Auditor Independence Enforcement Actions

The Securities and Exchange Commission announced its first enforcement actions for auditor independence failures. I expect your auditors may have a bunch of new restrictions and questionnaires when it is time for the annual audit.

15558009181_15c88cdba3_z

The SEC announced two separate enforcement actions, both involving Ernst & Young.

In one case, Gregory S. Bednar got too cozy with a audit client’s CFO. Bednar and the CFO stayed overnight at each other’s homes, took family trips together and they exchanged hundreds of personal messages.

In the other case, Pamela Hartford violated the auditor independence rule by having a romantic relationship with an executive at an audit client.

According to the SEC’s orders, Ernst & Young required audit engagement teams to follow certain procedures to assess their independence. They asked employees if they had family, employment, or financial relationships with audit clients that could raise independence concerns.  The SEC says that is not enough. Apparently the SEC is expecting a broader question about “non-familial close personal relationships” that could impair the audit firm’s independence.

Ernst & Young’s independence policies “recognized that a non-familial close personal relationship between an engagement team member and a client employee in an accounting or financial reporting oversight role could present an independence problem”.  But the firm had no procedures to identify those relationships and whether a relationship could jeopardize independence.

I expect that audit firms are going to broaden their independence questionnaires. I expect some of the questions and responses could be quite awkward.

Sources:

Picture of Family Travel is by  www.traveloscopy.com
CC BY

CCOutreach

sec-seal

The SEC formed the CCOutreach (yes, that is how they spell it) to promote open communications and coordination among securities regulators and the industry on mutual fund, investment adviser, and broker-dealer compliance issues. In addition to the national seminar in November of each year, they host regional seminars to enable Chief Compliance Officers to interact with the staff from their local SEC office. I attended the Boston Regional CCOutreach seminar. These are my notes:

To start off, there was the usual SEC disclaimer: The Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private publication or statement by any of its staff. The views expressed by the staff in these written materials are those of the staff and do not necessarily reflect the views of the Commission or of other Commission staff.

The presentations started off with some interesting statistics (as of 12/31/2008):

  • 11,292 Registered Investment Advisers
  • 1,521 exams of investment advisers in 2008
    • 64% resulted in deficiency letters
    • 4% resulted in enforcement referral
  • 1,082 Registered Investment Companies
  • 219 exams of investment companies in 2008
    • 67% resulted in a deficiency letter
    • 5% resulted in enforcement referral

Rulemaking

The presentation continued by highlighting some of the current rulemakings in process: the amendments to Form N-1A, the principal trading rule, and amendments to Part 2 of Form ADV. They also noted two rulemakings that should be popping up soon. First is a proposed regulation on money market funds. This is largely in reaction to the issues with those types of funds last fall.The second is a likely rule making on pay to play issues.

Enforcement

The presentation moved on to three types of current enforcement actions, with recent enforcement cases as examples.

The first type is prominent fraud cases, using the SEC v. Robert Brown case as an example. This was a classic Ponzi scheme. The promoter promised astronomical returns, but really used the money to pay off early investors and to pamper himself. When confronted by investors, he claimed the delay in returning the money was due to the Patriot Act.

The second type is compliance failure cases, using the SEC v. Locke Capital case as an example. In this case, the adviser had less than $175 million, but claimed to have over $1 billion under management in order to gain credibility and attract legitimate investors.

The third type is prominent fund failure cases, using the Evergreen case as an example. Evergreen had a fund experiencing some gyrations due to its mortgage-backed securities holdings. The company put together some talking points for investors who called to complain or called with questions. That resulted in selective disclosure of a material piece of information. There were also issues related to failures in their valuation methods.

Fiduciary Duty

The presentation turned to fiduciary issues. A particular issue was how clients got out of positions. This is a reverse of  IPO investigations by the SEC. With IPOs, the SEC investigated whether some clients got preferred access to IPOs and how allocations of IPO shares were made to clients. With the all of the illiquidity in the market, the SEC is now focused on who was able to get out of those illiquid positions and whether some clients got preferred access to the exit.

There was some discussion of the Hennessee case where the SEC brought action for an investment adviser failing to conduct diligence. There seemed to be some split on the panel. Some saw the case as a failure of fiduciary duty. Others thought it was merely a failure to do what the firm advertised it did (subject investments to a vigorous due diligence review).

