Compliance Bricks and Mortar for February 23

These are some of the compliance-related stories that caught my attention this week.

FINRA warns public about fake . . . FINRA
by Richard L. Cassin

The Financial Industry Regulatory Authority (FINRA) warned about con artists posing as FINRA to make phony investment pitches. Scammers are using FINRA’s name and logo in letters that say FINRA is guaranteeing investments. The letters include a fake signature from FINRA president and CEO Robert W. Cook. [More…]

When The Sport of Curling Should Make Your Hair Curl
by Adam Turteltaub

In the You Can’t Make This Up Department, reports out of Korea indicate that a Russian curler has tested positive for a banned substance.  Yup, doping in curling. Doping in sports is not so surprising these days.  Doping from a Russian athlete, not so shocking either.  But doping in curling?  Really?  Curling?  I mean, seriously?  Have you watched the sport?  I don’t deny that it’s harder than it looks, it is probably quite physical, and I know I couldn’t make the US Olympic curling team, but really? [More…]

2018 Cross-Industry Compliance Staffing and Budget Benchmarking and Guidance Survey
by the Society of Corporate Compliance and Ethics

On the following pages are a series of data tables that can be used to benchmark compliance program budgets and staffing by several factors. As you review the data, keep in mind that this data should be considered directional in nature. Different companies of the same size will likely have very different histories in terms of compliance issues and risks. [More…]

Six Do’s and Don’ts of Due Diligence Questionnaires
by Kristy Grant-Hart

Due diligence questionnaires are a critical tool for understanding third-parties. But they can quickly get out of control, putting unreasonable burdens on the answering party, and at worst, invading the privacy of individuals in wholly unnecessary ways. How do you balance the legitimate need for information with the reality that no questionnaire can fully protect the company from the possibility that the third-party will misbehave? Here are three do’s and don’ts when it comes to due diligence questionnaires. [More…]

SEC’s Jackson questions rationale for dual-class ‘forever shares’
By Mark S. Nelson, J.D.

New SEC Commissioner Robert Jackson hit the ground running in his first substantive speech as a commissioner by taking on the topic of the proliferation of companies that have adopted dual-class share structures. Jackson’s speech in San Francisco at a Silicon Valley event on M&A, antitrust, and governance issues comes at a time when initial public offerings (IPOs) have become scarcer and an abundance of private capital allows growing start-ups to remain private longer, thus giving the founders of some companies that do go public the leverage to demand share structures that may protect their jobs. For Jackson, though, the question is one of how long a company should retain a dual-class structure post-IPO rather than a debate about the merits and demerits of such structures. He said the outcome of the debate over dual-class structures may have long term implications for Main Street investors. [More…]

 

The Limit of Whistleblowers

The Supreme Court just decided a case that limits the whistleblower anti-retaliation provisions in Dodd-Frank. The Court handed down its decision in Digital Realty Trust v. Somers.

Dodd-Frank defines “whistleblower” as a person who provides “information relating to a violation of the securities laws to the Securities and Commission.” 15 U. S. C. §78u–6(a)(6). A whistleblower is then eligible for an award if original information provided leads to a successful enforcement action. Under Rule 21F, a whistleblower has to go through particular steps to be able to claim an award, but the anti-retaliation protections apply whether or not the requirements, procedures and conditions to qualify for an award are satisfied.

Mr. Somers reported suspected securities-law violations to senior management of Digital Realty Trust. He was fired. He did not alert the SEC prior to his termination. He didn’t file an administrative complaint within 180 days that is required under the Sarbanes-Oxley whistleblower protections. Nonetheless, he brought suit against the company with a claim of whistleblower retaliation.

The Supreme Court stuck with the clear definition in Dodd-Frank. A whistleblower for securities law violations must report the violation to the SEC to have protection from retaliation.

The Supreme Court pointed out that there is a different definition of whistleblower under the CFPB part of Dodd-Frank. Under 12 U.S.C. §5567(a)(1), a “covered employee” who provides information to the company, the FBI, or any other State, local, or Federal, government authority or law enforcement agency relating to a violation of a law subject to the CFPB’s jurisdiction gets whistleblower protection.

Mr. Somers argued that the limiting whistleblower definition should only apply to eligibility for awards. The Court completely disagreed with that argument and relied on the plain language of the statue. There were two concurring opinions, but they only took different approaches to whether the Court should take into consideration legislative history as part of statutory interpretation. The two concurring opinions agreed with the result, leaving Mr. Somers as a non-whistleblower. The ruling settled a split between the Ninth and Fifth Circuits, reversing the Ninth Circuit’s decision.

There is an obvious impact on compliance programs. As much as we might hope that employees who think there is a problem would tell someone internally first, there is much more incentive to go directly to the SEC.

It’s all confusing in application. A tip left with the SEC is kept anonymous, so a company would not know the identity of the whistleblower. A company could fire an employee who left a tip without knowing that the employee did so. Without a requirement that the employee also tell the company, the company is in the dark and may not even be aware of the problem.

The other piece missing in the arguments is whether there even was an actual securities law problem at Digital Realty Trust.

Sources:

Read SEC.gov on Your Phone

I had given up on trying to access the SEC’s online resources through my phone a long time ago. Frankly, it was hard to use with a full computer screen at times. It was nearly impossible to use on my phone’s small screen.

But the site has been evolving. Broc Romanek pointed out that the SEC’s home page is now mobile friendly. I looked around this morning while riding the train the work (a day off from bike-commuting). Most of the site works much better on a phone.

Of course that is great for consumers who are likely to be less frequent users and trying to get themselves some help. I might have moved the order of things around on the SEC’s home page to make it easier to make a complaint or research financial professionals. But the information is there and easy to find.

For industry users like me, it’s great to be able to find resources while out of the office. While on the SEC’s home page, I noticed that the SEC’s open meeting scheduled for today has been cancelled. There was a rumor circulating that the Commission was going to present updated guidance or a new rule on public company reporting requirements on data breaches. Clearly, that is not happening today.

If you were wondering, ComplianceBuilding.com is set up to be mobile-friendly. Let me know if it doesn’t work on your phone.

Compliance and the Olympics

I’m a  big fan of the Winter Olympics. I’ve been spending many hours watching coverage of curling, snowboarding, cross-county skiing and the biathalon, so far.

A story about compliance at the Olympics caught my attention.

Samsung, the big South Korean company, made a limited edition of its Galaxy Note 8 for the PyeongChang 2018 Olympic Games. It planned to deliver more than 4,000 units of the device to those involved in the PyeongChang Olympics, including the International Olympic Committee, the PyeongChang Organizing Committee, the Olympic athletes, and the Paralympic athletes.

One of the great celebration of the Koreans at the game is the inclusion of athletes from North Korea. Since you have read the news, you know that there are all kinds of sanctions against North Korea. You can also add in the four athletes from Iran who are competing and from a country subject to sanctions.

Word of the limitation reached the government of Iran and the South Korean ambassador was brought in. The Iranian prosecutor-general threatened to bring Samsung’s boss in Iran in for questioning. Little did I know, but Iran is apparently the biggest smartphone market in the Middle East., with an estimate that 48 million people in Iran own the devices.

The IOC intervened and gave Samsung the nod to allow the Iranian athletes to get the phones and bring them back to Iran.

Samsung also gave the North Koreans the phones. However, they must be returned to avoid the ban on shipping luxury goods to North Korea.

That market is substantially smaller. North Korea has about four million mobile-phone subscribers, which about one-sixth of the population. Those devices are lacking features, like an internet connection or the ability to call internationally.

Sources:

Compliance Bricks and Mortar for February 9

These are some of the compliance-related stories that recently caught my attention.

Asset Managers Show Less Concern About Compliance by Ben DiPietro

More than three-quarters of respondents said the reduced regulatory concern meant compliance issues are not as significant as they were in the past; 52% said they are more focused on reputational risk the last six months than regulatory risk. [More…]

How to Survive a Root Cause Analysis: Chapter 8 of The Worst-Case Scenario Survival Guide for Compliance Professionals by Tom Fox

For the first time, companies that sustain an FCPA violation are required to perform a root cause analysis and incorporate that information back into the compliance program. Learn how to survive. [More…]

Rabobank Unit to Forfeit $369 Million to Settle Money-Laundering Probe by Samuel Rubenfeld

The guilty plea comes about two months after George Martin, a former Rabobank vice president, entered into a deferred-prosecution agreement with the U.S. for his role in aiding and abetting the bank’s failure to maintain an effective compliance program. He agreed at the time, as part of his plea deal, to cooperate with the ongoing U.S. investigation. [More…]

