Now that you’ve seen what ACA Insight has to offer, don’t be without it. Subscribe now!

The weekly news source for investment management legal and compliance professionals

Current subscribers - please log in to the website in the upper right-hand corner

News December 5, 2011 Issue

What It Takes to Be an Effective CCO

Whether youíre a grizzled expert in registered life or looking ahead to newly registered status beginning early next year, when it comes to being your firmís CCO there are a few tricks to the trade.

The SEC has recently turned a spotlight on the role of CCO. Over the past year, OCIE officials have been spreading the word that OCIE will seek to empower the role of CCO through the examination process. The SEC has increasingly brought a number of enforcement actions highlighting adviser CCO weaknesses, offering a roadmap of doís and doníts for CCOs and firm management alike.

Earlier this month, Private Equity International (PEI) offered tips for mastering the critical CCO role from a panel of experts at its Private Fund Compliance Forum in San Francisco.

Divide and conquer.

First, you canít do it alone, said Blum Capital CCO and general counsel Gwen Reinke. Inventory all you need to do and then look within your firm to see who can do it. Your IT person could help with the soft dollar review, for example. Assign personal trading review to another person. The CCO is responsible for training staff, overseeing them, and reviewing the work, but the CCO himself is not responsible for performing all the work, she said.

Catherine Ziobro, CCO for The Carlyle Group, oversees a compliance staff of ten, soon to be eleven, and she also leverages staff outside the compliance group to assist with compliance matters. For example, thereís so much compliance surrounding the trading desk environment, she has "deputized" individual team members as "mini-CCOs" for their team, a practice that is officially embedded in Carlyleís policies and procedures.

Helane Morrison, Hall Capital Partners CCO and general counsel and formerly the regional director of the SECís San Francisco office, urged automation to leverage resources. More automation allows you to get things done with less "people power," she said. "I used to think that only the biggest firms could afford support, but itís not true," said Morrison. Reinke agreed. "Even as a small firm, itís affordable."

To whom does the CCO report?

Common reporting lines are to the general counsel, to the board of directors or a committee of the board, such as the audit committee. The three co-foundersí office doors are always open, too, said Ziobro.

Reinke reports daily to her firmís management committee. Her firm also has a compliance committee made up of partners from the functional areas of the firm that among other things, acts as a sounding board when compliance or conflict issues arise. The goal is risk mitigation and avoidance of loss, said Reinke. For her, the firmís partners are great sounding boards.

Morrison reports directly to the CEO of her firm. "Support from the top is critical," especially when youíre trying to implement policies and procedures, she said.

What about conflicts when the CCO wears more than one hat?

Reinke said she has structured responsibilities at her firm so that thereís one attorney who handles the day-to-day responsibilities, and she relies on outside counsel for assistance with more difficult or labor-intensive issues. She oversees all activities, sometimes with a more stepped-back approach. Wearing multiple hats can be an advantage, she said. It keeps conflict issues to the fore, prompting questions and getting answers from others. Sometimes it means taking the most conservative approach to avoid any potential issues. That might be the easy way, but "I think that can be a way to go," said Reinke.

Ziobro agreed, but added "you canít be Dr. No." Sometimes the point of entry in the analysis is "no," but you have to be perceived as a business partner in the enterprise. Think about how you can brand your program as an active participant in the firmís business. "You donít want to be viewed as someone whoís just standing in the back saying no and checking boxes," she said.

Thereís so much going on, how do CCOs keep up?

Many resources will bring the news to you, said Reinke. Subscribe to law firm alerts, join the Investment Adviser Association, read compliance newsletters. Your peers are a great resource, too, she said. Morrison formed the Bay Area Fund Forum, for example, that acts as a networking and support group that is very helpful. Training sessions educate the CCO, too, and of course, attending conferences helps to keep up with developments.

Pitfalls for CCOs to avoid.

It isnít enough to have compliance policies, as CCO, you must implement them, said Morrison. CCOs canít let compliance slide, and if the job isnít getting done, CCOs need to ask for help.

Yes, compliance responsibilities should be taken very seriously, said Reinke. It is a daunting task, but keep working at it. You have to have a plan. It takes time and it takes effort, but it really pays off, she said. " I feel now that I have mini compliance officers all over the organization who understand the rules and help."

Ziobro echoed the sentiment. You can have the best policies around, but if no one knows what they are, itís no good. Training is the toughest aspect of the job in her opinion, but itís critical to get the message out there. It isnít just training sessions, either. "On-boarding" is important Ė making sure new hires get the rules when they walk in the door. Take advantage of teachable moments too, she said. Push them out to staff in emails, not just in training sessions. One of her emails was followed up by another from one of the firmís co-founders emphasizing the importance of the point. Thereís no substitute for that kind of reinforcement, she said.

The annual review is the backbone of your compliance program, said Reinke. CCOs canít wait and think it is a once-a-year sit-down process, however. The annual review also takes some up-front planning, and portions are executed all year. She is constantly having dialogs with staff, for example, asking if the compliance policies match what is really going on. The annual review shows all the work youíve done, and is an evaluation of how youíre doing, said Reinke.

Weíve adopted a "compliance calendar," said Morrison. It is a roadmap of the compliance year, scheduling when itís time to update the firmís Form ADV, deadlines for the annual review, compliance manual review and other compliance checks and testing. Then, as you go through the months, it is easier to stay on top of things, she said.

Also to note Ė CCOs must perform a risk assessment of the firmís business and compliance exposures. It is not in the rules, but the SEC expects that youíve done it, said Morrison. Ziobro said her firm not only has its risk matrix, but now has a chief risk officer that evaluates, tracks and manages the firmís risk. The risk matrix itself is the one place that includes policies and procedures and controls the firm has in place to manage specific identified risks. The document is something that will show the SEC that youíre on top of it, she said.

The key to success Ė support from the top.

The panel emphasized that the only way to run a truly effective compliance program is with the support and buy-in of management.

View the CCO role as an important part of management, said Ziobro. Keep open channels with management and talk with them. Sit with management and run through the high points of compliance, including the consequences of non-compliance.

Get support from the top and have it be visible, said Morrison. For example, training on gifts and entertainment happens at this time of year, and the CEO of her firm makes that presentation. The CEO also issues reminder memos throughout the year on various compliance topics.

Training is not just for staff but for management, too. Get senior management buy-in to the process, said Reinke. It is a great example to set.