Category: Compliance Programs

CFIUS Annual Report on National Security Transactions

The Committee on Foreign Investment in the United States is a multi-agency regulatory body empowered to review transactions involving a foreign person and a U.S. business that may affect national security. On November 14, 2008, the Department of the Treasury issued its final rule to implement the Foreign Investment and National Security Act of 2007, which provided guidelines for the Committee on Foreign Investment in the United States when reviewing investments by foreign persons in U.S. businesses for national security issues.

If your transaction has implications for national security and your investment vehicle has significant foreign ownership of the party or the other side has significant foreign ownership, they you need to pay attention to CFIUS. There has been little guidance on what level of control and what would be a threat to national security.

Recently, CFIUS delivered its unclassified Annual Report to Congress for the calendar year 2009 and it offers some insight into the breadth and power of this little known agency.

In 2009, 65 CFIUS notices were filed and determined to describe “covered transactions” within their regulatory review.

Of the 65 notices filed, 7 were voluntarily withdrawn from CFIUS consideration the initial review and investigation phases. New notices were filed in 3 transactions and 3 transactions were abandoned. The seventh withdrew the transaction with the declared intent of re-filing a CFIUS notice.

Twenty-five of the covered transactions were subject to investigation, extending the period of delay for the transaction.

In 2009, CFIUS agencies negotiated, and parties adopted, mitigation measures for five different covered transactions. These measures involved acquisitions of U.S. companies in the computer software, telecommunications, and energy sectors. No transaction was blocked.

In a key finding, the CFIUS judged that judge that foreign governments are “extremely likely” to continue to use a range of collection methods to obtain critical U.S. technologies. Sources:

Placement Agents and the MSRB

In addition to laying out the changes to Form ADV, in Release No. IA-3110 the SEC also took a slightly different course on regulating placement agents. Rule 206(4)-5, released in July 2010, required placement agents to either be registered with the SEC as an investment adviser and subject to the limitation on campaign contributions, or register with FINRA. The FINRA registration was subject to enactment of a similar pay-to-play rule by FINRA.

The SEC has abandoned FINRA for the MSRB when it comes to regulating placement agents that interact with government sponsored plans.

Section 975 of Dodd-Frank Wall Street Reform and Consumer Protection Act created a new category of regulated persons called a “municipal adviser.” This new category will regulated by the Municipal Securities Rulemaking Board.

The MSRB is undertaking a rule-making to subject municipal advisers to the pay-to-play rules in place for municipal securities dealers under MSRB Rule G-37.

“Municipal advisors” include businesses and individuals that advise municipal entities concerning municipal financial products and municipal securities, as well as businesses and individuals who solicit certain types of business from municipal entities on behalf of unrelated broker-dealers, municipal advisors, or investment advisers.

In comparing the de minimis amounts under Rule 206(4)-5 and MSRB Rule G-37, the MSRB only allows for contributions up to $250 for candidates the person can actually vote for. The SEC rule is $350 for a candidate you can vote for and $150 for a candidate you can’t vote for. Both have a two-year ban for violation of the rules.

Sources:

Which Real Estate Fund Managers are Registered with the SEC?

After looking at whether a fund manager is an investment adviser and whether real estate is a security, I looked at the Private Equity Real Estate News list of the 30 biggest private equity real estate firms in the world (.pdf). (Disclosure: my company is on the list.)

How many of them are already registered with the SEC.

