Author: Doug Cornelius

You can find out more about Doug on the About Doug page

Compliance Bricks and Mortar for June 7

These are some of the compliance-related stories that recently caught my attention.

Tuesday: Tax transparency, the myth of the unlevered IRRs
Private Funds Management

LPs want to know what effect this has on IRR. ILPA recommends that net IRR should be presented both with or without use of the credit facility, as referenced in this video from one of our sponsors Withum. This sensible-seeming suggestion may not be as simple as it seems. “Speed to close and ability to close all cash are becoming more important in this competitive environment. Without a line we would need to call capital in advance and leave cash on the balance sheet,” said Blue Wolf Capital CFO Josh Cherry-Seto. “We would at least a few times call large amounts of capital for investments that do not consummate. It is not such a simple exercise and I don’t think, if calculated honestly, the results would be favorable.” Cherry-Seto was speaking at Private Funds CFO’s fund finance roundtable, which will be published in July.

Preemption of state securities laws
by Eversheds

With the recent announcement by the Securities and Exchange Commission (SEC) that it will hold an open meeting on June 5, 2019, to consider adopting Regulation Best Interest, one of the major issues that the SEC may clarify is its view of whether Regulation Best Interest preempts state securities regulations that impose a fiduciary duty on broker-dealers.

Boeing and More Compliance Lessons Learned: Silos, Risk and Training
by Tom Fox
FCPA Compliance Report

I was stuck by an extraordinary above the fold article in the Sunday New York Times (NYT), entitled The Late Change, and Fatal Flaws in Boeing’s Plane by a plethora of reporters including Jack Nicas, Natalie Kitroeff, David Gelles and James Glanz. (The physical location of the article in the print edition was also significant as it reminded me of when the NYT broke the story of Wal-Mart’s corruption allegations in Mexico, in the same place, right hand column above the fold in an edition of the Sunday Times back in 2012). Matt Kelly wrote a great blog post on the article and his interpretation of it in Radical Compliance, entitled Another Lesson from Boeing: SilosKelly was spot on regarding his analysis of the siloed nature of Boeing’s design and construction process that caused or contributed to the catastrophic failure of the 737 Max due to the failure of the Maneuvering Characteristics Augmentation System (MCAS).

http://fcpacompliancereport.com/2019/06/boeing-compliance-lessons-learned-silos-risks-training/

Carnival Dinged $20M on Compliance
By Matt Kelly
Radical Compliance

Compliance professionals will be fascinated — and encouraged, really — because this case is all about Carnival failing to establish a strong, effective compliance function. That was the failure. Carnival was supposed to hire a CCO years ago to help strengthen a culture of compliance, it hasn’t done that yet, and that lack of leadership allowed a culture of non-compliance to continue.

http://www.radicalcompliance.com/2019/06/05/carnival-dinged-20m-compliance/

NASAA adopts investment adviser information security model rule package
Jay Fishman, J.D. 
Jim Hamilton’s World of Securities Regulation

The North American Securities Administrators Association, Inc. (NASAA) has adopted an information security model rule package to enhance state-registered investment advisers’ cybersecurity and privacy practices.  The package consists of: 
1.A model rule requiring investment advisers to adopt policies and procedures regarding information security (both physical security and cybersecurity) and to deliver its privacy policy annually to clients;
1. An amendment to the existing investment adviser NASAA model recordkeeping requirements rule mandating that investment advisers maintain records of their cybersecurity and privacy policies and procedures; and 
3. Amendments to the existing investment adviser NASAA Unethical Business Practices of Investment Advisers, Investment Adviser Representatives, and Federal Covered Advisers and NASAA Prohibited Conduct of Investment Advisers, Investment Adviser Representatives and Federal Covered Investment Advisers Model Rule USA 2002 502(b) model rules, to include failing to create, maintain, and enforce the cybersecurity and privacy policies and procedures.   

https://jimhamiltonblog.blogspot.com/2019/05/nasaa-adopts-investment-adviser.html
PMC 2019
Please support my ride to fight cancer. On the first weekend in August, I’ll be riding across Massachusetts to raise money for cancer research. I could use your support:
https://profile.pmc.org/DC0176

Regulation Best Interest, Form ADV Part 3 and the Fiduciary Standard

The Securities and Exchange Commission has been working on a way for consumers to better understand the difference between securities brokers and investment advisers. The Department of Labor made an attempt with respect to retirement plans, but that is a mess.

