Now that you’ve seen what ACA Insight has to offer, don’t be without it. Subscribe now!

The weekly news source for investment management legal and compliance professionals

Current subscribers - please log in to the website in the upper right-hand corner

News May 14, 2012 Issue

Lawyers, Guns, and Money – What It Takes to Run a Successful Compliance Program

At a recent compliance conference, four CCOs of newly registered private fund advisers talked about what they’re doing now that they’ve crossed the Form ADV registration hurdle. Because private fund advisers are by name and nature private, this article refers to the speakers as CCO A, CCO B, CCO C, and CCO D, and all speakers as "he," to protect their anonymity.

The three most intrusive policies.

In the opinion of the panel, the three most intrusive policies for personnel in their new regulatory environment are:

  • Email surveillance;
  • Insider trading issues (personal trading reports); and
  • Political giving restrictions.

Email surveillance. Although roughly one third of the new registrant attendees indicated that they were not conducting regular email reviews yet, the CCO panel encouraged incorporation of that practice. The primary reviewer should be the CCO or a non-CCO attorney, said CCO C.

There’s no formal SEC guidance on how often to conduct email surveillance, how deep to look, said CCO B. Common methods include keyword searches, random day or week checks, and targeted searches around particular trades or events. You should be developing your protocols now, said CCO C.

The SEC does expect email surveillance as part of an integrated, well functioning compliance program, said CCO D. If you’re not doing it, the heat gets turned up in other areas. One method he uses is to call employees and ask them about certain email content he finds. It sends the message that you are actively watching, and lets personnel know heightened areas of concern, he said.

How to handle smoking gun emails.

First, if you find something that doesn’t feel right, you have to address it somehow or another, said CCO A. The SEC will find it, and it will only get worse. Start an internal investigation, check around, talk to the email’s author to understand the context. Does it involve a trade? Research it. Does it involve information flow? Look for other emails. Interview other employees. If you discover something that could expose the firm to liability, get outside counsel involved. You need that privilege for conversations and advice, he said.

Maybe the issue is not so grave. You may find that an employee simply is not reporting gifts and entertainment like they should, or you learn of a political contribution they should have reported. When you find these things and correct them, it builds that culture of compliance in the firm.

One very important thing to note is that confidentiality is extremely important, said CCO A. Without it, you will lose credibility and respect. Discuss what you find only with the person to whom it applies, at least until the situation calls for something different.

Insider trading. Insider trading can be tough to negotiate because you’ve got smart people pushing back on personal trade reporting requirements, said CCO C. Once they understand the rationale for the policy though, and buy in and believe it is the right answer, you get a lot more cooperation. Six months from now, once people have filed a couple of quarterly reports, "I don’t think it will be such a big deal," he said.

CCO A observed that personal trading is a sensitive issue because it is not just the employee’s trading that must be reported, but also their spouse’s trading. This becomes a very complicated issue for a lot of people, he said. For example, what do you do when you have an employee living with someone, but they’re not married. Think about adding policies such as no single security trading. At least restrict personnel from trading in your shop’s specialty, he said.

"We do not take any pleasure in reviewing personal trading records. We don’t enjoy reviewing emails. These are things we have to do. When the SEC comes into your shop, they are going to look at personal trading, they are going to review emails. You have to be there first," said CCO A.

Evolution of the CCO role.

Compliance is no longer a back-office function, it is now a mid- and front-office function, said CCO A. The CCO must have appropriate experience, and is now involved in all aspects of the business. It is a "real C-level position," with a seat at the table. The CCO is now consulted on all aspects, trading, etc.

Firms need to be educated on the CCO’s job and responsibilities. For the CCO’s part, you’ve got to get out of your office, meet with the business units, understand how to be a resource to them, he said. Walk around, talk to people and ask questions, he suggested. He sits in on research meetings and listens to their idea generations, for example. He asks questions on sources of information, and weighs in on restrictions for new products. The goal is a culture where people come to you with questions because they want to know where the edges are. It takes a while to get there. You go to them, and they will come to you, he said.

Visible support for your role from the top of the firm is very important, said CCO D. The job requires you to feel your way along in a lot of situations. If you’ve got the backing of other senior officers in the firm, you’ve got everyone’s backing. CCO A agreed. You need senior buy-in, or the employees will know. There’s no culture of compliance if senior management isn’t supporting you.

Old relationships, new requirements.

The formal representations of firm practices that were never memorialized before is a big change, said CCO B. Another change is the interplay of old relationships and the new requirements. We now use multiple law firms to meet the regulations.

"It’s messy, and we’re slogging through it, too," said CCO D. For example, some law firms might know the Advisers Act better than the law firm that is an expert on your fund(s).

The CCOs split, generally based on their business models, on whether they had a single primary law firm or multiple law firms review their Form ADV prior to registration.

CCO A said his firm has always maintained multiple outside counsel due to the nature of the adviser’s business. For example, he recently brought in new counsel to help them with certain trading issues, and another law firm that has expertise in distressed debt.

You need the right people, suggested CCO A. It is not about the "right" law firm, every law firm has experts in a variety of fields. It is important that your outside counsels understand the firm’s business, and you’re going to have to pay them to ramp up. Don’t make the mistake of limiting counsel to just the area of your business that they’re advising on, he said. Any counsel must understand the business as a whole and how their piece fits in, said CCO A. "I get heat on legal fees and I always will, but it’s worth it to do your job effectively," he said.

Hired guns – the benefits of using a compliance consultant.

It is also important to bring in a compliance consultant, said CCO A.

Consultants are better than attorneys at troubleshooting what the SEC wants or will look at, said CCO C.

We also use an outside consultant, it is a key component to identify gaps in your compliance program, said CCO D.

CCO A hired a compliance consultant for the first time several years ago. It is important to have unbiased eyes come in, especially when the program is your baby, something that you’ve personally built. "Of course I like our compliance program – I wrote it," he said. "I think it’s fantastic. I don’t think I’m going to be eager to write down things I found wrong about it." Consultants can be more honest critics, he observed.

When selecting a consultant, get input from firms similar to yours, he said. It should guide you to a consultant that is familiar with your space. "One thing you don’t want to be is an outlier in this business," said CCO A.

Words of advice.

CCO B: The competition has a supercomputer in Frankfurt, and you have a slide rule in your basement. We’ve all had those moments, just keep at it and do what you can with your resources.

CCO A: Don’t permit your employees to discuss firm business in their personal emails. The SEC can subpoena them if they think it could be related to an investigation.

CCO C: I absolutely echo that. Our policy is that if you use your personal email for work, we can review it. It is our right or we can terminate the employee for cause.