Andrew Ceresney, the Director of the Division of Enforcement of the SEC, assured compliance officers that compliance officers would not be exposed to liability when compliance officers engage and remediate problems at investment management firms in a speech given in May 2014.  Mr. Ceresney reiterated that compliance personnel do not become supervisors solely because they provide advice to, or consult with, business line personnel.[1]  However, he clarified that the SEC will bring legal action against compliance officers, typically when the “SEC believes that legal or compliance personnel have affirmatively participated in the misconduct, when they have helped mislead regulators or when they have clear responsibility to implement compliance programs and wholly failed to carry out that responsibility.”  Mr. Ceresney then pointed out a case in which the SEC did bring legal action against a compliance officer.

CCO Knew About the Firm’s Decision to Violate Rules, Affirmatively Participated in the Violations and then Concealed the Violations from Regulators

Mr. Ceresney pointed out the Penson[2] case in which the SEC alleged that Penson’s chief compliance officer, Thomas R. Delaney, had direct knowledge that Penson’s procedures were resulting rule violations, but Mr. Delaney failed to take steps to bring Penson into compliance and affirmatively assisted in the violations.  Furthermore, the SEC alleged that Mr. Delaney concealed such violations in “numerous” communications with the SEC and FINRA.[3]  Included in the long list of Mr. Delaney’s misconduct was the fact that the SEC viewed that Mr. Delaney “consciously chose profits over compliance.”[4]

CCO Takeaways

  • CCOs should design compliance policies and procedures against known risks.
  • CCOs should investigate violations of compliance policies and procedures and take remedial measures to curtail future violations.
  • CCOs should be proactive and fully engage in the business to monitor against potential rule violations.