I’m not sure how much of a mess the new Regulation Best Interest is going be for private fund managers. The devil is in the details and the details are in the 524 page release for the new FORM CRS Relationship Summary and Amendments to Form ADV and the 771 pages of the Regulation Best Interest: The Broker-Dealer Standard of Conduct.

According to the press release, the SEC

“voted to adopt a package of rulemakings and interpretations designed to enhance the quality and transparency of retail investors’ relationships with investment advisers and broker-dealers, bringing the legal requirements and mandated disclosures in line with reasonable investor expectations, while preserving access (in terms of choice and cost) to a variety of investment services and products.  Specifically, these actions include new Regulation Best Interest, the new Form CRS Relationship Summary, and two separate interpretations under the Investment Advisers Act of 1940. “

The bigger burden is likely to be on broker-dealers. But changes are required for investment advisers and private fund managers.

One piece of good news is that Regulation BI attempts to clarify the fiduciary standard for investment advisers. That standard is not in the text of the Investment Advisers Act. It’s been developed through court cases.

The SEC published a new Commission Interpretation Regarding Standard of Conduct for Investment Advisers codifies an Investment Advisers’ Fiduciary Duty:

  • Duty of Loyalty
  • Duty of Care
    • Duty to Provide Advice that is in the best interest of the client
    • Duty to Seek Best Execution
    • Duty to Provide Advice and Monitoring over the course of the relationship

Get set for Form ADV Part 3. This new filing is directed at registered investment advisers that offer services to retail investors. Part 3 is the new relationship summary. New Rule 204-5 will require an investment adviser to deliver an electronic or paper version of the relationship summary to each retail investor before or at the time the adviser enters into an investment advisory contract with the retail investor. You’ll also need to post it to your website.

The deadline for compliance is June 30, 2020. We’ve got a year.

Where to turn to first? I’m diving into the Commission Interpretation Regarding Standard of Conduct for Investment Advisers.

Sources:

CCO Liability and Identity Theft

I’ve gotten worked up about CCO liability cases. Many have been sloppy about using consistent standards. A recent case case caught my eye because the CCO was charged because of identity theft.

At first I thought the case might be an aggressive position to charge the CCO because a cybersecurity breach resulted in identity theft at the firm. I opened the case and was ready to be angry. Then, I discovered it was very strange case.

The CCO was the one who had stolen identity information. So that bad activity clearly fall into the “CCO is involved in the wrongdoing” standard for CCO liability.

The reasons he stole employee identities?

From November 2011 through June 2015, [the CCO] forged the signatures of ten Firm employees and used their confidential personal information to create false online bidding accounts at three auction houses in their names, and to participate in 26 auctions, without the employees’ authorization. [the CCO] engaged in this conduct after the auction houses prohibited him from participating in auctions, because he had previously failed to pay for or collect items he had won at auction.

Definitely a case where the CCO was involved in the wrongdoing. Employees were harmed. Liability is clearly appropriate.

[Updated to remove the CCO name after a request and a review of remediation]

Sources:

Looking Ahead to Regulatory Changes

The Securities and Exchange Commission published its Reg Flex Agenda for the Spring of 2019. This gives us some insight to what regulatory changes are in the works. Three items caught my eye as likely to apply to private funds.

Harmonization of Exempt Offerings. Chairman Clayton had previously noted that the regulations around exempt offerings is a mess.

The Division is considering recommending that the Commission seek public comment on ways to harmonize and streamline the Commission’s rules for exempt offerings in order to enhance their clarity and ease of use.

Amendments to the Custody Rules for Investment Companies and Investment Advisers . The Custody Rule is full of footfaults. Most CCOs I’ve talked to have run into problems trying to figure out how the Rule applies to some particular circumstance. The abstract does not provide much insight into what aspect of the Rule is being discussed.

The Division is considering recommending that the Commission propose amendments to rules concerning custody under the Investment Company Act of 1940 and the Investment Advisers Act of 1940.

Amendments to the Marketing Rules Under the Advisers Act. Changes to the marketing regulations have been mentioned by the Commissioners several times. The regulations are well out of date from the age of digital communication. Plus, there is well of practice and unofficial law buried in No-action letters. It sounds like there is a lot of support to formalize that unofficial through a formal rulemaking.

The Division is considering recommending that the Commission propose amendments to rules 206(4)-1 and 206(4)-3 under the Investment Advisers Act of 1940 regarding marketing communications and practices by investment advisers.

These are merely items the Commission are working on or thinking about for regulatory action. It will take a consensus of the Commissioners to agree to start the rulemaking and agree to language. That may not happen. But at least they are thinking about them.

PMC 2019
Please support my ride to fight cancer. On the first weekend in August, I’ll be riding across Massachusetts to raise money for cancer research. I could use your support:
https://profile.pmc.org/DC0176

Compliance Bricks and Mortar for May 31

These are some of the compliance-related stories that recently caught my attention.

The Troika Laundromat
The Organized Crime and Corruption Reporting Project

Laundromats are complex systems for moving money that allow corrupt politicians, organized crime figures, and wealthy business people to secretly invest their ill-gotten millions, launder money, evade taxes, and fulfill other goals.
OCCRP has previously exposed three such schemes: The Proxy Platform, the Russian Laundromat, and the Azerbaijani Laundromat.
Now, OCCRP and its reporting partners reveal a unique new Laundromat, created by a prestigious financial institution. This time, the work shows not only its beneficiaries but also exposes its mastermind and operator — Troika Dialog, once Russia’s largest private investment bank.

https://www.occrp.org/en/troikalaundromat/

A common complaint about insider trading law is that there is no statute that expressly sets forth the requirements to prove insider trading. That can make it difficult to determine whether a violation has occurred.
The House Financial Services Committee is seeking to remedy that. It recently passed a bill that would — for the first time — set forth what is required to prove insider trading.

https://www.nytimes.com/2019/05/24/business/dealbook/insider-trading-act.html

DC Circuit Opinion Reaffirms Fiduciary and Disclosure Obligations of Advisers While Rejecting SEC Finding of “Willful” Violations
By Joshua M. Newville, Samuel J. Waldon, Anthony Drenzek and Ariella Muller

The DC Circuit recently released an opinion addressing the SEC’s administrative findings against registered investment adviser The Robare Group (TRG) for failure to disclose alleged conflicts of interest. Although the court affirmed the SEC’s finding of a violation of Section 206(2) of the Advisers Act, it held that Commission could not find willful violations under Section 207 based on the same negligent conduct.

https://www.privateequitylitigation.com/2019/05/dc-circuit-opinion-reaffirms-fiduciary-and-disclosure-obligations-of-advisers-while-rejecting-sec-finding-of-willful-violations/

Crypto Assets and Insider Trading Law’s Domain
by Andrew Verstein 
Harvard Law School Forum on Corporate Governance and Financial Regulation

Insider trading doctrine clearly applies to most familiar crypto assets and their traders. The legal requisites for insider trading regulation—jurisdiction, material non-public information, breach of duty—are frequently conjoined. The most obvious examples of this concern misappropriation by employeesof crypto asset trading venues about the venue’s plans to support a crypto asset; allegations of this sort of insider trading have already ended up in federal court. But there are many more examples, such as misappropriation by government officials and members of mining pools. Ultimately the question is not whether insider trading law applies to crypto assets; it is whether we want it to.

https://corpgov.law.harvard.edu/2019/05/29/crypto-assets-and-insider-trading-laws-domain/

Interesting Action From OFAC
by Matt Kelly
Radical Compliance

Compliance officers might want to take a close look at the wrist-slap that State Street Corp. received from the Office of Foreign Assets Control on Tuesday, for violations of sanctions against Iran. It’s a small but telling example of how a robust compliance program brings benefits, OFAC or otherwise.
OFAC did cite State Street for violating Iran sanctions, because the bank acted as custodian for a customer’s retirement plan and processed $11,365 worth of pension payments to the customer, a U.S. citizen, while he was residing in Iran in the mid-2010s.

http://www.radicalcompliance.com/2019/05/28/interesting-action-from-ofac/
PMC 2019
Please support my ride to fight cancer. On the first weekend in August, I’ll be riding across Massachusetts to raise money for cancer research. I could use your support:
https://profile.pmc.org/DC0176

Affiliate Transactions as a Ponzi Scheme

Actions by the Securities and Exchange Commission against real estate companies will catch my attention. A recent complaint against Robert Morgan and his affiliated real estate funds did just that.

The SEC complaint is just charges, so we don’t know if the statements are true or what Morgan’s response will be. I’m just using it as a learning tool.

The main charge against Morgan is a criminal complaint for mortgage fraud. In a Department of Justice press release:

The defendants provided false information to financial institutions and government sponsored enterprises overstating the incomes of properties owned by Morgan Management or certain principals of Morgan Management. The false information induced financial institutions to issue loans: (1) for greater values than the financial institutions would have authorized had they been provided with truthful information; and (2) that the financial institutions would not have issued at the time of issuance had they been provided with truthful information.

The SEC grabbed a piece of the action when it was discovered that Morgan has raised four private funds from investors to finance Morgan properties. The funds, managed by Morgan, made what look like mezzanine loans to the properties owned by Morgan.

See if you if you can spot the conflict? Yes it’s obvious.

According to the complaint, Morgan did not treat these as third-party loans in terms of documentation or valuation of the underlying assets. Morgan also used funds to pay off loans that were maturing and owed to other funds.

Lots of conflicts for sure. According to the complaint, the offering materials stated that the loans from the funds would be going to affiliates managed by the funds’ manager. According to the complaint, one fund’s loan to a Morgan affiliate was often used to fund the repayment of another fund’s loan. The SEC labels these pay-off as “Ponzi scheme-like payments.”

The SEC brought its charges for violating the anti-fraud provisions of the Securities Act and Exchange Act.

Numerous affiliate transactions like those in the Morgan empire are full of conflicts and issues. It can be done, with lots of controls and documentation in place. The SEC complaint makes it sound like those were not in place.

Sources:

Compliance Bricks and Mortar for May 24

These are some of the compliance related stories that caught my attention this week.

The Looming SEC IEO Fintech Smackdown
by John Reed Stark

Not to be confused with initial coin offerings (or “ICOs”), an IEO is a crypto-financing model offered and administrated via a cryptocurrency trading platform on behalf of a company (typically some form of start-up) that seeks to raise funds with its newly issued cryptocurrency digital tokens. Each IEO negotiates its unique terms, deals, and conditions with the various cryptocurrency trading platforms.


https://www.linkedin.com/pulse/looming-sec-ieo-fintech-smackdown-john-reed-stark/

Some Securities Fraudsters Escape Paying SEC Fines
by Dave Michaels
Wall Street Journal

The Securities and Exchange Commission over the five fiscal years that ended in September 2018 took in 55% of the $20 billion in enforcement fines set through settlements of court judgments according to agency statistics. During the prior five years, from 2009 through 2013, the SEC collected on 60% of the $14.6 billion.

https://www.wsj.com/articles/some-securities-fraudsters-escape-paying-sec-fines-11558344601?shareToken=stcd26267268cf44699be99d966e93fc32

Ethics Bots and Other Ways to Move Your Code of Business Conduct Beyond Puffery
by Michael Blanding
Working Knowledge

When health insurer Cigna Corp. appeared in front of a judge for allegedly misleading shareholders on Medicare regulations this spring, plaintiffs thought they had a strong case. After all, Cigna had published its own document titled “Code of Ethics and Principles of Conduct” that specifically required employees to uphold all regulations and “act with integrity in all that we do.”
When the panel of three judges took a look at the argument, however, they threw it out of court as irrelevant. “We think the statements in Cigna’s Code of Ethics are a textbook example of ‘puffery,’” the judges wrote. “They are too general to cause a reasonable investor to rely upon them.”

https://hbswk.hbs.edu/item/ethics-bots-and-other-ways-to-move-your-code-of-business-conduct-beyond-puffery?cid=wk-rss

Three Compliance Lessons from Preet Bahara
by Tom Fox
FCPA Compliance & Ethics

Preet Bharara gave the morning keynote at the second day of Compliance Week 2019. It was interesting because rather than a speech he did so with a one-hour Q&A format with Allen & Overy partner Gene Ingoglia facilitating the session through the role of the questioner. The questions were built around Bharara’s recently released book Doing Justice: A Prosecutor’s Thoughts on Crime, Punishment, and the Rule of Law.

http://fcpacompliancereport.com/2019/05/three-compliance-lessons-preet-bharara/

Recruiting and Retaining Compliance Staff is Key Risk for Banks, Regulator Says
by Kristin Broughton
Wall Street Journal

Criminals laundering money through the financial system have long been one of the top risks facing the banking industry. Building a solid defense against such intrusions is becoming another, a U.S. financial regulator said Monday.
U.S. banks are having a hard time recruiting and retaining compliance professionals, particularly those who specialize in financial crimes, the Office of the Comptroller of the Currency said in a semiannual report on the risks facing lenders.

https://www.wsj.com/articles/recruiting-and-retaining-compliance-staff-is-key-risk-for-banks-regulator-says-11558395878?shareToken=sta0ad1cfbeeec4a5594014a9356f51c3f

Please support my Pan Mass Challenge ride to fight cancer. On the first weekend in August, I’ll be riding across Massachusetts to raise money for cancer research. I could use your support: https://profile.pmc.org/DC0176

Thaddeus North and CCO Liability

At a recent event, an official with the Securities and Exchange Commission tried to give some comfort to a room full of compliance officers that the SEC was not trying to saddle compliance officers with potential liability. He pointed us to the opinion in the matter of Thaddeus North.

The case was the Commission’s review of a FINRA disciplinary action. Mr. North was the Chief Compliance Officer of Southridge Investment Group. FINRA found Mr. North had been (1) failing to establish a reasonable supervisory system for the review of electronic correspondence, (2) failing to reasonably review electronic correspondence, and (3) failing to report a relationship with a statutorily disqualified person.

In Thaddeus North opinion, the SEC cites several cases of CCO liability. The Commission used those decisions to delineate that:

[I]n general, good faith judgments of CCOs made after reasonable inquiry and analysis should not be second guessed. In addition, indicia of good faith or lack of good faith are important factors in assessing reasonableness, fairness and equity in the application of CCO liability.

The North opinion cites four areas where a CCO could have liability:

  1. CCO engages in wrongdoing
  2. CCO attempts to cover up the fraud
  3. CCO crosses a clearly established line
  4. CCO fails meaningfully to implement compliance programs, policies, and procedures for which he or she has direct responsibility,

The third one is a new iteration. Frankly, I don’t know what it means. It’s not mentioned otherwise in the opinion.

In contrast to those four areas of liability the Commission opines that “disciplinary action against individuals generally should not be based on an isolated circumstance where a CCO, using good faith judgment makes a decision, after reasonable inquiry, that with hindsight, proves to be problematic “

Apparently, everything in between is a matter-specific analysis that should involve informed judgment by the Commission.

The SEC found North in the middle ground and found him liable. The opinion states that “North failed to make reasonable efforts to fulfill the responsibilities of his position.” That is a not one of the four listed areas of CCO liability. The Commission adds in that North’s actions were egregious and he repeatedly failed to perform some compliance functions.

I find the opinion frustrating if it’s trying to allay concerns about CCO liability. The SEC states the four areas, then says that North did something that was not in one of those four areas. The Commission uses the “failed to make reasonable efforts” standard on liability for North, instead of the fourth area’s “fails meaningfully to implement.”

