Does the SEC understand the constraints under which some Chief Compliance Officers (CCOs) work? Yes, mostly…

At the recent 2015 National Society of Compliance Professionals National Conference keynote speaker, U.S. Securities and Exchange Commission Director, Division of Enforcement Andrew Ceresney  shared that he has “come to appreciate that the state of a firm’s compliance function says a lot about the firm’s likelihood of engaging in misconduct and facing sanctions.”

While a good bit of his team’s time is spent looking at firms and firm management, he noted that CCOs, too, face scrutiny under the compliance microscope. In particular, he highlighted recent matters involving Rule 206(4)-7 under the Investment Advisers Act of 1940 — and how the SEC views compliance officer actions in connection with the written policies and procedures and annual review required under the Rule.

Because it’s the rule…

In 2003, the Commission proposed and adopted Rule 206(4)-7. While generally addressing inappropriate behaviors on the part of fund advisers, broker-dealers, and other service providers, Ceresney focused on the ” failure of an adviser or fund to have in place adequate compliance controls.”  In response, the Commission, among other things, adopted Rule 206(4)-7. The Rule requires registered investment advisers to adopt and implement written policies and procedures reasonably designed to prevent violation[s]” of the Advisers Act and the rules thereunder and periodically “[r]eview . . . the adequacy of the policies and procedures . . . and the effectiveness of their implementation.”

                Rule 206(4)-7 requires every registered investment adviser to designate a CCO, and, the Adopting Release notes that CCO should be competent and knowledgeable regarding the Advisers Act and empowered with “full responsibility and authority to develop and enforce appropriate policies and procedures for the firm.” Moreover, the CCO is “responsible for administering [the adviser’s] compliance policies and procedures.”

According to Ceresney, the Commission in this rule sought to empower CCOs within their organizations and also placed certain responsibilities upon them. As a result, he says, the actions brought against CCOs charged with causing violations are the result of “a wholesale failure to develop such policies or to implement them.”

Do your job

Ceresney cited the SEC’s recent action against AlphaBridge Capital Management’s CCO. In this instance, the CCO was also a co-portfolio manager who affirmatively misled the fund administrator and auditor about asset values.

The SEC also charged Parallax’ CCO for compliance-related violations where he, in the course of an exam, altered documents to deceive the staff about whether the firm had conducted the required annual compliance review. Ceresney’s division also charged a former Wells Fargo Advisors compliance officer who altered a document before it was provided to the SEC during an insider trading investigation. The compliance officer, responsible for identifying and reviewing potentially suspicious trading by Wells Fargo personnel or the firm’s customers and clients, conducted a review of a broker’s trading and closed her review with no findings. Following the broker’s charge with insider trading, the CCO altered her review document to make it appear she had performed a more thorough review than she actually had and provided the document to SEC staff. An administrative law judge found her liable for violating the federal securities laws, although he imposed no remedies.

CCO failure to execute

Ceresney also says his Division will charge CCOs who have “exhibited a wholesale failure to carry out his or her responsibilities.” This is, he notes a very small number (only five enforcement actions against individuals with CCO-only titles), but which typically generate a great deal of attention.

In BlackRock, the firm did not have any written policies and procedures regarding the outside business activities of its employees, even though the BlackRock CCO knew of and approved numerous outside activities engaged in by BlackRock employees. BlackRock’s CCO also was involved in extended discussions about a significant outside family business of a senior portfolio manager that posed a conflict with the investments his funds held. Despite these red flags, the CCO failed to develop and implement written policies and procedures to assess and monitor the outside activities of BlackRock employees and to disclose related conflicts of interest to the BlackRock funds’ boards and to advisory clients.

While the firm was charged with failing to disclose the conflict of the senior portfolio manager to the fund boards; the SEC charged the CCO with a wholesale compliance failure.

In another action, involving SFX, an employee of the investment adviser with full signatory power over client bank accounts misappropriated client assets for more than five years by withdrawing money directly from those accounts. The CCO was not involved in and was not charged with the misappropriation. However, he was charged with causing the firm’s violation of Rule 206(4)-7. The firm’s policies and procedures specifically assigned the CCO with responsibility to implement the firm’s policy requiring review of “cash flows in client accounts.” Yet, for more than five years, the CCO failed to ensure that any review occurred, even though certain SFX employees had full signatory power over client bank accounts.  Had he implemented the firm’s cash flow review policies, SFX likely would have uncovered the misappropriation years earlier.

In both these instances, Ceresney says, the CCO’s compliance failures generated significant consequences.

Protect yourself and your firm

Failure to carry out one’s compliance responsibilities has consequences. So don’t fail!

If a shortage of time, money, or people is the problem, consider outsourcing. Because beyond operating within the law, you must make sure you’ve got the right compliance processes and procedures in place so that your firm has and can produce data and records when the SEC and FINRA demand it. Let’s talk about how your peers are outsourcing the burden of tracking and organizing data and documents to independent regulatory archival and compliance solutions specialists, like us to help keep compliance processes and procedures running smoothly and compliantly. Ask about Patrina’s cost-effective and comprehensive regulatory archival and compliance solutions specifically designed for Broker/Dealers, RIAs, and FCMs.

Let’s talk: 212-233-1155.