We hope this letter finds you well. The SEC’s fiscal year came to a close on September 30. The SEC will be releasing its 2020 reports this quarter and we will see results of how the pandemic has impacted examination and enforcement statistics. Until then, below is a recap of the third quarter happenings.
This Quarter’s Headlines.
- On September 15, OCIE issued a risk alert titled, Cybersecurity: Safeguarding Client Accounts against Credential Compromise, that focuses on a common cyber-attack known as “credential stuffing” and defenses that can help prevent compromised accounts.
- On August 12, OCIE issued a risk alert titled, Select COVID-19 Compliance Risks and Consideration for Broker-Dealers and Investment Advisers, that discusses new operational, technological, and other challenges facing SEC registrants. OCIE’s observations are grouped in six areas: 1) protection of investors’ assets; 2) supervision of personnel; 3) practices relating to fees, expenses, and financial transactions; 4) investment fraud; 5) business continuity; and 6) protection of investor and other sensitive information.
- On August 7, in a notable Enforcement Action (the “Action”), a private equity real estate fund manager reached settlement with the SEC with regard to the disclosure and allocation of certain asset-level due diligence, accounting, valuation, and similar services routinely provided by third-parties but were performed in-house by the manager. The Action states that the manager did not provide sufficient disclosure as part of its annual advisory committee approval process for certain reimbursable costs regarding (i) the calculation for certain reimbursable non-personnel costs and (ii) statements about market rates for third party tasks the manager performed inhouse for one fund. The Action also found that the manager misallocated to main funds costs and expenses related to its performance of third-party tasks that should have been allocated to related co-investment vehicles the manager also managed.
Policy Reminders.
- Elections are in full swing. Managers should consider sending reminders to staff about political contributions reporting and restrictions, and conduct additional forensic testing.
- Compliance training often lands in the fourth quarter. Managers continue to navigate the ripple effects of life in a prolonged pandemic, which include impact of remote office environments, working with new communication applications, and the investment processes without (or with limited) travel, among others. Compliance training will be an ever more important venue to sync new policies across the organization.
Did you know? In 2019, of the approximately $1.56 trillion raised through Regulation D, Rule 506(b) offerings accounted for $1.5 trillion, which exceeds the capital raised in 2019 through registered offerings ($1.2 trillion). Offerings under 506(c) raised approximately $66 billion, and offerings under Rule 504 raised approximately $228 million.[i]
Is that all? See below for our Q3 Chronological List of Key Events and Q4 Upcoming Events and Deadlines.
Q3 Chronological List of Key EventsAs of: September 30, 2020 |
We left off on June 30, 2020, in our Second Quarter Compliance Letter for Investment Advisers. You can access it here. For those printing this letter, please note that all sources are hyperlinked rather than footnoted.
September 29: In the Matter of Jones Trading Institutional Services LLC
This enforcement action involved a registered broker-dealer that violated its policies and procedures that prohibited the use of text messaging for business-related correspondence. The SEC investigation learned that several registered representatives, including “senior management” and “compliance personnel”, exchanged text messages that concerned the size of orders and the time of trades, product offerings, updates on markets and certain securities prices, and the timing of certain administrative filings with the SEC. The broker dealer did not preserve copies of these text messages in its books and records and was fined $100,000. While this is a broker-dealer enforcement action, the Advisers Act books and records retention requirements and applicability are not that dissimilar from broker-dealers and therefore this action is a good lesson for Advisers to review electronic communications policies and procedures and provide training in this area.
September 18: Fund Administrators Settle with SEC for Causing Fund Advisers’ Violations
Fund Administrators agreed to settle charges with the SEC for role in causing fund manager to defraud investors. The order provides that the fund administrators failed to adequately escalate concerns regarding account receivable owed by the manager to the fund, despite having information that should have caused them to question whether the manager would be able to repay the amounts.
September 17: In the Matter of Gilder Gagno Howe & Co. LLC, and Bonnie M. Haupt
This is a recidivist action where the dually registered investment adviser and broker dealer CCO failed to perform policies and procedures as a result of a prior FINRA examination deficiency. As revealed in testimony, the CCO produced altered documents in response to a subsequent examination. The action resulted in a $1.7 million fine and the CCO got barred.
September 15: Cybersecurity: Safeguarding Client Accounts against Credential Compromise
In this OCIE Risk Alert, the staff discusses an increase in observed so called “credential stuffing” – a method of cyber-attack to client accounts that uses compromised client login credentials to access sensitive information, which may also result in possible loss of client assets. The staff lists certain defenses that include use of multi-factor authentication, strong password policies, monitoring failed login attempts, monitoring the dark web for leaked credentials, and other safeguards.
September 4: SEC Charges Investment Adviser with Custody Rule and Related Violations
The SEC settled charges against an Adviser for repeated late delivery of annual audited financial statements to investors. The order goes on to state that the Adviser did not timely distribute the required annual audited financial statements to investors during the period 2012 through 2019.
August 26: SEC Modernizes the Accredited Investor Definition
The SEC adopted changes to the definition that were proposed last December that now includes, among others, qualifications for certain professional designations, such as, Series 7 holders.
August 12: Select COVID-19 Compliance Risks and Consideration for Broker-Dealers and Investment Advisers
In this OCIE Risk Alert, the staff discusses new operational, technological, and other challenges facing SEC registrants. OCIE’s observations are grouped in six areas: 1) protection of investors’ assets; 2) supervision of personnel; 3) practices relating to fees, expenses, and financial transactions; 4) investment fraud; 5) business continuity; and 6) protection of investor and other sensitive information.
August 7: In the Matter of Rialto Capital Management, LLC
A private equity real estate fund manager reached settlement with the SEC with regard to the disclosure and allocation of certain asset-level due diligence, accounting, valuation, and similar services routinely provided by third parties but were performed in-house by the manager. The Action states that the manager did not provide sufficient disclosure as part of its annual advisory committee approval process for certain reimbursable costs regarding (i) the calculation for certain reimbursable non-personnel costs and (ii) statements about market rates for third party tasks the manager performed inhouse for one fund. The Action also found that the manager misallocated to main funds costs and expenses related to its performance of third-party tasks that should have been allocated to related co-investment vehicles the manager also managed. In addition, the Action stated that the manager did not adopt and implement adequate written compliance policies or procedures regarding the foregoing.
August 5: Staff Report on Algorithmic Trading in the U.S. Capital Markets
As required by the Economic Growth, Regulatory Relief, and Consumer Protection Act of 2018, the SEC staff issued this report to Congress on the risk and benefits of algorithmic trading in the U.S. capital markets. discusses an increase in observed so called “credential stuffing” – a method of cyber-attack to client accounts that uses compromised client login credentials to access sensitive information, which may also result in possible loss of client assets. The staff lists certain defenses that include use of multi-factor authentication, strong password policies, monitoring failed login attempts, monitoring the dark web for leaked credentials, and other safeguards.
July 10: Proposed Rule: Reporting Threshold for Institutional Managers
The SEC proposed to update the reporting threshold for Form 13F reports by institutional investment managers for the first time in 45 years, raising the reporting threshold from $100 million to $3.5 billion to reflect the change in size and structure of the U.S. equities market since 1975, when Congress adopted the requirement for these managers to file holdings reports with the Commission.
Q4 Upcoming Events & Deadlines |
As discussed above, the SEC provided COVID-19 FAQs for, among other things, filings and delivering of audits. Please monitor updates closely as dates may continue to change. Below are the original filing dates.
October 15 Form PF for Large Liquidity Fund Advisers Due
October 30 Employees’ Transaction Reports Due for Q3
November 16 Q3 Form 13F Due
November 29 Form PF for Large Hedge Fund Advisers Due
December 14 Funds Due for 2021 IARD Renewal Program
About HighCamp Compliance
HighCamp Compliance is a premier, boutique compliance consulting and outsourcing firm helmed by former SEC examiners, CCOs, and proven consulting professionals. HighCamp specializes in regulatory compliance and operational support for SEC-registered alternative and institutional investment managers. The team includes specialists in private equity, real estate, and hedge funds.
[i] See https://www.sec.gov/files/report-congress-regulation-a-d.pdf