Would it have been too hard for the Commission to use the same standard just set forth in the prior paragraph? That would have made me feel better about CCO liability instead of creating a broader standard for CCO liability.

Sources:

Compliance Bricks and Mortar for May 17

These are some of the compliance-related stories that recently caught my attention.

Reasonableness Pants
Commissioner Hester M. Peirce

A strong enforcement program requires us—to draw from the admonition a judge recently gave to us in a matter before her—to “put on [our] reasonableness pants.” The SEC ought always to wear reasonableness pants, and I would like to talk today about what those reasonableness pants look like on a regulator.

https://www.sec.gov/news/speech/speech-peirce-050819

Rise of the No Men
The Economist

But pity not finance’s in-house policemen, for they have had a golden decade since the crisis. While swathes of banking have laboured under cutbacks and stiff capital requirements, their headcount and clout have grown. Banks fined for aiding corruption, money-laundering and sanctions-busting have beefed up their compliance, risk, legal and internal-audit teams. Compliance officers will never be the rock stars of finance, but they have moved from drums to rhythm guitar. And though some banks hint at having reached “Peak Compliance”, staffing and investment are likely to remain well above pre-crisis levels.

https://www.economist.com/finance-and-economics/2019/05/02/the-past-decade-has-brought-a-compliance-boom-in-banking

Wells Fargo creates new unit focused on regulatory compliance
Imani Moise
Reuters

The new unit, whose creation was reported earlier on Wednesday by the Financial Times, will be charged with working through the more than a dozen regulatory consent orders the bank is operating under – agreements between regulators and the bank that it will work to satisfy certain requirements. It will also implement new business and risk-management processes.

https://www.reuters.com/article/us-wells-fargo-risk/wells-fargo-creates-new-unit-focused-on-regulatory-compliance-idUSKCN1SE2U5

How We Howey
by Hester M. Peirce, U.S. Securities and Exchange Commission
Harvard Law School Forum on Corporate Governance and Financial Regulation

While Howey has four factors to consider, the framework lists 38 separate considerations, many of which include several sub-points. A seasoned securities lawyer might be able to infer which of these considerations will likely be controlling and might therefore be able to provide the appropriate weight to each. Whether the framework gives anything new to the seasoned securities lawyer used to operating in the facts and circumstances world of Howey is an open question. I worry that non-lawyers and lawyers not steeped in securities law and its attendant lore will not know what to make of the guidance. Pages worth of factors, many of which seemingly apply to all decentralized networks, might contribute to the feeling that navigating the securities laws in this area is perilous business. Rather than sorting through the factors or hiring an expensive lawyer to do so, a wary company may reasonably decide to forgo certain opportunities or to pursue them in a more crypto-friendly jurisdiction overseas.

https://corpgov.law.harvard.edu/2019/05/13/how-we-howey/

Oh Come On, CFTC…
By Matt Kelly
Radical Compliance

Well this takes the whistleblowing cake: the Commodities & Futures Trading Commission is promoting its whistleblower program at a cryptocurrency conference in New York this week, complete with a booth in the hallway and free CFTC whistles handed out to attendees.

http://www.radicalcompliance.com/2019/05/14/oh-good-lord-cftc/

Five Good Reads for Compliance Professionals
by Kitty Holt
SCCE’s Compliance & Ethics Blog

  • The Lucifer Effect: Understanding How Good People Turn Evil by Philip Zimbardo….
  • Dying Out Here Is Not An Option by John Connelly….
  • The Forger’s Spell: A True Story of Vermeer, Nazis, and the Greatest Art Hoax of the Twentieth Century by Edward Dolnick….
  • Whistleblower by Amy Block Joy…
  • Why We Sleep: Unlocking the Power of Sleep and Dreams, by Matthew Walker, PhD. …
PMC 2019
Please support my ride to fight cancer. On the first weekend in August, I’ll be riding across Massachusetts to raise money for cancer research. I could use your support:
https://profile.pmc.org/DC0176