The presentation moved to what the SEC is looking at during a review. They emphasized that the first step is reviewing the marketing materials and disclosure documents. The SEC wants to understand the company’s business model before the review. They don’t do a cookie cutter review, but a customized review tailored to the company’s business model. The next step is looking at the deficiency letters, their recommendations and what the company has done in response. (You have a target on your back if you have a deficiency and have not done anything in response.)

The panel turned to companies with dual registrations. If you are wearing two hats, you have a heightened level of disclosure. The SEC does not want to regulate the business model, but they do want to make sure you are fair and equitable. Dual registration is commonplace and clients are comfortable with it. But conflicts seem unavoidable, so there is a heightened need for compliance and disclosure.

The focus shifted to proxy voting and the issues associated with it. The panel highlighted the Intech case where the company was subject to a proceeding for failing to sufficiently describe its proxy voting policies and procedures and failing to address a material potential conflict of interest. Intech decided to vote in accordance with AFL-CIO-based proxy voting recommendations for all clients’ securities at a time it was currying favor with the union for more investment business. The panel had a general consensus that it was not wrong to follow a voting model as long as it is fully disclosed.  The panel was split on whether Intech could have disclosed their way out the problem. Some panelists thought the conflict was too much.

Deficiencies

Things turned to problems and how a problem can morph from a disclosure to a deficiency to an enforcement. One of the panelists rattled off a list of factors:

  • Were there deficiency letters?
  • Did you fix the deficiency?
  • Did people raise issues and you ignore them?
  • How long was the problem going on?
  • Were clients harmed?
  • Was it intentional or inadvertent?
  • How far off was the disclosure?
  • Did the firm profit from the problem?

“There is a difference between candid disclosure and clever disclosure.”

Portfolio Management

In the area of portfolio management the SEC found found these to be the most common deficient practices:

  • Failure to adopt or maintain policies and procedures relating to its investment decision-making
  • Failure to maintain required books and records to corroborate investment decisions
  • Failure to disclose all conflicts of interest

In the current market turmoil “drift” is a hot topic. The panel focused on inadvertent drift versus intentional drift. Intentional drift is bad, putting clients into investments that do match up with their investment needs. The panelists acknowledged that this is a tough area. The key is to focus on the goal at the time of purchase of the investment. Then there needs to be a periodic review. Drift review is also difficult. You need to document specific requests by the client and update the investment objectives of the client.

Service Providers

Compliance officers need to review service providers since they are a risk factor according to the panel. In particular, you need to be attentive  to the existence of kickbacks or soft dollars. They panel went so far as to recommend running searches against email traffic for the possibility of communications about kickbacks. Another red flag for the SEC is frequently changing service providers.

Safeguarding Client Assets

The centerpiece for this part of the discussion was the new custody rule that has been published for comment: SEC Releases Proposed Custody Rules for Investment Advisers. The SEC plans to go directly to clients, custodian, counter-parties, and other third parties without notifying the investment adviser. They are expecting a custodian review to be a lengthy, time-consuming process. The surprise review must a surprise and must be a review of 100% of the assets. Sampling will not be permitted. The auditor must also be truly independent. They are going to look towards Regulation S-X for the definition of “independent.”

Performance Claims

It sounds like the SEC is going to look closely at performance claims, both for fraud in the claim itself and for the claim as an indication of underlying fraud. (Like Madoff‘s performance claims.)

The panel indicated an intent to look closely at how the performance numbers are calculated. A particular hot button is how illiquid and hard-to-value assets are included in the performance calculations. The SEC plans to run some forensics to see if there was some smoothing in the performance and whether the performance was too consistent or too good given the underlying assets in the portfolio.

In addition to the performance numbers themselves, the SEC is going to look closely at the disclosure wrapped around the performance claims. They want to make sure the disclosure and qualifications are consistent.

They are also going expect records to be kept to back up the performance claims. If you are claiming 20 years worth of results, you need to keep 20 years worth of records.

They emphasized the need to separate the valuation team from the portfolio management and marketing teams to get as much independence as possible. Using a third party custodian to value assets is probably acceptable, assuming there is no fraud or improper influences on the custodian.

Post-Mortem

The program was good and worth your time if you are a compliance officer for an Investment Adviser or Investment Company. I attended because I thought it best to meet and talk with people when you are in the position to offer them some help instead of needing them to help you. It seems that Congress wants the SEC to regulate private investment funds.

In the interest of full disclosure, the SEC gave out an inexpensive pen and a magnet with with SEC seal to attendees. I don’t think these “gifts” have influenced my decision-making about the SEC.

Materials: