These are some of the compliance-related stories that recently caught my attention. It’s a lot of Coronavirus, but not all of it.
New FINRA Guidance on Pandemic Risks
Matt Kelly
Radical Compliance
Another day, another gumdrop of guidance from financial regulators that’s worth reading for the whole compliance community. This time it’s FINRA, which published a bulletin Monday reminding broker-dealer firms about how to manage pandemic risk.
http://www.radicalcompliance.com/2020/03/10/new-finra-guidance-pandemic-risks/
FINRA has Rule 4370 for broker-dealers, which requires them to draft and maintain a business continuity plan. That rule doesn’t cite pandemics per se, but does say the business continuity plan (BCP) should address “significant business disruption,” which coronavirus certainly is.
Coronavirus and securities compliance related considerations
Brian Dunlay
Federal Securities Law Source
On March 4, 2020, the Securities and Exchange Commission issued an Order granting conditional relief from certain filing obligations under the federal securities laws for reporting companies whose compliance may be delayed by the coronavirus disease (COVID-19). In the press release accompanying this unprecedented Order, SEC Chairman Jay Clayton noted, “The health and safety of all participants in our markets is of paramount importance. While timely public filing of Exchange Act reports is a cornerstone of well-functioning markets, we recognize that this situation may prevent certain issuers from compiling these reports within the required timeframe.”
https://www.fedseclaw.com/2020/03/articles/other-articles/coronavirus-and-securities-compliance-related-considerations/
COVID-19: Evaluating the Need for In-Person Fund Board Meetings and Other Considerations for U.S. Asset Managers
Lori L. Schneider and Marguerite W. Laurent
The National Law Review
In our recent experience, fund boards of directors, in consultation with fund advisers, have begun to consider alternative options to in-person board meetings in light of COVID-19 concerns. Some have decided to hold their meetings telephonically, while others have opted to permit those directors who would need to travel to the meeting to instead attend the meeting telephonically, with those who live in close proximity to the meeting location attending in person. Fund complexes likewise have been reviewing meeting agendas to determine whether any in-person approvals are required under the 1940 Act. To the extent they are, funds that determine to rely on the IDC Letter and/or IM Statement should have the board make a determination (presumably before or at the beginning of the meeting) regarding the unforeseen or emergency circumstances that make reliance on the no-action position appropriate.
https://www.natlawreview.com/article/covid-19-evaluating-need-person-fund-board-meetings-and-other-considerations-us
Pervasive Threat of Business Email Compromise Fraud
Jennifer Archie and Serrin Turner
Harvard Law School Forum on Corporate Governance
Business email compromise is a type of Internet-based fraud that typically targets employees with access to company finances—using methods such as social engineering and computer intrusions. The objective of the fraud is to trick the employee into making a wire transfer to a bank account thought to belong to a trusted partner, but that in fact is actually controlled by the fraudster. According to the FBI, between May 2018 and July 2019, there was a 100% increase in identified global exposed losses due to BEC.
https://corpgov.law.harvard.edu/2020/03/09/pervasive-threat-of-business-email-compromise-fraud/
Practice Alert: Is every email another FCPA violation?
Bill Steinman
The FCPA Blog
In U.S. v. Coburn and Schwartz, Judge McNulty held that when it comes to charging defendants with violating the FCPA, the relevant question isn’t the number of bribes paid, but the number of calls made or emails sent. To reach this decision – one of first impression under the FCPA – Judge McNulty simply relied on the statute’s plain language. Chatty defendants beware: you can face a separate criminal count for each individual missive you send about the same overall bribery scheme.
https://fcpablog.com/2020/03/10/practice-alert-is-every-email-another-fcpa-violation/
BlackRock and the Curious Case of the Poultry Farmer
Paul Rissman
Harvard Law School Forum on Corporate Governance
Typically, an 11% vote is the end of the story, at least until the next annual meeting when the shareholder may try again. Yet, in this case something unusual happened. Later that same day, a Sanderson press release informed the public that it was going beyond the request of the resolution to issue a report fully compliant with all applicable environmental and social standards set by SASB. Notably, the press release explained that, after “recent extensive engagement with many of its largest stockholders, and in recognition of evolving investor expectations in regard to sustainability reporting,” Sanderson had reversed course.
https://corpgov.law.harvard.edu/2020/03/10/blackrock-and-the-curious-case-of-the-poultry-farmer/
The Latest Revisions to the California Consumer Privacy Act Regulations: Key Considerations for Private Fund Managers
Shulte Roth & Zabel
Although the California Consumer Privacy Act (“CCPA”) went into effect on Jan. 1, 2020, the California Attorney General’s regulations are not yet final, and likely will not go into effect until July 2020. Nonetheless, the most recent version of the proposed regulations, which were issued in February (“Proposed Regulations”), addresses some of the questions fund managers raised during initial compliance with the law.
https://www.srz.com/resources/the-latest-revisions-to-the-california-consumer-privacy-act.html
FinCEN Imposes Its First Penalty on a Bank Compliance Officer for $450,000 for Failing to Prevent AML Violations
NYU Law’s Compliance & Enforcement
On March 4, 2020, the Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) issued a consent order assessing a $450,000 civil money penalty against Michael LaFontaine, a former Chief Operational Risk Officer at U.S. Bank NA (“U.S. Bank”), for his alleged failure to prevent Bank Secrecy Act/anti-money laundering (“BSA/AML”) violations that took place during his tenure.[1] This action—which follows U.S. Bank’s 2018 BSA/AML-related resolution with FinCEN, the U.S. Department of Justice (“DOJ”), the Office of the Comptroller of the Currency (“OCC”) and the Federal Reserve for a combined $613 million in financial penalties—marks the first time FinCEN has imposed a penalty on a bank compliance officer for his role in failing to prevent BSA/AML compliance program failures.
https://wp.nyu.edu/compliance_enforcement/2020/03/11/fincen-imposes-its-first-penalty-on-a-bank-compliance-officer-for-450000-for-failing-to-prevent-aml-violations/