1 The Blackstone Group Yes
2 Morgan Stanley Real Estate Investing Yes
3 Tishman Speyer
4 Goldman Sachs Real Estate Principal Investment Area Yes
5 Colony Capital Yes
6 LaSalle Investment Management Yes
7 Beacon Capital Partners
8 The Carlyle Group Yes
9 MGPA
10 Lehman Brothers Real Estate Private Equity Yes
11 CB Richard Ellis Investors Yes
12 Westbrook Partners
13 Starwood Capital Group Yes
14 AREA Property Partners
15 Prudential Real Estate Investors Yes
16 Rockpoint Group
17 daVinci Advisors
18 Grove International Partners
19 Hines
20 Lubert-Adler Real Estate Yes
21 RREEF Alternative Investments Yes
22 Walton Street Capital Yes
23 Citi Property Investors Yes
24 Angelo, Gordon & Co Yes
25 Bank of America Merrill Lynch Global Principal Investments Yes
26 Shorenstein Properties
27 Lone Star Funds Yes (Hudson Advisers)
28 Heitman Yes
29 Aetos Capital Yes
30 Rockwood Capital

If you do the math, 19 of the top 30 are already registered with the SEC as Investment Advisers. I expect to see several more in the “yes” column before July 21, 2011, the registration deadline under Dodd-Frank.

The PERE 30 measures capital raised for direct real estate investment through commingled vehicles, together with co-investment capital, over the past five years.

Job Description For CCOs of Advisers to Private Investment Funds

help wanted join the insanity now

Back in 2005, Associate Director Office of Compliance Inspection and Examinations of the SEC, Gene Gohlke gave a speech addressing hedge funds who would soon have to register under the doomed hedge fund rule. He focused on what the funds needed in a Chief Compliance Officer.

Rule 206(4)-7 requires a registered investment adviser to designate an individual responsible for administering the policies and procedures required to avoid violation of the Investment Adviser Act and its rules. That’s all the rule requires of a CCO.

The release adopting the Rule 206(4)-7 provides some more background on the requirement:

An adviser’s chief compliance officer should be competent and knowledgeable regarding the Advisers Act and should be empowered with full responsibility and authority to develop and enforce appropriate policies and procedures for the firm. Thus, the compliance officer should have a position of sufficient seniority and authority within the organization to compel others to adhere to the compliance policies and procedures. [C.1.]

The release also makes it clear that the adviser does not have to hire an additional person to take on the rule.

Knowledgeable

A CCO must have a good understanding of the requirements imposed by the Advisers Act, the related rules, and other aspects of the regulatory regime for advisers. A CCO should also remain current regarding changes to the regulatory requirements as the SEC changes and adds to them.

Competent

Gohlke lays out the need to have familiarity with the steps needed to create a compliance program:

  • Risk identification and assessment.  Know how to identify conflicts and other compliance factors creating risk exposure for the firm and its clients in light of the firm’s particular operations.
  • Creating policies and procedures. Address the risks identified. The policies and procedures should address all conflicts of interest and other risks the firm is exposed to and not a set of risks that advisers in general may have.
  • Implementation. Recognizing the principles of good management and controls.

Position in Organizational Structure

The compliance officer should have a position of sufficient seniority and authority within the organization to be able to compel others to adhere to the firm’s compliance policies and procedures. CCOs should be a member of the senior management of a firm.

The 24 Functions

Gohlke lays out a list of 24 functions that CCOs of advisers should perform or consider performing. (He admits that this ia an ambitious list and that they are above and beyond what is required by Rule 206(4)-7.)

