it. They did acknowledge the difficulty in trying to customize the platform for different groups. The users found the tools easy to use and easy to see the migration from Word to blogs and wikis.

[I had a discussion with Mary Abraham of Above and Beyond KM about the Snake Oil of Social Media. As we became seasoned in our businesses, we learned to silo information because the technology siloed it for us. Email became our information source and collaboration tool. Email is inherently siloed. Trying to make it open does not work. My theory is that if you want to change the culture, you also need to change the technology tools.]

Summary

Sean and Christopher also found that you need to ground enterprise 2.0 in the needs of the business. Don’t be afraid of social media. Embrace it. Apply it to your business challenges.

McAfee Update

Professor McAfee is leaving Harvard next month to become a Principal Research Scientist within the Center for Digital Business at the Sloan School of Management. And his book, Enterprise 2.0, is coming out in the fall. You can download the first chapter for a sneak preview.

Other Coverage

Sandy Kemsley also put together a great summary on her blog Column 2: Applying the Social Dimension to the Lockheed Martin Mission

Photo Credit

Thanks to Alex Howard of Digiphile and SearchCompliance.com for giving me permission to use his photo in this blog post.

Enterprise 2.0 Keynotes on Tuesday

After Monday night’s Evening in the Cloud (That is me in the middle of the picture during the Evening in the Cloud), Tuesday turned to social media and collaboration in the keynote presentations on the big stage.

It was a mixed bag of presentations. There were glimpses of how organizations can use enterprise 2.0 and web 2.0 tools to further the goals of the organization. What was missing, was the compelling case for adopting the tools and devoting the resources to that adoption. There were a few points from the compliance perspective that popped up in the presentations. I thought I would share some of my thoughts and notes from these presentations.

my.barackobama.com: The Secrets of Obama’s New Media Juggernaut

Jascha Franklin-Hodge, Chief Technology Officer & Founding Partner, Blue State Digital started off talking about some of the success of the presidential campaign:

1 billion emails to 13 million addresses
Over 1 million text message subscribers
200,000 offline events planned through the website
145 YouTube viewing hours
Of the $770 million raised, 65% came through the website

Although this presentation was interesting I was hard-pressed to see how the lessons learned from the presidential campaign could be applied to the use of these tools inside an enterprise. (Although the bleeding heart liberal in me enjoyed seeing the great success story.)

He did emphasize the need for measurement, which is dear to the hearts of compliance professionals. They measured everything, tested their assumptions and redesigned the visuals and tools based on the data.

Throwing Sheep in the Boardroom: How Online Social Networking Will Transform Your Life, Work and World

I don’t have much that’s nice to say about this presentation. So I won’t.

Hello from Booz Allen Hamilton

Booz Allen won the Innovation Award from the Open Enterprise 2009. Walton Smith gave his insights on their enterprise 2.0 platform. It looked great! (In the interest of disclosure, Booz Allen is a large tenant in my employer’s portfolio.)

Walton started with the business case. They need ways to better capture the tacit and explicit knowledge in the organization. There is a tremendous need to identify expertise and allow people to find that expertise. They are looking to add thousands of employees over the next few years and need to get those employees up and running quickly. On a typical day, over half of their people are working at client sites. Outlook was their de facto collaboration tool.

They deployed Hello, their enterprise 2.0 tool, to address these concerns. It sounds like a success. Over 40% of the firm has added content. Another 1% to 2% of new users are adding content each week. The technology is mash of technologies, many of which are open source platforms.

Given the short time allotted, we were not able to see much detail about the operations of Hello. From what I saw, it was just what I thought a large professional services firm needed. Walton’s description matched up with the vision I had for the redesign of Goodwin Procter’s iNet (before I left).

Walton did address some of the compliance concerns. In responding to a question about posting inappropriate content, Walton had this great statement: “I can’t prevent you from being stupid, but now I can see how stupid you are.” As to EU data privacy, they had lots of discussions with legal on what people could post about themselves. Legal wanted to exclude all non-US from Hello. They came to a compromise, but I am not sure what it was. For departed employees, they keep the content and the profile. They merely add a banner that the person has left the company. They want to preserve the intellectual capital footprint.

