On November 4, 2015, the Director of the SEC’s Division of Enforcement discussed the Division’s perspective on the role of a registered investment adviser’s chief compliance officer (CCO) and how the Division determines whether to charge a CCO in connection with wrongdoing or compliance failures by his or her firm. This speech is a “must read” for CCOs and the upper management of investment advisory firms (and of broker-dealer firms as well).
The key take away from this speech is that CCOs should review their firms’ policies and procedures to ensure that they are fulfilling their responsibilities and performing all assigned or required tasks, should scrutinize the business practices and operations of their firms to determine whether all necessary and appropriate policies and procedures are in place, and should speak up if they do not have the resources or otherwise are unable to fulfill their compliance function. These are not new considerations, but the Director’s speech does provide some additional gloss on real world cases where the SEC has sought to hold CCOs personally accountable.
In his speech, the Director addressed two issues, each of which we describe in greater detail below.
First, the Director discussed scenarios where a CCO did not have sufficient power, visibility or input in connection with an advisory firm’s operations, including circumstances where an advisory firm did not allocate sufficient resources to the compliance function or where firm personnel mislead the CCO. The two enforcement cases cited by the Director relating to failures of compliance process and procedures, in which the CCO was not charged, involved circumstances where (i) the CCO repeatedly expressed concerns about the lack of resources and their inability to perform their compliance responsibilities, but the firm’s management ignored those concerns, and (ii) a portfolio manager actively took steps to mislead a firm’s CCO in connection with the portfolio manager’s personal trading reports. The Director views the cases brought in this area as evidence that the SEC supports CCOs under appropriate circumstances, and “will aggressively pursue business line personnel and firms who mislead or deceive [the CCO], or obstruct the compliance function, or who fail to support [the CCO] in a manner that causes compliance violations.”
Second, the Director discussed three main circumstances where CCOs would be, and have been, charged with wrongdoing, including (1) affirmative misconduct by a CCO, (2) attempts by a CCO to mislead or obstruct the SEC’s staff, or (3) a wholesale failure by a CCO to carry out his or her responsibilities.
The justification for bringing an enforcement action in the first two categories above is self-evident, since in each the CCO has engaged in affirmative misconduct. The third category is often the most troubling for CCOs, though the Director states that since the 2003 adoption of the SEC’s compliance rule for investment advisers (Rule 206(4)-7 under the Investment Advisers Act of 1940), such cases have been extremely rare. In his speech, the Director uses two recent cases to illustrate circumstances that would constitute a wholesale failure by a CCO to carry out his or her responsibilities.
The Director first discussed the settled case against BlackRock Advisors LLC and its CCO, announced on April 20, 2015. In that case, BlackRock did not have written policies and procedures governing the outside business activities of its employees, even though the CCO was aware of and approved certain employees’ outside business activities in cases where the activities raised a conflict of interest with the firm’s clients. Despite being aware of red flags in this area, the CCO caused a wholesale compliance failure by the firm in failing to adopt written policies and procedures governing outside business activities.
The Director then discussed the settled action against SFX Financial Advisory Management Enterprises, its President and its CCO, announced on June 15, 2015. In that case, the CCO was not charged in connection with the President’s misappropriation of funds; rather, the CCO was charged with causing the violation. The CCO was tasked under the firm’s policies and procedures with conducting a review of cash flows in client accounts. For more than five years, however, the CCO failed to ensure that any such review occurred even though there was a high risk of misappropriation, given that firm employees had full signatory power of clients’ bank accounts.
The Director stressed that recent actions against CCOs do not signal any change in how the Division views CCO liability or an increased trend toward more enforcement actions against CCOs. He stressed that Enforcement’s policy in determining whether to charge a CCO involves “a thorough analysis of the facts and circumstances and consideration of fairness and equity.” He stated that he does not want CCOs to be concerned that “by engaging in good faith judgments, [the CCO] will somehow be exposed to liability.”
This speech does not put to rest the issue of CCO liability or necessarily completely alleviate CCOs’ justified concerns over personal liability, but it does provide useful insight into Enforcement’s thinking and position on the issue.