  1. Advises senior management on the fundamental importance of establishing and maintaining an effective culture of compliance within the firm.
  2. Confers with and advises other senior management of the firm on significant compliance matters and issues.
  3. Is not only available but is sought out on a “consulting” basis regarding compliance matters and issues by business people throughout the firm. Should become known as the “go to person” on compliance matters.
  4. Becomes involved in analyzing and resolving significant compliance issues that arise.
  5. Ensures that the steps in the firm’s compliance process – risk identification, establishing policies and procedures and implementing those policies and procedures – are appropriate and are undertaken timely by staff of the firm to whom those functions have been assigned.
  6. Becomes personally involved in various steps of the process such as serving on risk or policies and procedures committees when necessary and appropriate.
  7. Ensures that compliance policies and procedures are comprehensive, robust, current and reflect the firm’s business processes and conflicts of interest.
  8. Ensures that appropriate principles of management and control are observed in the implementation of policies and procedures. These principles include separation of functions, clear assignment of responsibilities, measuring results against standards and reporting outcomes.
  9. Ensures that all persons within the firm with compliance responsibilities are competently and fully performing those functions.
  10. Ensures that quality control (transactional) testing is conducted as appropriate to detect deviations of actual transactions from policies or standards and that results of such tests are included on exception and other management reports and are promptly addressed, escalated when necessary, and resolved by responsible business people.
  11. Ensures there is timely and appropriate review of material and repetitive compliance issues as indicators of possible gaps and weaknesses in policies and procedures or risk identification processes and facilitates the use of such information in keeping the firm’s compliance program evergreen.
  12. Undertakes periodic analyses and evaluation of compliance issues found in the regular course together with the results of appropriate forensic testing conducted by compliance staff as a means for obtaining additional or corroborating evidence regarding both the effective functions of the firm’s compliance program and the possible existence of disguised or undetected compliance issues.
  13. Ensures that compliance programs of service providers used by the adviser are effective so that the services provided by these firms are consistent with the adviser’s fiduciary obligations to its clients.
  14. Establishes a compliance calendar that identifies all important dates by which regulatory, client reporting, tax and compliance matters must be completed to ensure that these important deadlines are not missed.
  15. Promotes a process for regularly mapping a firm’s compliance policies and procedures and conflicts of interest to disclosures made to clients so that disclosures are current, complete and informative.
  16. Manages the adviser’s compliance department or unit in ways that encourages proactive work, a practice of professional skepticism and “thinking outside the box” by compliance staff.
  17. Manages the adviser’s code of ethics which is a responsibility given to CCOs of advisers by rule 204A-1 under the Advisers Act.
  18. Undertakes or supervises others in performing the required annual review of an adviser’s compliance program. Every adviser is required to conduct at least an annual review of its compliance program. The review should consider any compliance matters that arose during the previous year, any changes in the business activities of the adviser or its affiliates, and any changes in the Advisers Act or applicable regulations that might suggest a need to revise the policies or procedures. Although the rule requires only annual reviews, advisers should consider the need for interim reviews in response to significant compliance events, changes in business arrangements, and regulatory developments.
  19. Reports results of the annual review to senior management and ensures that recommendations for improvements that flow from the review are implemented as appropriate.
  20. Is a strong and persistent advocate for allocating an appropriate amount of a firm’s resources to the development and maintenance of an effective compliance program and compliance staff.
  21. Recognizes need to remain current on regulatory and compliance issues and participates in continuing education programs.
  22. Ensures that staff of the firm is appropriately trained in compliance-related matters.
  23. Is the adviser’s liaison and point of contact with SEC examination staff, both during exams and as part of the SEC’s CCOutreach program.
  24. Is active in industry efforts to develop and implement good compliance practices for advisers to private investment funds.

That’s  a big list of things to take on.

Although the SEC does not require a separate individual to take on the role of CCO, I occasionally hear some skepticism when a person assumes this role as an additional part of their job. The question the SEC asks is “what responsibilities did you relinquish in order to have time to take on the CCO role?”

Sources:

Help Wanted image is by Andi Szilagyi

Another CCO in Trouble

With failure, comes learning. As a compliance officer, disciplinary actions against other compliance officers can be a road map showing me what not to do. Recently, the SEC charged affiliated firms and their former chief compliance officer with failing to have adequate policies and procedures to prevent misuse of nonpublic information.

Section 204A and Rule 204A-1 make it very clear that every investment adviser must have written policies and procedures reasonably designed to prevent the misuse of material, nonpublic information. Buckingham Capital Management Inc. and its broker-dealer parent company, The Buckingham Research Group Inc. apparently did not.