Market regulators on crypto: We’re on it, but may need help by Ian McKendry

Testifying before the Senate Banking Committee, the heads of the Securities and Exchange Commission and the Commodity Futures Trading Commission said the two agencies are not ignoring the fast-growing cryptocurrency sector and they have some oversight powers. But they indicated that they might need more. [More…]

SEC Exam Priorities for 2018

The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations announced its 2018 examination priorities. This year, the examination priorities are broken down into five categories:

  1. Compliance and risks in critical market infrastructure;
  2. Matters of importance to retail investors, including seniors and those saving for retirement;
  3. FINRA and MSRB;
  4. Cybersecurity; and
  5. Anti-money laundering programs.

The retail investor focus and the cybersecurity focus are carryovers from last year. MSRB was added to the FINRA focus. I expect cybersecurity will be on the list for the foreseeable future.

I think it’s interesting to see anti-money laundering on the list. The current rules are not explicitly applicable to many investment advisers and private fund managers. Those fall outside the definition of “covered financial institution.” Broker-dealers and mutual funds are “covered financial institutions.”

This was true in the latest AML customer due diligence released by FiinCEN in 2016. FinCEN released a proposed rule to include investment advisers in the general definition of “financial institution” in 2015. That proposed rule seems to have stalled out.

On top of that, the rules and regulations are not generated by the SEC. Regardless, it’s against the law to do financial transactions with people and companies on the sanctions list. At a minimum, advisers should be checking their investors and clients against those lists.

It will be interesting to see how that works it’s may into the examination process. perhaps part of it will be fact-finding for once again creating an explicit rule for investment advisers.

Sources:

The SEC is Open on March 31

That headline is incorrect. I can’t speak for the entire SEC, especially with Congressional funding in jeopardy between now and then.

However, The IARD system is operating on March 31. If you have to file your Form ADV, it is due to be filed by March 31.

Back in 2013, March 31 fell on a Sunday and the IARD system did not work on the weekends back then. According to the calendar, the IARD system is now operating every day.  So, for you procrastinators, you don’t get extra time over the weekend to finish your Form ADV.

If you are the listed contact, you should have received this email:

IARD Availability on March 31 for Form ADV Annual Updating Amendment Deadline

Please be advised that the Investment Adviser Registration Depository (IARD) system will be open on Saturday, March 31, 2018, from 8am-6pm Eastern Time.  On that date,advisers will be able to submit filings, including amendments to Form ADV.  If an adviser’s fiscal year ended on December 31, 2017, that adviser will be able to file its Form ADV Annual Updating Amendment on March 31, 2018, in order to meet the requirement to file within 90 days after the end of its fiscal year.  If you have questions, please email [email protected].

If you have not noticed, there have been some significant changes to Form ADV.  See the Changes to Form ADV. It’s going to take some extra time to complete the filing this year.

Sources:

Compliance Bricks and Mortar for Groundhog Day

These are some of the compliance-related stories that recently caught my attention

Misplaced Regulatory Moves, Up Close by Matt Kelly in Radical Compliance

Like manna from heaven, every time you write about some grand plan from government, fate sends an example of how harebrained bureaucracy can be in practice. And so today we have an example of missing the point on deregulation, which some bureaucrat at the Federal Communications Commission clearly did.[More…]

Beware ICO Lawyers: As Regulatory Gatekeepers, You’re the Next SEC Target by John Reed Stark

Equally astonishing is that ICOs have grown largely outside of regulatory oversight and without the investor protections and disclosure requirements that apply to traditional investment offerings. In fact, ICOs provide a virtual “Driver’s Ed” film of possible securities law violations.   [More…]

Compliance and Creative Problem Solving by Tom Fox

One thing that compliance officers must never forget is that their customers are company employees. This means when an employee comes to you with a problem, they need you to fix it or to help them fix it. As the article noted, customers cared less about the actual outcome than about the process by which the employee tried to offer assistance. “It’s not about the solution—it’s about how you get there.” Once again, the Fair Process Doctrine raises its head not only in the corporate world but specifically in the compliance realm. [More…]

Ex-Morgan Stanley advisers used clients’ cash to fund wind farm project: feds

Two former Morgan Stanley advisers have agreed to plead guilty to US charges that they misused client funds to invest in a wind farm project they were involved with, federal prosecutors said on Wednesday.[More…]

BRING ON THE BIKOCALYPSE by Felix Salmon

Chinese cities have been overtaken by the chaos and clutter of dockless bikes. American cities should follow their lead.[More…]

The Department of Justice Threw Out the Use of Guidance Documents

President Trump has set de-regulation as one of his priorities. We saw this in his Executive Order that required the repeal of two regulations before enacting a new regulation. The Department of Justice is embracing this mandate.

Associate Attorney General Rachel Brand issued a memorandum  limiting the use of agency guidance documents in affirmative civil enforcement cases. This is an extension of November 15, 2017 memo from Attorney General Sessions that prohibits the DOJ from promulgating guidance documents that create rights or obligations that are binding on regulated parties.

The Brand Memo applies to affirmative civil enforcement cases.  I was not sure what those were. I found out that they are civil lawsuits on behalf of the United States is to recover government money lost to fraud or other misconduct or to impose penalties for violations of Federal health, safety, civil rights or environmental laws. This would include ADA lawsuits, environmental clean up lawsuits, as well as healthcare reimbursement fraud.

The November memo from the Attorney General was intended to attack guidance that gets implemented as a de facto regulation without going through the formal notice and comment rulemaking process.

Any guidance documents now have to follow five principles:

  1. Guidance has to disclaim any force of law, and avoid language suggesting that the public has obligations that go beyond those set forth in the applicable statutes or legislative rules.
  2. Guidance must clearly state that they are not final agency actions, have no legally binding effect on persons or entities outside the federal government, and may be rescinded or modified.
  3. Guidance should not be used to coerce persons into taking any action or refraining from taking any action beyond what is required by the terms of the applicable statute or regulation.
  4. Guidance should not use mandatory language such as “shall,” “must,” “required,” or “requirement”, except when restating with citations to statutes or regulations.
  5. To the extent guidance set out voluntary standards, they should clearly state that compliance with those standards is voluntary and that noncompliance will not, in itself, result in any enforcement action.

This leaves me scratching my head on how this might affect guidance from the Securities and Exchange Commission that the compliance professionals rely on.

The Brand Memo clearly states that it applies to DOJ litigators in using other agencies’ guidance documents. Although, it limits itself to affirmative civil enforcement cases. I would have to assume that this may bleed over into the DOJ’s prosecution of cases referred from the SEC.

Guidance cuts both ways. Attorney General Sessions is clearly focused on guidance that imposes more obligations on regulated parties. But I think that is a simplistic way to look at things. Some of the guidance provides safeguards that help firms navigate uncertainty in the legislation and regulations.

Sources:

SEC Says “NO” to Cryptocurrency ETFs and Mutual Funds

When Bitcoin was rapidly increasing in value, there were lots of people looking to invest in that space. The SEC has repeatedly raised concerns about fund sponsors creating a fund or ETF focused on cryptocurrency. In a letter to the Investment Company Institute and Securities Industry and Financial Markets Association, the SEC said don’t even think about it.

Actually, it said you can think about it, but what about all of these issues. These issues are very compliance-related so I thought it was interesting to look at these compliance issues in light of this new asset class.

Valuation

Proper value of a fund assets is critical. For Bitcoin and various crypto-currencies there are multiple exchanges that are often far apart in the exchange rate. Bitcoin itself has little ascertainable value. Few merchants accept it as payment and few holders are willing to part with it, instead holding it as an investment. The value is determined as other currencies, based on the exchange rate into dollars. That exchange rate can vary significantly from provider to provider.

The SEC lays out out a long list of questions that would have to be addressed in a valuation policy.

Custody

This is the big problem. Most of the successful hacking of crypto-currency has been a a hack into the depositories/wallets that hold the crypto-currency. Investment advisers have regualtory custody requirements and ’40 Act funds have a stricter set of rules.

The SEC points out that it is not aware of any custodian providing custodial services for crypto-currencies.

The problem with custody is that you have to have the private crypto key as well as the record in the blockchain.

Arbitrage

For ETFs that trade during the day, you have problems with differing price movement at the different exchanges for crypto-currencies.

Market Manipulation

As I pointed out yesterday, cypto-currencies seem to targets for market manipulation. That also means that any derivatives from the crypto-currencies are also subject to market manipulation.

Sources: