Compliance Bricks and Mortar for May 17

These are some of the compliance-related stories that caught my attention this week.

The Board Member’s Oversight of AI Risk – Moving from Middle to Modern English

By Sean Dowd, Rich Kando, and Chris Crovatto, AlixPartners LLP
Harvard Law School Forum on Corporate Governance

Risk assessments take on many forms, but there are three critical components of a risk assessment that, when consistently applied, help to compartmentalize a company’s often highly complex risk environment and measure progress. A risk assessment requires (1) the identification of the inherent risks present within a company’s operations, in this case a company’s GenAI program and its use case, (2) the effectiveness of a company’s existing safeguards in addressing those inherent risks, and (3) the remaining residual risks after the application of those safeguards.

PCAOB Adopts New Quality Control and Auditor Responsibility Standards

by David Lynn
The Corporate Counsel .net

On Monday, the PCAOB adopted two new standards. First, the PCAOB adopted a new audit quality control standard, replacing the existing AICPA standard that pre-dated the creation of the PCAOB. The new standard requires all PCAOB registered firms to identify their specific risks and design a quality control system that includes policies and procedures to address those risks. 

How Bank Regulation and Supervision Can Weaken Financial Stability

By Hamid Mehran and Chester Spatt
The CLS Blue Sky Blog

We argue that bank regulation and supervision interfere with pricing risk by creating opacity. Given that market disclosures enhance the efforts of supervisors, and vice versa, more disclosure could enhance financial stability (see Spatt, 2010)[1]. In addition, we believe that disclosure would provide information on the competence and performance of regulators and supervisors (reducing adverse selection about regulators) and increase their incentives (reducing moral hazard). This would make capital markets more effective in addressing future banking problems and reducing reliance on bank regulators who have arguably failed the public. We question the value of withholding vast amounts of banks’ privileged information and argue that, although this unique regulatory practice has a long history, it is not ethical in the context of fair treatment of investors in public entities. Indeed, firms are required under the securities laws to disclose material nonpublic information, at least when they raise capital.

CFPB Survives Another Attack

Consumer Financial Protection Bureau v. Community Financial Services Association of America, Limited __ US ___ (2023)

The Bureau’s funding statute satisfies the requirements of the Appropriations Clause. The statute authorizes the Bureau to draw public funds from a particular source—“the combined earnings of the Federal Reserve System”— in an amount not exceeding an inflationadjusted cap. 12 U. S. C. §§5497(a)(1), (2)(A)–(B). And, it specifies the objects for which the Bureau can use those funds—to “pay the expenses of the Bureau in carrying out its duties and responsibilities.” §5497(c)(1). The Bureau’s funding mechanism also fits comfortably within the historical appropriations practice described above. P. 15– 16.

Investment Adviser Statistics

The Securities and Exchange Commission published its 2024 report on Form ADV data for investment advisers.

The number of advisers and total assets have increased dramatically.

From 2012 when Dodd-Frank implemented a change requiring fund managers to register the number of registered investment advisers and Exempt Reporting advisers has increased by 60% from 13,222 to 21,203. The Regulatory assets under management has increased 138% from $55 trillion to $128.8 trillion.

The number of private funds has tripled from 33 thousand to over 100 thousand, with gross assets also tripling from $9 trillion to $27 trillion.

For real estate funds, there 658 registered advisers with over $1.1 trillion in gross assets for the 5,215 real estate funds. Those are increases from 371 advisers, $0.3 trillion in gross assets in 1,827 funds in 2012.

Sources:

Customer Identification Programs are coming for private fund managers

The Securities and Exchange Commission and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) jointly proposed a new rule that would require SEC-registered investment advisers and exempt reporting advisers to have customer identification programs (CIPs). The proposed rule is designed to prevent illicit finance activity involving the customers of investment advisers. The proposal is generally consistent with the CIP requirements for other financial institutions, such as brokers or dealers in securities and mutual funds.

This proposed rule complements the separate FinCEN proposed from February 2024 to designate RIAs and ERAs as “financial institutions” under the Bank Secrecy Act and subject them to AML/CFT program requirements and suspicious activity report filing obligations. 

I think most fund managers are already taking steps to make sure they are not doing business with terrorists, drug-dealers and other sanctioned people. The proposed rule is going to require more paperwork for low-risk customer/clients/investors.

At this point its just a proposed rule. I think it will eventually be put in place and largely unchanged. It’s really just a question of timing. I assume they will try to put this rule in place with the same compliance deadline as the February proposal. There is a 60-day comment period and then time to address the comments. I’d guess fourth quarter of 2024 for publication of the final rule and 2025 year-end for a compliance deadline.