BRG and BCM’s policies and procedures were deficient in a number of ways. BRG had a written procedure to address the misuse of material, nonpublic information, but did not follow its written procedure in practice. Important compliance policies and procedures were not contained in BCM’s written policies and procedures. Further, in some instances, BCM’s written policies and procedures were so unclear that employees did not understand their responsibilities. In other instances, the practices BCM employed varied materially from its written policies and procedures. These failures led to inadequate implementation and enforcement of the firms’ written compliance policies and procedures.

That’s bad, but more likely to result in a deficiency letter than an enforcement action, assuming they were not misusing the information. The problem was that these deficiencies were discovered during a 2003 SEC examination. BCM said they would fix the problem.

Trouble

In preparation for a 2006 SEC exam,  BCM discovered it was missing more that 100 pre-approval forms for trades and that its compliance review logs for 2005 and 2006 were incomplete.

Rather than deliver incomplete records, BCM staff altered the records. This apparently angered the SEC and they moved the case from examination into enforcement.

The former CCO, Karp was censured and agreed to pay a $35,000 penalty.

Lessons

If the SEC tells you there is deficiency, fix it and make it a priority. The first thing they will look at on their next visit is the area of the deficiency. I’m still surprised that the SEC reported only 90% of deficiencies get cured.

Don’t falsify records. That will get the problem moved from the inspection side to the enforcement side of the SEC. That would be a CCO Failure. (The complaint indicates that Mr. Karp did not participate in the falsification.)

Sources:

Europe’s New Directive on Alternative Investment Fund Management

The European Parliament has approved the Directive on Alternative Investment Fund Managers. European countries will now be setting up a framework for regulating hedge funds and private equity funds. The AIRM Directive passed with 513 votes to 92 with 3 abstentions on November 10.

Under the Directive, an “alternative investment fund” is any collective investment undertaking which raises capital from a number of investors and is not registered under the EU’s Directive on Undertakings for Collective Investment in Transferable Securities (UCITS). So along with hedge funds, the directive sweeps up private equity funds, real estate funds and commodity funds.

One key and contentious provision is the inclusion of a single EU passport for fund managers. An alternative investment fund manager can register under the legislation in one Member State that complies with the rules of the Directive. Then the manager can manage or market funds to professional investors throughout the EU after notification. It will also eventually allows US and other non-EU fund managers to get a passport. There will be a dual system for three years during which US and other non-EU hedge funds and fund managers will be governed by national private placement regimes under each jurisdiction, until the passport rules take effect.

The directive has some limitations on the use of leverage by the funds and fund managers will be required to notify regulators about their use of leverage.

Here is a rough timeline for the directive and its effects:

January 2011 Entry into force of the directive
January 2013
(2 years after entry into force)		 Deadline for transposing the directive’s rules into national law, including those on granting
passports to duly-registered, EU-based, AIFs and AIFMs.
January 2015
(2 years after transposition)		 ESMA reports on functioning of passport system for EU AIFs and AIFMs, national private
placement regimes, and possible extension of passport system to non-EU AIFs and AIFMs.
April 2015
(at the latest 3 months after ESMA report)		 Commission adopts a delegated act, based on ESMA advice, specifying date when passports
for non-EU AIFs and AIFMs will be available.
April 2018
(3 years after entry into force of delegated act)		 Second ESMA report on the functioning of the passport and the possible ending of national
private placement regimes.
July 2018
(at the latest 3 months after ESMA report)		 Commission adopts a second delegated act, based on ESMA advice, specifying date
when national private placement regimes must be terminated.

I’m going to spend some time reading the Directive in more detail to figure how it will affect me. One thing is clear: It’s going to be more time-consuming and more expensive to market and manage private funds in the EU.

Sources:

Disciplinary Actions Against Chief Compliance Officers

The Chief Compliance Officer should be a model for employee conduct. I don’t thing there is any better way to lead and educate than to set an example.

Not all Chief Compliance Officers succeed in this role and some get subject to discipline. Here are some ways to get in trouble.

Participation in Wrongful Conduct

David A. Zwick, chief executive officer and chief compliance officer of Suncoast Capital Group, Ltd. was held liable for participating in a scheme with a salesperson he supervised to provide kickbacks to a bond trader.  In exchange for the kickbacks, Suncoast received securities transactions at prices favoring Suncoast and provided signification compensation to Zwick. He was found to have knowingly or recklessly approved fraudulent prices on Suncoast trades.

Failure to Supervise

In its release for Rule 206(4)-7 SEC Release No. IA-2204 the SEC stated:

Having the title of chief compliance officer does not, in and of itself, carry supervisory responsibilities. Thus, a chief compliance officer … would not necessarily be subject to a sanction by us for failure to supervise other advisory personnel. … Section 203(e)(6) provides that a person shall not be deemed to have failed to reasonably supervise another person if: (i) the adviser had adopted procedures reasonably designed to prevent and detect violations of the federal securities laws; (ii) the adviser had a system in place for applying the procedures; and (iii) the supervising person had reasonably discharged his supervisory responsibilities in accordance with the procedures and had no reason to believe the supervised person was not complying with the procedures.

Clearly a CCO has a role in addressing serious misconduct by employees. For an investment adviser, the CCO could be a supervisor and the failure to adequately supervise could subject the CCO to discipline for failure to supervise.

Pre-packaged policies and procedures manual

Consulting Services Group did that and failed to meet the SEC’s standards. Unfortunately for them, the pre-packaged manual did not match up to its business. They provide consulting services to mostly institutional clients. It helps them search for and select money managers, allocate assets, review performance, and design investment policies. The pre-packaged policies and procedures manual “failed to address adequately the conflicts of interest unique to CSG’s operations as a pension consultant, and many of the sections within these generic forms were completely inapplicable and irrelevant to CSG’s provision of investment advisory services to clients.” I would guess they manual they bought was designed for a retail investment adviser.

Email server

Among the things Richard Campanella was disciplined for was the failure to stop the use of non-company email. He received several emails from an employee and told him to stop using the outside email address. Even after three warnings, he field to discipline the employee. Apparently, the employee used the email extensively for business purposes. The end result was record-keeping failure.

Background checks

Westpark Capital’s Chief Compliance Officer was William Morgan. “Among other things, Morgan was responsible for maintaining and updating the Firm’s written supervisory procedures, supervising the branch office managers, performing background investigations and participating in hiring decisions, and determining whether representatives required heightened supervision and the parameters of that heightened scrutiny.” Unfortunately, the company hired some representatives who engaged in churning and made unauthorized and unsuitable trades in customer accounts.

Reporting

Tim Poulus, the Chief Compliance Officer for Olympia Asset Management, failed to report customer complaints to FINRA. (FINRA Case #2008011806301) That statistical and summary information required by NASD Rule 3070(c). The violation lead to a $10,000 fine.

Sources:

Fail is by Amboo who?

Voting and Compliance

The midterm elections are upon us, which means you get to vote for your next congressman and about a 1/3 of the senators are up for election and most of you get to vote for your senator. Don’t forget the state and local elections.

In many states that means employers must allow their employees to have time off to vote. In 31 states, voting takes legal precedence over work.

Make sure that you vote and that your employees have time to vote.

For each polling place here in my Commonwealth of Massachusetts:

  • They must display the national flag. [MGL c.54, §25A]
  • They can’t serve alcohol in the any portion of the building designated as a polling place. [MGL c.54, §24]
  • You also carry intoxicating liquor into the polling place. [MGL c.54, §73]
  • Voting machines have to suitably lighted so you can read the ballot. [MGL c.54, §33A]
  • You can’t smoke at the polling place. [MGL c.54, §73]

So if you’re trying to vote in Massachusetts and you just bought a drink, the lights are dim, you’re smoking a cigar and you can’t salute the flag, then your polling place is not in compliance.

Sources:

Image is from Woot! Shirts

Updated to correct my voting miscalculation.

Investment Advisers and Business Continuity Plans

When an investment adviser is designing its policies and procedures you need to identify the risks for their firm so they address those risks. A big risk is missing an applicable requirement under the regulatory scheme. So you sit down with the regulations and tie them to your specific policies and procedures.

An easy one to miss is the requirement for having a business continuity plan. It’s in Rule 206(4)-7.

Oh, you don’t see anything about business continuity in the rule? It’s not in the rule, it’s in the Release for Rule 206(4)-7:

We believe that an adviser’s fiduciary obligation to its clients includes the obligation to take steps to protect the clients’ interests from being placed at risk as a result of the adviser’s inability to provide advisory services after, for example, a natural disaster or, in the case of some smaller firms, the death of the owner or key personnel. The clients of an adviser that is engaged in the active management of their assets would ordinarily be placed at risk if the adviser ceased operations. [SEC Release No. IA-2204]

There is not much in the release to help you understand what is required, but there are two good places to help you.

One is to look at an intragency paper published by The Federal Reserve Board, the Office of the Comptroller of the Currency and the Securities and Exchange Commission on business continuity objectives. They lay out four broad sound practices for core clearing and settlement organizations and firms that play significant roles in critical financial markets:

  1. Identify clearing and settlement activities in support of critical financial markets.
  2. Determine appropriate recovery and resumption objectives for clearing and settlement activities in support of critical markets.
  3. Maintain sufficient geographically dispersed resources to meet recovery and resumption objectives.
  4. Routinely use or test recovery and resumption arrangements.

The other source (more practical source) is the disaster recovery requirements of broker/dealers. FINRA Rule 4370 is their emergency preparedness rule. They have a template for small introducing firms to help start designing a plan.

Sources:

Coffee and Compliance

I just sat down with a fresh cup of coffee from Green Mountain Coffee Keurig brewer. The smell of coffee mixed with stench of compliance failures coming from Green Mountain Coffee Roasters, Inc.

You know there is trouble when Sam Antar, the convicted felon and criminal CFO of Crazy Eddie, has you in his sights.

SEC inquiry

On September 20, 2010, the staff of the SEC’s Division of Enforcement informed the Company that it was conducting an inquiry and made a request for a voluntary production of documents and information. Based on the request, the Company believes the focus of the inquiry concerns certain revenue recognition practices and the Company’s relationship with one of its fulfillment vendors. The Company, at the direction of the audit committee of the Company’s board of directors, is cooperating fully with the SEC staff’s inquiry.

That’s from GMCR’s September 28 8-K filing.

When the SEC starts poking around your revenue recognition, it’s generally bad news for the company. The Motley Fool noticed that GMCR’s accounts receivables was growing faster than revenue growth. That increase in accounts receivables is seen when a company is trying to boost sales by giving its customers overly generous payment terms or aggressively trying book sales at the end of the quarter.

Then there is the timing of the disclosure. GMCR was notified on September 20, but did not file the report until 6 business days later on September 28. A 8-K report is supposed to be filed or furnished within four business days after occurrence of the event.

To top it off, there is the possibility of insider trading. Michelle Stacy, the president of the Keurig division sold some shares and options recently. On September 21, 2010, she exercised 5,000 options and then sold those shares for $37 per share.

The expiration dates for those options were not until November of 2018 and March of 2019. It seems a bit early to realize on those shares, but maybe she needed the cash. She had been exercising options.  On August 13 she exercised 30,000 options and exercised 5,000 options on September 13.

The problem is that she exercised options on the day after the company was informed of the SEC inquiry. It could just be a case of bad timing or it could be an illegal sale after acquiring material, nonpublic information.

That is the big problem with insider trading. It’s going to be hard to prove that she did not know about the SEC inquiry. With insider trading, there may be some email that contains a smoking gun. Or you could just be in an entirely implausible scenario.

Hopefully, GMCR has a program in place for corporate directors and employees to sell stock and exercise options. Then Ms. Stacy can show that she had started the program for exercising her options well before the SEC inquiry. Then she can prove that she did not know. Otherwise…..

Sources