December 26, 2018
Securities Law Alert
Securities Law Alert
Author(s): Daniel McAvoy
The SEC’s Office of Compliance Inspections and Examinations announced that it will focus its examination priorities in 2019 on retail investors, digital assets and cybersecurity, among other areas, in order to help the SEC improve compliance, identify risks, prevent fraud and inform its rulemaking initiatives. This alert discusses what businesses and investors need to know.
The Securities and Exchange Commission’s (SEC’s) Office of Compliance Inspections and Examinations (OCIE) has announced that it will focus its examination priorities in 2019 on retail investors, digital assets and cybersecurity, among other areas. The ultimate goal of its examinations are to help the SEC improve compliance, identify risks, prevent fraud and inform its rulemaking initiatives. Generally, OCIE’s duties include examination and oversight of registered investment advisers, exempt reporting advisers, municipal advisors, mutual funds, exchange-traded funds (ETFs), registered broker-dealers, transfer agents, securities exchanges and clearing agencies.
According to its 2019 Examination Priorities Report released last week, OCIE plans to focus on six general themes in the upcoming year: (i) retail investors, including seniors and those saving for retirement, particularly relating to fees, expenses and conflicts of interest; (ii) compliance and risk for critical market infrastructure; (iii) Financial Industry Regulatory Authority (FINRA) and Municipal Securities Rulemaking Board (MSRB) programs; (iv) digital assets, including cryptocurrencies and ICOs; (v) cybersecurity and (iv) anti-money laundering. As is typical, OCIE intends to utilize a risk-based approach. While these are likely to be the SEC’s primary areas of focus, other compliance issues may receive attention during the year.
A number of OCIE’s recent initiatives protected what the SEC deems to be retail investors. While private equity and other closed-end funds generally won’t have “typical” retail investors, the SEC views pension plans and other vehicles designed to save for retirement as retail investors, notwithstanding their level of sophistication. Thus, many items designed to protect retail investors will be, or will continue to be, applicable to the private funds industry as a whole. Retail investor protection initiatives include:
OCIE will continue annual examinations of registrants responsible for critical market infrastructure (such as systemically important clearing agencies designated by the Financial Stability Oversight Council), entities subject to regulation systems compliance and integrity (SCI entities), transfer agents and national securities exchanges.
OCIE will continue to monitor FINRA and MSRB in 2019, particularly their operations and regulatory programs. OCIE will inspect both self-regulatory organizations to ensure the appropriateness of their procedures and controls.
OCIE will monitor and focus on risks pertaining to digital assets that are securities, particularly as related to portfolio management, trading, pricing, internal controls and ensuring the security of client funds.
Cybersecurity has been a longtime priority for OCIE, and it will continue focusing on network storage, information security governance, governance and risk assessment, access rights and controls, data loss prevention, retail trading and practices of multi-office investment advisers, among other areas. Policies and procedures should be updated for certain newer developments, such as fraudulent and fake capital call letters, increased protection of personally identifiable information under U.S. and European legal regimes and technological developments for device configurations. There will be particular focus on the cybersecurity practices of multi-office and recently merged advisers. Because no two cybersecurity protocols are the same, integration of these protocols when changed or added will be a hot topic. OCIE has also issued a risk alert relating to record-keeping for electronic communications that included recommendations for advisers texting clients and the use of alternative means of communications.
In 2019, OCIE will focus AML examinations on the programs of broker-dealers, to ensure their compliance with the Bank Secrecy Act and other AML obligations, particularly the requirement to file suspicious activity reports (SARs) with the Financial Crimes Enforcement Network (FinCEN).
In general, there are a number of key takeaways from this alert that present a bit more nuance than OCIE’s examination priorities for previous years. First, the focus on conflicts disclosures (as between general partners and limited partners) may lead to increased disclosure where, for instance, a third party is invested both in a fund as well as its sponsor, or where the sponsor runs a parallel fund for specific investors that may have different financial terms than those of the main fund. Second, there may be greater disclosure regarding subscription facilities and termination facilities, particularly to the extent they are secured by portfolio assets or the fund’s bank accounts. We also believe the trend for higher thresholds to permit formation of successor funds will continue. We also think that more universal practices for custody, valuation, and internal controls will develop for funds that hold digital assets, particularly with respect to illiquid ICO or ITO tokens. As we’ve seen thus far while the SEC has been under Jay Clayton’s direction, we continue to expect vigorous enforcement of financial crimes and fiduciary duty violations as they are presently known. We do not, however, anticipate major expansions of the level of disclosure required for investment advisers to meet their fiduciary duties, as we saw in Mary Jo White’s SEC.
In addition, while not all of them are mentioned in the examination priorities, sponsors should also have heightened awareness of certain areas where the OCIE has issued risk alerts, including: (i) complying with the Investment Advisers Act recordkeeping rule where non-traditional methods of electronic communication, such as text messages, private messaging and phone apps, are used; (ii) risk-based examination initiatives for RICs; (iii) compliance with the Investment Advisers Act cash solicitation rule, which requires a number of conditions to be met for an adviser to pay cash fees to a solicitor; (iv) meeting best-execution obligations under the Investment Advisers Act and (v) adequate disclosure and approval practices for fees and expenses. To the extent advisers have not already done so, they should take a fresh look at their policies and procedures to ensure that these items, along with the areas of priority, are adequately addressed.
The foregoing has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel. If you have any questions or require any further information regarding these or other related matters, please contact your regular Nixon Peabody LLP representative. This material may be considered advertising under certain rules of professional conduct.