Sources:

Compliance Bricks and Mortar for May 10

These are some compliance-related stories that recently caught my attention.

SEC Grants $2.4 Million Whistleblower Award to Compliance Official

by Geoff Schweller
Whistleblower Network News

The SEC order further clarifies that while the whistleblower learned of the misconduct in a role where their principal duties involve compliance or internal audit responsibilities, they were eligible for an award because “Claimant reported the information internally to Claimant’s supervisor and to the Chief Compliance Officer or its equivalent, and then waited at least 120 days to report the information to the Commission.”

SEC Rule 240.21F-4(b)(4)(iii)(B) provides for this 120-exception for compliance and audit whistleblowers.

The SEC Whistleblower Program had a record setting year in the 2023 Fiscal Year. The program issued nearly $600 million in whistleblower awards, the most ever in a fiscal year, including a $279 million award, the single largest award in program history. The whistleblower program also received a record 18,000 whistleblower tips over the course of the fiscal year.

Many Places Still Have Not Recovered from the Pandemic Recession

by Jaison R. Abel, Richard Deitz, Jonathan Hastings, and Joelle Scally
Liberty Street Economics

Employment fell nearly 15 percent in the United States between February 2020 and April 2020—a shockingly large decline in such a short period of time. The country had dug itself out of this massive hole by the summer of 2022, recovering all of the jobs that were lost, and employment is now nearly 4 percent above pre-pandemic levels. As the map below shows, however, the recovery has been uneven and remains incomplete in many places. Indeed, while most metro areas have recouped the jobs that were lost during the recession (shown as blue dots), more than 25 percent still have not (shown as red dots). Most of these areas are concentrated in the Rust Belt along the Great Lakes, though clusters are present in parts of the South—Louisiana in particular—as well as in California, Oregon, and Hawaii. In fact, employment is still more than 5 percent below pre-pandemic levels in New Orleans, and more than 3 percent below in Honolulu and San Francisco. Likewise, sizable job shortfalls remain in Cleveland, Detroit, and Pittsburgh. At the other end of the spectrum, employment in fast-growing parts of the country such as Austin, Boise, Phoenix, Raleigh, Charleston, and Sarasota is now more than 10 percent above pre-pandemic levels.

Regulator Explores Naming Companies Tied to Auditing Deficiencies Amid Investor Pushback

By Mark Maurer
The Wall Street Journal

“That’s an issue that we have definitely heard, and it’s under consideration,” Public Company Accounting Oversight Board Chair Erica Williams told The Wall Street Journal, referring to investor feedback. “There have been previous boards that have focused on that issue, and so we’re looking at the work that they’ve done there.” 

PCAOB staff are looking into this issue as it has for years under previous boards, Williams said. No formal consideration is under way, meaning the staff could recommend the issue be added to the agenda or drafted as a proposal for the board to vote on, but hasn’t yet, she said. 

Behind Nigeria’s Arrest of Binance Employee, Claims of a Bribe Request

By David Yaffe-Bellany and Emily Flitter
The New York Times

On a trip to Nigeria in January, Tigran Gambaryan, a compliance officer for the giant cryptocurrency exchange Binance, received an unsettling message: The company had 48 hours to make a payment of roughly $150 million in crypto.

Mr. Gambaryan, a former U.S. law enforcement agent, understood the message as a request for a bribe from someone in the Nigerian government, according to five people familiar with the matter and messages reviewed by The New York Times. He and a group of his Binance colleagues had just met with Nigerian legislators, who accused the company of tax violations and threatened to arrest its employees.

FTX Customers Poised to Recover All Funds Lost in Collapse


By David Yaffe-Bellany
The New York Times

But the recoveries come with a caveat. The amount owed to customers was calculated based on the value of their holdings at the time of FTX’s bankruptcy in November 2022. That means customers won’t reap the benefits of a recent surge in the crypto market that sent the price of Bitcoin to a record high. A customer who lost one Bitcoin when FTX imploded, for example, would be entitled to less than $20,000, even though a Bitcoin is now worth more than $60,000.

The One With the Career Advice Becoming Insider Trading

You’re sitting poolside sipping on margaritas with your buddy. You’ve always wanted to work together and your buddy says that now would be a good time to do so. You ask, what about your current position. Your buddy, with a few margaritas in his gut, tells you that his current position is uncertain because the company is going to get sold.

What should you not do?

(A) Buy you buddy another margarita
(B) Buy some nachos
(C) Buy stock in your buddy’s company

Steven Masterson chose (C) and that was the wrong answer.