Enterprise 2.0 Reality Check – What’s Working, What’s Not, What’s Next

Matthew Fraser was back to moderate a panel of Christian Finn, Director of SharePoint Product Management, Microsoft, Nate Nash, Senior Manager, BearingPoint, Neil Callahan, Executive Vice President, mktg, and Ross Mayfield, President, Chairman and Co-founder, Socialtext. There was lots of talk of whether enterprise 2.0 was an evolution or revolution. One commenter in the crowd said the panel was an I’m a Mac, I’m a PC ad. There was a fair amount of discussion about the ROI for enterprise. Some panelists and audience members were dismissive of needing a monetary ROI. They likened it to email. Nobody asks for the ROI on email.

I don’t agree with these thoughts. When email was first adopted in the enterprise there was an ROI calculation. It was cheaper and faster to send an email, than to send a message through the post office. There is a reason we get so much spam. It is cheap and easy. Businesses may no longer calculate the ROI, but they did as part of the adoption process. Event though now it is just an assumption that you have email in the business. There was a compelling reason to adopt.

Meeting People

Web 2.0 is not about sitting in your basement. It is about meeting people. Besides the presentations it was able to run into and chat with a bunch of great people. I had a great lunch with David Hobbie of Goodwin Procter and Rachel Happe of The Community Roundtable in the fake Irish restaurant.

It was great to spend some time talking with Carl Frappaolo and Dan Keldsen of Information Architected. Unfortunately, I missed the session but I was able to chat with Jessica Lipnak and Jeff Stamps of NetAge. Alex Howard of Digiphile and SearchCompliance.com was there covering the conference and having great conversations. I apparently got Mark Masterson fired up about compliance because we chatted about it for a while.

I also had some short chats with Luis Suarez of IBM, Joe Wehr of DBMI, and Ming Kwan formerly of nGenera and now at Nokia.

Michael Idinopulos of SocialText gave me a great tour of the latest release of their product. Their new marketing strategy is to offer SocialText free for less than 50 users. Chris McGrath and I talked about Thought Farmer. I kind of beat him up over records management and wikis. Cheryl McKinnon gave me a great presentation on some compelling OpenText products.

I will back on Wednesday for a few sessions and will try to distribute any insights.

Evening in the Cloud and Compliance

enterprise2

The The Evening in the Cloud session at the Enterprise 2.0 Conference was fun. David Berlind Editor-At-Large and General Manager of TechWeb was the moderator. I sat in the customer role beside Christopher Reichert of the MIT Sloan CIO Symposium. Sean Poulley VP Online Collaboration Services of IBM, Rajen Sheth Senior Product Manager of Google Apps, and Mike Feinberg Senior VP, Cloud Infrastructure of EMC each gave an eight minute pitch for their product.

If you read yesterday’s post (Compliance and Cloud Computing at Enterprise 2.0), you knew what my questions would be for the vendors. These three vendors represented big guns who I am sure have been asked those questions before. The session was obviously driven by vendors. Hopefully, my list of questions can be used by other attendees to quiz the vendors.

Google, IBM and EMC focused on the infrastructure aspect of cloud computing. From a compliance perspective, the application piece of cloud computing poses more of the issues. Maybe I will be able to tackle some of those issues with vendors when the Exhibition Hall opens on Tuesday.

Brenda Michelson live-blogged the session on her elemental links blog: @ Enterprise 2.0 Evening in the Cloud Panel discussion. It is as good a summary as I could have written.

The session was recorded and will be available on line at some point. I’llpost and update when I come across the recording.

Compliance and Cloud Computing at Enterprise 2.0

Monday night, I am heading over to the The Evening in the Cloud program at this year’s Enterprise 2.0 Conference. They asked me to help grill the vendors on compliance issue

More software and business operations are being pushed into the cloud. Why buy the hardware and software when someone else will run them for you?

