Regulatory Compliance Association Risk Assessments for Investment Advisers: Upgrading Your Compliance Framework™ June 20, 2017 Beth R. Kramer Chadbourne & Parke LLP Scott Naidech Chadbourne & Parke LLP James Hartmann Arena Investors Jeffrey Schultz GPB Capital Holdings, LLC CPAM-12506114v3
Introduction and Overview • Under Rule 206(4)-7, SEC-registered investment advisers are required to develop a compliance program of policies and procedures reasonably designed to comply with the Advisers Act • Through the process of conducting regular risk assessments, many advisers identify various risk to their firms and client accounts so that their firm’s compliance program adequately addresses these risks • Common review areas to consider in risk assessment analysis • SEC areas of focus, including conflicts of interest and fees and expenses • Customize to your firm’s business • Tips for conducting a risk assessment 2
Purpose of Risk Assessment • Purposes of risk inventory assessment and common issues advisers should consider when developing and implementing their risk inventory: • Determine what types of risks (e.g., business, operational, legal, etc.) may be present at the firm. • Assess whether adequate controls are in place to manage or mitigate such risk. • Make modifications to update the firm’s current policies and procedures to address new identified risks. 3
Measuring and Ranking Risk • Likelihood - The possibility that a given event will occur and factor in whether the event has occurred before. • Impact - The effect the event will have on clients or potential clients, disclosures, finances, reputation and regulatory obligations should it occur. • Probability - The anticipated frequency of a risk event given the regularity of the activity or process that is associated with the risk. • Rank risks as high, medium, or low. • Levels are subjective, unique to adviser’s specific business. • Understand firm’s overall business. • Issues regulators have raised in past examinations should be given special consideration; likely given “high risk” designation. 4
Common Risk Assessment Issues • Do you have processes and internal controls in place to help detect and address risks? • What is a control objective? • What types of controls may mitigate identified risks? (Policies and associated procedures, training / education, monitoring and testing) • Automated or manual controls? • How robust should you go in a particular control implementation? • If implemented appropriately, controls should reduce the specific inherent risk identified for a particular activity and leave the firm with a residual risk (which may still be deemed high) • Does your compliance program adapt to changes? 5
Common Review Areas To Consider In Risk Assessment Analysis • Conflicts of Interest • Undisclosed fees and expenses • Allocation of fees / expenses • Related party transactions • Co-investment allocation issues • Cybersecurity • OCIE Risk Alert: Common Compliance Topics 6
SEC Focus on Conflicts of Interest and Fees and Expenses • Undisclosed Fees and Expenses – Does a manager (or its affiliates) charge fees (or provide services) beyond “2 and 20”? • Acceleration of monitoring fees • Charging of additional service fees and use of fee offsets • Expense Allocations • Allocation of expenses as between the manager and the fund, and as between a fund and other funds under management • Is the manager following the fund’s governing documents? Are “grey” areas being allocated in favor of the fund or the manager? • Legal fee discounts • Fees charged by third parties that primarily benefit the manager (consulting, legal, compliance, etc.), but allocated to the fund 7
SEC Focus on Conflicts of Interest and Fees and Expenses (cont’d) • Expense A llocations (cont’d) • Other non-service related costs (filing and regulatory fees, compliance fees and costs, and other overhead, such as rent, utilities, etc.) incurred by the manager in the course of its activities • “Horizontal” allocations among multiple funds: do allocations favor one vehicle over another? • Expense allocations across managed funds • Allocation methodologies • Broken deal expenses among managed funds and co- investment vehicles 8
SEC Focus on Conflicts of Interest and Fees and Expenses (cont’d) • Related party transactions; conflict of interest disclosures relating to payments to affiliates • Hiring of consultants, which may sometimes be quasi- affiliates (former employees) of manager • Outsourcing of manager operations and expenses • Loans received from clients by firm principals • Monitoring outside business activities of principals 9
SEC Focus on Conflicts of Interest and Fees and Expenses (cont’d) • Co-investment allocation issues: • Is the manager making allocations in accordance with the fund documents? • Do the disclosure/fund documents/policies adequately cover those vehicles? • Trading overlap and allocation of investment opportunities; disclosure of conflicts and overlapping investment policies • Fee offset allocations 10
Cybersecurity • Continues to be priority issue for SEC • Risk Alert regarding "WannaCry" ransomware and failure of organizations to install crucial software security patches in a timely fashion • Considerations for your cybersecurity risk assessment: • evaluating and assessing risk management systems, policies, and procedures; • making any appropriate changes to address or strengthen them; • imposing access controls; • training employees to avoid risks; and • gathering documentation of such changes as well as those documents likely to be requested 11
OCIE Risk Alert: Common Compliance Topics • Five most common compliance topics in deficiency letters sent to SEC-registered investment advisers • Compliance Rule: compliance manuals not reasonably tailored to the adviser’s business practices • Regulatory Filings: advisers’ failure to accurately complete and timely file certain regulatory filings with the SEC • Custody Rule: advisers’ failure to recognize that they may have custody due to online access to or certain authority over client accounts • Code of Ethics Rule: failure to identify access persons for purposes of reviewing personal securities transactions, miss required information in their codes of ethics, submit transactions and holdings untimely • Books and Records Rule: failure to maintain all required records or keep records up-to-date, and inconsistent recordkeeping 12
Tips for Conducting a Risk Assessment • Prioritize and conduct monitoring and testing suitable to each risk • Document results of risk assessment, testing and follow-up • Conduct risk reviews throughout the year, quarterly or annually • Make modifications to update the firm’s current policies and procedures to address new identified risks • Conduct periodic testing of your compliance program to determine areas that your policies and procedures may have been circumvented 13
Closing Thoughts 14
Speaking Faculty Biographies 15
Beth Kramer, JD, Partner, Fund Formation & Investment Management Group, Chadbourne & Parke Beth Kramer focuses her practice on investment management and securities law. She regularly advises investment advisers on the formation and ongoing management of funds and on the regulatory and compliance aspects of their businesses. She counsels investment companies, private funds and separately managed accounts on structuring, organization, distribution, and SEC regulatory and compliance issues, including responses to SEC examinations. Ms. Kramer’s practice includes the creation of new advisory businesses, including registration and formation with appropriate regulatory authorities, creation of disclosure documents for private funds, drafting of investment management products, evaluating fund documents for institutional investors and family offices seeking alternative investments, development of compliance policies and procedures, performing compliance reviews, representations of advisers in connection with SEC examinations, counseling clients on compliance with the Dodd-Frank Act, and adviser acquisitions. She advises clients with respect to compliance with, and exemptions from the Investment Advisers Act of 1940, as amended and the Investment Company Act of 1940, as amended. Ms. Kramer was recognized by The Legal 500 US in 2014 through 2017 for her work in investment fund formation and management. Ms. Kramer serves on the New York City Bar Association's Investment Management Regulation Committee for a three year term which began in September 2015. She is also a member of the American Bar Association (Section of Business Law) and 100 Women in Finance. 16
Recommend
More recommend