His buddy worked at Dover Motorsports, a public company. The information that the company was getting sold is Material, Non-Public Information. He should have known that the information was confidential and he shouldn’t trade on it.

Instead Mr. Masterson called his investment adviser and directed a purchase of $100,000 worth of stock in Dover Motorsports. Two months later the acquisition was announced and Mr. Masterson made a tidy profit.

At least until the Securities and Exchange Commission got involved and accused Mr. Masterson of insider trading. He disgorged his tidy profit and paid a fine equal to that profit.

Sources:

Initial Observations Regarding Advisers Act Marketing Rule Compliance

With the issuance of the Marketing Rule for Investment Advisers (Rule 206(4)-1) decades of interpretations and guidance were wiped out. We’ve been waiting to see what falls under those seven general prohibitions in the Marketing Rule. We’ve been thirsting for more guidance.

We’ve gotten some additional clarification on the performance aspects of marketing. We know we can’t put hypothetical performance on a website. We know the net and gross returns have to be calculated in the same manner. (see FAQ 4).

The Division of Examinations released a Risk Alert with the Initial Observations Regarding Advisers Act Marketing Rule Compliance that provides some of that additional guidance of what not to do. It’s mostly a hit list of what not do.

  1. Don’t claim that your investment processes were validated by professional institutions when they were not.
  2. Don’t state that you considered certain risk tolerances when recommending investment strategies when all clients were placed into the same strategy without consideration of risk tolerances.
  3. Don’t reference a formalized securities screening processes that did not actually exist.
  4. Don’t describe yourself as a “private fund adviser” when you don’t actually advise any private funds.
  5. Don’t say that you received awards that you didn’t actually receive.
  6. Don’t say you are different from other advisers because you act in the “best interest of clients”. (Without disclosing that all investment advisers have a fiduciary duty to act in their clients’ best interests.)
  7. Don’t say that were “seen on” national media, without disclosing that the “appearances” were in fact paid advertisements.
  8. Don’t include the Securities and Exchange Commission logo on your website.
  9. Don’t claim that you achieved above average performance results without disclosing that you did not yet have clients or performance track records.
  10. Don’t print disclosures in an unreadable font on websites or in videos.
  11. Don’t use outdated market data information.
  12. Don’t market performance of only realized investment information in the total net return figure and exclude unrealized investments.

These dozen are just some of the anecdotes mentioned in the Risk Alert. Most of these are very obvious failures.

Sources:

Another Fund Manager Falls Victim to a Political Contribution

Another fund manager was heavily fined for an employee making a political contribution. Wayzata Investment Partners had to pay a $60,000 fine.

The Minnesota State Board of Investments made $300 million in commitments to Wayzata funds from 2007 to 2013. In 2022 a Wayzata employee made a $4000 campaign contribution to a Minnesota elected official who was up for re-election. The board of the Minnesota State Board of Investments consists of the Governor, State Auditor, Secretary of State, and Attorney General. All are elected offices. Neither the name of the employee or the politician are named in the SEC action.

Under SEC Rule 206(4)-5 a covered associate of a registered investment adviser can not make a contribution of more than $150 to a elected official who can directly or indirectly influence investment decisions. The Minnesota State Board of Investments falls under the coverage of the Rule.

The $60,000 fine was levied even though the funds were closed-end funds with no opportunity for withdrawal. The contribution was years after the commitments were made. There was no finding that there was a connection between the government investment and the political contribution. Under the Rule, the SEC does not have to prove any connection.

The fine is much less than the full penalty under the SEC rule which would be forfeiture of 2 years of management fees and carried interest. 

As with some other political contribution fines, Commissioner Peirce dissented from the decision in this case. She points out the stifling of political participation.

I’ll point out the magnitude of the fine. In most SEC cases the subject ends up paying a fine that matches the damage. In these political contribution cases, the subject is paying over a 10x penalty.

More Reading:

Compliance Bricks and Mortar for April 26

I haven’t published one of these in a while. Here are a bunch of compliance-related stories that recently caught my attention.

In Silicon Valley, You Can Be Worth Billions and It’s Not Enough
by David Streitfeld in The New York Times

Twenty one years later, Mr. Bechtolsheim may have seized a different kind of opportunity. He got a phone call about the imminent sale of a tech company and allegedly traded on the confidential information, according to charges filed by the Securities and Exchange Commission. The profit for a few minutes of work: $415,726.