I thought I would put together my thoughts on some of the compliance issues I think about when it comes to cloud computing.

Records Management.

One aspect of records management is ensuring that important records are kept. Importance can be either because of a business need or a regulatory requirement. The other aspect is data destruction. Once that record is not important and no longer required to be kept, you want to make sure it is destroyed and destroyed forever. Multiple backups in multiple places of old records is huge headache when forced into e-discovery and the delivery of records as part of litigation.

Compliance Logs.

Whether you’re in the midst of an audit or an investigation, thorough logs are the key to proving compliance. So how do you prove your organization is (or was) compliant when you aren’t able to maintain logs? Audit trails must be auditable.

Terms of Service.

Consumers are used to clicking through the Terms of Service without reading it. Businesses will read it and want to negotiate it. If the vendor’s Terms of Service has a typical consumer provision allowing the vendor to unilaterally change it, throw that vendor out the door and don’t bother talking with them.

Investigations

You need to address how a forensic examination of the systems can be run as part of government or internal investigation of wrongdoing.

Geography

It is not truly a cloud. There are physical servers that are sitting in a building somewhere. That physical location subjects them to the law of that jurisdiction. There are obviously some countries that you do not want. (Anyone in North Korea?) There are also some questionable locations. There are some companies that don’t want their operations being run on servers located in China. You should not be surprised that some companies do not want their servers in the United States because of the confiscatory provisions of the US PATRIOT Act.

Data Privacy

Geography also implicates personal data privacy. If you are using the cloud service to host information about people (employees or customers) you need to think about how the service compliance with the multitude of personal data privacy laws. The most difficult is probably the EU Data Protection Directive.

Multi-User

If your information is combined with another company’s information on the same server, you risk being subject to their wrongdoing. There was a well-publicized raid of a server farm, with law enforcement seizing servers, shutting down businesses with their operations running on those servers.

Credit Card Processing

If you are processing payments, you need to be PCI DSS compliant. If the vendor asks what PCI means, throw them out.

Vendor should have a SAS 70 Type II Audit.

SAS 70 was designed to provide a highly specialized audit of an organization’s internal controls to ensure the proper handling of client data. SAS 70 Type II certification ensures that client data is protected in a data center that is using industry-leading best practices in information technology and security. Vendors that undergo a SAS 70 Type II audit are stringently evaluated on such elements as systems, technology, facilities, personnel management, and detailed processes for handling client data. At the end of a six-month process, vendors receive a comprehensive audit report that includes a description of their operational controls and a description of the auditor’s tests of operating effectiveness. At regular intervals after the initial audit, vendors go through additional audits to maintain their SAS 70 Type II status. In brief, SAS 70 provides assurance that a vendor has put in place comprehensive systems to ensure data security.

Of course, there are other issues. Depending on your industry, some of these may be more of a concern than others.

References:

Stanford Arrested

stanford

We saw it coming. It was like OJ in the Bronco. Last night, Sir R. Allen Stanford stepped out of his girlfriend’s house in Virginia, walked over the the FBI car parked out front and asked if they had an arrest warrant. They did. The grand jury had released its indictment.

The surprise was who else is included in the charges. I expected Laura Pendergest-Holt, chief investment officer of Stanford Financial. We knew about her problems as part of her Lawyer’s Noisy Withdrawal from Stanford Case. (He wasn’t her lawyer, which led to all kinds of trouble.)

Prosecutors also alleged that the fraud was aided by Leroy King, administrator of the Financial Services Regulatory Commission in the island nation of Antigua and Barbuda, where the Stanford firms were headquartered. Mr. King is charged with accepting $100,000 in bribes. They claim Leroy King facilitated the Ponzi scheme by ensuring that the FSRC “looked the other way” and conducted sham audits and examinations of Stanford’s books. Mr. King also provided Stanford with access to the FSRC’s confidential regulatory files, including requests by the SEC for assistance in investigating a possible Ponzi scheme.

The complaints also targeted Gilberto Lopez and Mark Kuhrt, accountants for Stanford-affiliated companies. It claims that they fabricated financial statements. Using a pre-determined return on investment number, Lopez and Kuhrt reverse-engineered the bank’s financial statements to report investment income that the bank did not actually earn. Information in Stanford’s financial statements and annual reports to investors about the bank’s investment portfolio bore no relationship to the actual performance of the bank investments.

We also learned that James Davis, chief financial officer of Stanford Financial, is cooperating with the investigation. He was named as a co-conspirator, but was not charged.

In other Stanford news, Vijay Singh walked out on the ninth green this morning sporting his sponsor’s logo and attire. The sponsor? Stanford Financial Group. I guess they are still sending him endorsement checks.

References:

DOJ: US v. Stanford Indictment – hosted by JDsupra
SEC: Second Amended Complaint– hosted by JDsupra
Financier, Associates Indicted in $7B Fraud Scheme By Zachary A. Goldfarb of the Washington Post
U.S. Files Criminal Charges in Stanford Case by Evan Perez of the Wall Street Journal
Billionaire Financier Stanford Surrenders to FBI by Bloomberg News
Vijay Singh Still Sporting Stanford by Darren Rovell for CNBC

More on the Private Fund Transparency Act of 2009

The full text of the Private Fund Transparency Act of 2009 has now been published (S. 1276). The press release from Senator Reed was nice, but I prefer to see the ink on the paper. So here is what I see n the Act:

Registration

The Act deletes the exemption from registration in Section 203 (b)(3) of the Investment Advisers Act and replaces it with an exemption for foreign investment advisers. The (b)(3) exemption was for investment advisers with fewer than 15 clients and did hold themselves out as investment advisers. This was the exemption most often used by private investment funds.

Reporting:

“The Commission is authorized to require any investment adviser registered under this title to maintain such records and submit such reports as are necessary or appropriate in the public interest for the supervision of systemic risk by any Federal department or agency, and to provide or make available to such department or agency those reports or records or the information contained therein.”

This is a broad empowerment of the SEC to demand any report that they feel may be a systemic risk. The act fails to define “systemic risk.”

Identity of Clients

The Act would strike subsection (c) of Section 210 of the Investment Advisers Act. That subsection prohibits the SEC from requiring the disclosure of an investment advisers clients (except in a SEC proceeding or enforcement action). So Senator Reed wants investment advisers to disclose their client lists and private investment funds to disclose their investors.

Defining Clients

The Act would all the SEC to “ascribe different meanings to terms (including the term ‘client’) used in different sections” of the Investment Advisers Act. I am not sure what this change would do. I suspect it is an attempt to address the demise of the Hedge Fund Rule and allow the SEC to define the investors in private investment funds as “clients” of the fund manager. The courts had ruled that the SEC overstepped their authority when they tried this definition on their own.

Final Thoughts

This Act seems much more intrusive to private investment funds than the Hedge Fund Adviser Registration Act of 2009 or the Hedge Fund Transparency Act of 2009.

At this point, it is not clear which of these competing acts will end up becoming law, if any.

References:

Corporate Compliance Scam Continues. . .

. . But some of the perpetrators may have been caught.

California

California businesses have recent reports. The scam seems to have been operating in California for years.

Colorado

There are reports of the scam in Colorado: State Corporate Compliance fraud. The Secretary of State is also getting complaints about the Colorado Compliance Recorder: Updated Notice Regarding “Annual Minutes” Solicitations

Indiana

Indiana issued a warning that several businesses have reported receiving a deceptive letter that would appear to come from an official government source. The letter solicits an annual fee of $125 or $150 and claims it will be used for record keeping and processing of a company’s annual minutes. It gives the appearance of coming from a legitimate government agency and cites fictitious state law. Scam Alert for Businesses in Indiana. But the Secretary of State has filed a complaint to try to stop the scam.

Montana

Montana has issued a warning, although the Secretary of State has not received any complaints and is not aware of any Montana businesses being affected: Business Scam Alert (.pdf) (I am not sure that I agree that the scam is “potentially dangerous.”)

New York

In the Empire State, it looks like the scam has spread to condominiums and cooperatives: Scam or Useful Service? The Corporate Records Compliance Office Speaks

Texas

It looks like the scam has been operating in Texas for a few years, masquerading as a state agency. They may have caught the person behind some of it: Californian Charged With Unlawfully Profiting From Fake State Document Scheme.

Others

Previously, I noted that the scam was found in Florida, Georgia, Illinois, Massachusetts, and Ohio.

Catching the Bad Guys

Its not clear if the scams in each state are perpetrated by the same group. The Indiana Secretary of State filed a complaint against Aaron V. Williams of Las Vegas, Lisa Diane Brown of California and several companies affiliated with them. (Of course these people have merely charged and are not necessarily guilty.)

UPDATE:

The Texas Attorney General filed suit against other parties, but the suit was dismissed.

References:

Indiana Complaint Against International Corporate Marketing, et al – Hosted on JDsupra
Texas Complaint Against Corporate Compliance, Inc., et al – Hosted on JDsupra
California Law Blog: Indiana Secretary of State Corporate Minutes Mailings
Corporate Compliance Insights: The compliance scams continue. Beware!

Social Media and Your Compliance Program

Bill Piwonka, Amanda Mayhew and Rodica Buzescu from EthicsPoint gave a webinar on social media and compliance. These are my notes:

The presentation started with a user poll on the approach to social media at the attendees’ organizations:

27% block all social media sites
42% block a few social media sites
only 29% allow all social media sites

In a second question, I was surprised to see that 37% of the attendees said they were using some form of Web 2.0 in their ethics program. That seemed like a big number to me.

Bill started off with a brief discussion of his view of web 2.0 and social media. He also highlighted some of the approaches and tools used by EthicsPoint. He moved on to the need of companies to monitor their brand. It easy for customers, employees and competitors to craft your brand for you (and not in the way you want). You need to know what is being said and be prepared to respond when necessary.

On the call, 11% of the attendees did not use any social media platform, 11% used one, and 40% used 2 or three. The rest (like me) used more.

Why should compliance care about Social Media? It is here to stay. Generation Y and the Millennials grew up an learned in the world of social media. They enter business organizations and are cut off from the tools they used to learn and communicate.

Rodica took over and shared her perspective. She is new to EthicsPoint. When she started, she was cut off from her networks since they blocked Facebook, instant messaging and many other social media tools.

Amanda took over and gave her perspective as the general counsel and privacy officer at EthicsPoint. She pointed out that younger workers may not have been in the business environment long enough to realize that there are limits on what you can say outside the organization and inside the organization. EthicsPoint focuses on privacy and protection of their clients information. They have a tight policy on social media to protect that information.

Bill stepped up and pointed out that you cannot ignore social media. Even if you block access, employees can easily access them from a mobile device or home. Blocking is not an effective policy. You need to let your employees know what they can and cannot do. You need a policy. Bill used Intel’s Social Media Guidelines as an example.

Bill also pointed out that even if the company does not want to engage in social media, they need to monitor what is being said about your company in social media. You also want to make sure that someone else does not use your brand on social media platforms.

Amanda came back to emphasize a few points. It is important to make it clear what is confidential and what is not public. Another point was to be respectful, realizing that your mother, friends and boss may ready what you say. Anonymity is also a hot button for her.

What can you do? How can compliance professionals use Social Media?

Create a Facebook group for your compliance team. Allow people to see who you are and develop a relationship and trust.

Use YouTube to host and distribute training videos. Why buy expensive video hosting servers and software when YouTube will do it for free.

Best Buy uses a blog to make ethics a completely transparent dialogue. Best Buy’s Chief Ethics Officer blogs on actual ethics and incidents at Best Buy. Of course, she does not use real names and disguises identifying information.

Use web 2.0 for professional development by joining online communities focused on ethics and compliance issues. EthicsPoint has user forums focused on its product.

In the Q&A there was a lot of discussion about how much to monitor and how much to limit. “Ignorance is not bliss.”

Another issue that came up in Q&A is who to friend on Facebook and who to make connections with on LinkedIn. In particular in the educational environment it is very tricky to friend or not friend. There is a similar dynamic in the workplace.

What about productivity? Does Facebook turn you into a slacker? Does blogging make you less useful? Bill turned this around and gave example of how he uses these tools as part of his job. (It was an impressive list.)

How do you develop your own policy? EthicsPoint started with Intel’s Social Media Guidelines as their model. (You can also take a look at one of my models: Blogging / Social Internet Policy.)

(In the interest of disclosure some of the material was borrowed from my presentation on Social Media at the Boston EthicsPoint Regional User Forum in Boston. Bill also noted this in the presentation)

EU Proposes Directive on Alternative Investment Fund Managers

The European Commission published a draft Directive on Alternative Investment Fund Managers to establish a common regulatory and supervisory framework for all investment managers of funds promoted to investors in the European Union and not currently subject to European level regulation. Though the measure is directed at the hedge fund industry, the Directive would affect the operations of managers of all funds that are not registered as UCITS (Undertakings for Collective Investments in Transferable Securities), including private equity, real estate, infrastructure and venture capital funds.

The Directive is at an early stage of the legislative process and may be subject to significant change before it is adopted. Even in its current form it will not come into force before the end of 2011 and the proposals relating to the promotion of funds incorporated outside the EU will not come into force for a further three years after that. I expect there will intense lobbying from the financial services industry and the hedge fund industry.

The Directive is mainly driven by the European Commission’s aim to get control over what it perceives as systemic risks in unregulated fund markets. There is a set of regulations focused on managers domiciled in the EU and a second set on funds marketed in the EU.

References:

Text of the AIRM Directive proposal (.pdf)
EU Proposes Directive on Alternative Investment Fund Managers by Bingham McCutchen
Draft Directive on Alternative Investment Fund Managers by Mayer Brown
Regulation of EU Private Equity and Hedge Fund Managers Ahead – But Not Any Time Soon by Debevoise & Plimpton LLP

Private Fund Transparency Act

We have another bill that is proposing to regulate private pools of capital. Yesterday, Senator Jack Reed (RI) introduced the Private Fund Transparency Act of 2009 (S.1276)

According to the press release, the Private Fund Transparency Act of 2009 will:

Require all hedge fund and other investment pool advisers that manage more than $30 million in assets to register as investment advisers with the SEC. The remaining smaller funds will continue to fall under state oversight.
Provide the SEC with the authority to collect information from the hedge fund industry and other investment pools, including the risks they may pose to the financial system.
Authorize the SEC to require hedge funds and other investment pools to maintain and share with other federal agencies any information necessary for the calculation of systemic risk.
Clarify other aspects of SEC’s authority in order to strengthen its ability to oversee registered investment advisers.

The text of bill has not been released yet. I am not sure it matters given that there are already two other similar bills: Hedge Fund Adviser Registration Act of 2009 and the Hedge Fund Transparency Act of 2009. On top of that, the Obama administration is finalizing their proposed plan for changing the regulatory framework of the financial industry.

I found Senator Reed’s reasoning on the need for his proposed law to be an interesting perspective:

“Private funds are not currently subject to the same set of standards and regulations as banks and mutual funds, reflecting the traditional view that their investors are more sophisticated and therefore require less protection. This has enabled private funds to operate largely outside the framework of the financial regulatory system even as they have become increasingly interwoven with the rest of the country’s financial markets. As a result, there is no data on the number and nature of these firms or ability to calculate the risks they pose to America’s broader economy.”

Press Release from Senator Reed on the Private Fund Transparency Act