Two SEC Lawyers Resign After Agency Censured for Abuse of Power in Crypto Case
By Austin Weinstein in Bloomberg

But the asset freeze was reversed after Shelby found that the SEC may have made “materially false and misleading representations.” The judge would go on to sanction the SEC for “gross abuse of the power entrusted to it by Congress” and ordered the agency to pay some of DEBT Box’s attorney’s fees.

Biden-Harris administration announces rule to protect retirement savers’ interests by updating investment advice fiduciary definition

The Biden-Harris administration announced today that the U.S. Department of Labor has finalized its Retirement Security Rule to protect the millions of workers who are saving for retirement diligently and rely on advice from trusted professionals on how to invest their savings. This final rule will achieve this by updating the definition of an investment advice fiduciary under the Employee Retirement Income Security Act and the Internal Revenue Code.

The final rule and related amended prohibited transaction exemptions require trusted investment advice providers to give prudent, loyal, honest advice free from overcharges. These fiduciaries must adhere to high standards of care and loyalty when they recommend investments and avoid recommendations that favor the investment advice providers’ interests — financial or otherwise — at the retirement savers’ expense. Under the final rule and amended exemptions, financial institutions overseeing investment advice providers must have policies and procedures to manage conflicts of interest and ensure providers follow these guidelines.

Supreme Court Rejects Securities Lawsuit Based On “Pure Omission” From SEC Filings
By William M. Jay, Daniel Roeser, Douglas H. Flaum, Jesse Lempel
Goodwin Procter

In a narrow but potentially significant decision, the Supreme Court has held that securities-fraud plaintiffs cannot recover based on a “pure omission” from a company’s public statements under the most common legal basis for private securities lawsuits, the SEC’s Rule 10b-5(b).  The Court’s unanimous April 12 decision in Macquarie Infrastructure Corp. v. Moab Partners L.P. wipes out precedent from the Second Circuit that potentially made any omission from the “Management’s Discussion & Analysis” (MD&A) section of periodic reports filed under the federal securities laws actionable.

A Reminder that Hypothetical Performance Does Not Belong on Your Website

The Securities and Exchange Commission brought actions five investment advisory firms for violations of the Marketing Rule. The firms posted advertisements that included hypothetical performance on their websites.

The SEC points out that websites are available to the general public and not “presenting hypothetical performance relevant to the likely financial situation and investment objectives of the intended audience.” Of course, a firm’s website and the materials posted to it are going to be considered advertisements for advisory services.

As a reminder, Advisers Act Rule 206(4)-1(e)(1) defines hypothetical performance as performance results that were not actually achieved by any portfolio of the investment adviser and includes, but is not limited to:

  • Performance derived from model portfolios;
  • Performance that is backtested by the application of a strategy to data from prior time periods when the strategy was not actually used during those time periods; and
  • Targeted or projected performance returns with respect to any portfolio or to the investment advisory services with regard to securities offered in the advertisement.

One thing I found curious about four of the five actions is that those four removed the advertisements containing hypothetical performance on June 8, 2023 before being contacted by SEC staff. What happened on that date to these four?

Sources:

Who knows what evil lurks in the hearts of men? The Shadow knows!

It survived motions to dismiss, summary judgment and now has survived a jury. The Securities and Exchange enlargement of insider trading, shadow trading, stuck through the case against Matthew Panuwat.

The SEC alleged that Mr. Panuwat traded in the stock of Incyte Corporation based on highly confidential information. Incyte was in a similar business to his employer, Medication, Inc. Mr. Panaway had learned about an impending announcement of Pfizer Inc.’s acquisition Medivation, Inc. He assumed that the stock price of Incyte would rise based on the valuation Pfizer placed on Medivation for the acquisition.

There is no doubt that knowledge of the Pfizer/Medivation transaction was material non-public information. Mr. Panaway clearly could not buy stock in Medivation ahead of the announcement. He didn’t.

Mr. Panawat took an aggressive approach to the Incyte share price. He purchased out-of-the-money options and lots of them. He purchased a majority of the daily volume of those options. The total purchase price was about half of his annual salary. He had not previously invested in Incyte. It was the biggest trade he had made. I’m sure the trades raised red flags at his brokerage which were reported to the SEC.

The jury decided that

  • Mr. Panuwat had owed a duty of “trust, confidence or confidentiality” to Medivation as a result of his employment.
  • Mr. Panuwat possessed nonpublic information as a result of his employment, that was material to Incyte.
  • Mr. Panuwat purchased the Incyte options on the basis of that nonpublic information.
  • Mr. Panuwat had “acted recklessly” in purchasing the options.

How do you deal with this from a compliance perspective? Would Incyte have been on blocked list for the investment bankers involved in the transaction?

Sources: