The Securities Compliance Podcast: Compliance In Context Patrick Hayes

Welcome back to the Compliance in Context Podcast! on today’s show, we do a deep dive on the recent rule proposal from the SEC on predictive data analytics technologies and some of the significant compliance challenges associated with that rule proposal and the push back we’ve seen from the industry. In our Headlines section, and in record-breaking time this year, we’ll review the 2024 SEC Examination Priorities pushed out by the Division of Examinations. And finally, we’ll wrap up today’s show with another installment of History Has Your Back, where a famous story involving the renowned anthropologist Margaret Mead gives us a little insight into the mark of where civilization begins, and perhaps a little insight into the mark of a good compliance program.
 
Show 
Headlines

The SEC Division of Examinations releases its 2024 Examination Priorities.

Interview with Dalia Blass

What does the SEC rule proposal say?
What are some of the issues or challenges with the rule proposal and what are some of the key issues involved?
What “covered technologies” are included in the rule proposal?
What constitutes an “investor interaction”?
How is conflict of interest defined in the rule proposal?
What does “neutralization” of a conflict really mean?
How does the definition in the rule proposal reconcile with the standards of conduct used by the Commission in other contexts?
Does the proposal contemplate the impact to other rule proposals?
Does the proposal provide details regarding the cost of complying with the rules as proposed?
For those firms using predictive data analytics, does the proposal discuss who should be conducting the relevant assessments and testing or supervising this activity?
Have there been any additional developments since the rule was proposed and what can firms do now?

History Has Your Back

Developing an appreciation for the mark of civilization and how to approach issues inside your firm’s compliance program.

 
Quotes
09:19 - “It actually tracks some of these statements that we had heard from Chair Gensler. He has spoken previously several times about the use of technology by broker-dealers and investment advisors, and the potential for conflict to be embedded in the use of that technology when it comes to interactions with investors. So what this rule proposal does–the target of this rule proposal is to look at the conflicts of interest that could be associated with the use of predictive data analytics and find ways to make sure that these conflicts are being addressed by the brokers or the advisors. So that, you know, at its core, it is about understanding the conflicts and managing these conflicts with respect to these technologies.” - Dalia Blass  
20:08 - “It's really important to, first of all, appreciate the power of technology in our space and what it has delivered to the American main street investor, American investor in general.” - Dalia Blass   
22:52 - “So yes, there could be issues, but let's understand what the issues are (and if they're addressed) and do a cost benefit. Because the last thing we want is something that, frankly, would raise the cost so much, would be so onerous, would be so complex that, you know, it will not enable, you know, smaller broker dealers and advisors to compete and also become a significant barrier to entry for anybody wanting to come into this space.&rdq

Description
Welcome back to the Compliance in Context Podcast! On today’s show, we feature a Lessons From The Front Lines episode on the recently passed SEC Private Fund Adviser Rules with an esteemed panel of experts featuring three former regulators who served at the very highest levels of the SEC—Kristin Snyder, Dan Kahl, and Pete Driscoll. It’s no secret the SEC has been laser-focused on the private funds industry over the last several years, and now that the groundbreaking final rules have finally passed, our experienced panel will be able to arm you with some key questions and items to consider as you start to think about the overall impact to your firm and how to implement these changes into your firm’s compliance program. This is an episode you won’t want to miss!!   
 
Show
Interview with Kristin Snyder (Debevoise & Plimpton LLP), Dan Kahl (Kirkland & Ellis) and Pete Driscoll (PwC)

What’s the biggest surprise from the proposed to the final rules?
What are the three conditions to achieve legacy status?
Breakdown of the Quarterly Statements Rule
Where did the SEC give on Prohibited Activities?
Breakdown of the Restricted Activities Rule
What did the SEC have to say about the standard of liability facing private fund advisers?
Breakdown of the Preferential Treatment Rule
What constitutes material economic terms?
When it comes to adoption, how can firms operationalize these new rules into their compliance programs?
What are some major challenges that firms face with regard to these rule proposals?

 
Quotes
10:36 – “There’s a lot unsaid in there and a lot of trepidation as to application in the future. The commission very clearly said it wasn’t going to address state law liability issues. But to me there are significant questions where the overlay of federal fiduciary standard and state law and what the staff’s views may be with respect to limitations of liability and how they address that. There was colloquy at the open meeting that this is no different than what the Commission did ago in fiduciary interpretation. But I think the devil will be in the details on application and the years to come on the pullback on the exculpation and whether it was actually meaningful or not.” – Dan Kahl
12:45 – “There are provisions that allow for legacy provisions to stand, but you really have to be careful in kind of unpacking exactly what is and isn’t covered by those legacy provisions because it’s not a blanket status that’s applied across the board.” – Kristin Snyder
20:52 – “And that’s what I’m hearing from clients is probably the biggest concern on how are we going to implement such a broad rule or series of rules, all the requirements–I mean, there’s five rules–frankly, and given the breadth of what’s included, the detail that needs to be captured needs to be automated on a quarterly basis. You mentioned quarterly statements and both you and Dan mentioned the operational lift. And that’s what I’m hearing from clients is probably the biggest concern on how are we going to implement such a broad rule or series of rules.” – Pete Driscoll

Welcome back to the Compliance in Context Podcast! on today’s show, we take a look at one of the most-talked about subjects over the last twelve months, namely artificial intelligence, and expert Marc Gilman will help us further examine the benefits and impact of AI on your firm’s compliance program. In our Headlines section, we’ll review the recent final rule from the SEC detailing new requirements on private fund advisers. And finally, we’ll wrap up today’s show with another installment of History Has Your Back, where an ancient Japanese artistic practice and related philosophy can perhaps teach us a new way on how to deal with the private fund rulemaking.
 
Show
Headlines

The SEC adopted significant new regulation of private fund advisers under the Advisers Act, as well as other requirements that apply to all SEC-registered investment advisers

 
Interview with Marc Gilman

How has your AI experience evolved over the course of your career?
The shifts of information management and how to think about information management wholistically?
How do firms that are using AI approach compliance?
How does AI find a different way to capture relevant compliance information?
What are the benefits of AI on the firm’s compliance program?
In addition to compliance, what are some of the benefits to the business side as well?
What advice would you would give compliance officers out there that may have heard of AI, but don’t quite know what to make of it or how to use it in their compliance programs?
Can compliance use machine-learning to help identify items for testing?
What are some of the other practical uses for AI when it comes to testing or other key areas like cybersecurity?

 
History Has Your Back

Understanding how the ancient Japanese artistic practice known as kintsugi and the Japanese philosophy of wabi-sabi can give us perspective on the new SEC private fund rules

 
Quotes
13:48 - “I think that's a really great, great way to frame it. There's really been a maturation in that space from, you know, kind of thinking about information in kind of silos, whether that's in business units or in, you know, structured versus unstructured types of data. And I think what organizations have realized over time is they really need a holistic approach to that data. Obviously, at Theta Lake we're very concerned with kind of communications data and how that maps into that fabric.” - Marc Gilman 
21:12 - “So just yesterday, big SEC and CFTC announcements of $555 million fines adds to the $2 billion that's already been refined by them. So it is a very critical area of compliance focus right now. And I think the recent enforcement actions often get labeled as the WhatsApp fines, just because that was one of the platforms that the regulators had mentioned in some of the earlier enforcements. But I think the way that I look at them is really more as like the capture fines, right? Because pursuant to SEC rule 17a4, those communications related to your business as such, it doesn't matter what platform they're taking place on, if they are relevant to your business, you're going to have to capture them.” - Marc Gilman 
32:11 - “The value of having really good compliance where compliance is so often and wall gets this to other other functionalities get this too, but you know, you're seen as a cost center solely, right? But in some areas like this one than the ones that you're describing, that's suc

Welcome back to the Compliance in Context Podcast! On today’s show, we dive back into the Cryptocurrency conversation with one of our favorite FinTech experts, Chuck Senatore, to discuss the current state of cryptocurrency in the financial markets and how certain timeless principles could be helpful for the future of this asset class. In our Headlines section, we review a recent rule proposal from the SEC regarding the use of predicative data analytic technologies. And finally, we’ll wrap up today’s show with another installment of What’s On My Mind, where following up on Chuck’s interview, we review the recent decision in the Ripple case and its future impact on the investment management industry.
 
Show
Headlines

The SEC proposed a rulemaking that would require broker-dealers and investment advisers to eliminate conflicts of interest associated with the use of predicative data analytic (“PDA”) technologies

 
Interview with Chuck Senatore

How would you describe the current state of cryptocurrency in our financial markets?
The merits of certain coins and why some question their necessity
What is the concept of “Timeless Principles” in the investment management space?
What challenges does the SEC have in this space?
What additional regulatory uncertainty currently exists?
Have any solutions been proposed by the industry?
How do you see the state of cryptocurrency evolving in the near future?

 
What’s On My Mind

Reviewing the impact of the Ripple decision

 
Quotes
10:25 – “There's been a lot of bumpiness, growing pains, some actors that were less than responsible, which are part of where we are now in terms of what would it mean in terms of how we can get to a place where the responsible parties are able to step in and be in a position to where these lessons that are being learned painfully can actually be a foundation of future growth.” – Chuck Senatore
13:07 – “So I guess the question about whether we need the coins, I guess my answer would be maybe a little bit facile. But at the end of the day, I think that to make a decision about whether these things are needed would really be unfair to the innovation process. And if when we think about a lot of other things, I mean, let's say like there are government-based payment protocols, Fedwire, there's a bunch of things that are involved with that. But there are other payment use cases that have evolved. And the marketplace is deciding whether they have value. I mean PayPal, there's a bunch of as an example of sort of like a non-government based payment system and there are tons of others. And the good part about this is that these new offerings, these other offerings are actually promoting better outcomes and I think we should let things play out and let's see how things work out in terms of whether something is desirable, something is making sense or not.” – Chuck Senatore
15:55 – “When I think about timeless principles, it really is a function of how a player in the marketplace, regardless of whatever the laws might be, there's an element of business ethics, there's an element of what I again, or some of these timeless principles are actually highly grounded in things I think that are an element of common sense in the human experience.” – Chuck Senatore

Welcome back to the Compliance in Context Podcast! On today’s show, we take a comprehensive look at the ever-important topic of valuation, why it’s such a key topic for firms and regulators, and the role that compliance can play in the process. In our Headlines section, we review a recent risk alert from the Division of Exams on the New Marketing Rule. And finally, we’ll wrap up today’s show with another installment of Outtakes, where a recent enforcement action and settlement highlights the importance of valuation and having the right policies and procedures in place.
 
Show
Headlines

SEC Division of Examinations issued a Risk Alert discussing the new Marketing Rule

 
Interview with Tracy Abbott and Ted McCutcheon

What is valuation?
Why is valuation such a key issue in the investment management space?
What are some best practices that firms can use in this space?
How does the role of compliance fit into valuation? What should and shouldn’t be included in the CCO’s purview?
What is the impact of bad data on valuation?
How can firms build proper governance around valuation?
The importance of making sure employees understand the rules around valuation

 
Outtakes

SEC settlement with investment fund to resolve claims that the fund failed to adopt and implement necessary written policies and procedures related to the valuation of fund portfolio investments.
Having the right process and policies and procedures in place can be just as important as avoiding violative conduct

 
Quotes
12:09 - “To get a little more specific, the improper valuation or valuation impacts directly the calculation of fees—what investors pay for the services. Valuation impacts performance advertising and reporting, which is a huge selling point for advisors. You know, valuation impacts the funds share sale price. Misvaluation or valuation problems…can result in private or regulatory liability for fraud, negligence, breach of fiduciary duty.” – Ted McCutcheon
14:14 – “The first thing you need to look at is, what kind of assets does your firm trade in, right? So is it level one assets, which is just stocks and bonds? Is it level two assets, which are difficult to valuate but there are still pricing services? Or are they level three assets which are entirely illiquid and very difficult to process? So, I think, from a risk-based approach, it’s really important to just dig right in. First, what is your firm’s business?” – Tracy Abbott
24:40 – “It really is absolutely critical. Even though, sometimes if your policies and procedures are too specific, you’re a little bit limited so it is really difficult to juggle. It really is a balancing act. Especially with some of those level three assets and illiquidity.” – Tracy Abbott

Welcome back to the Compliance in Context Podcast! On today’s show, we do a double-feature Lessons From The Front Lines episode on the SEC Cybersecurity Rule Proposal (Rule 206(4)-9) with an esteemed panel of experts from ACA Aponix and Fairview Cyber, including Carlo di Florio, Christine Tetherly-Lewis, Mike Pappacena, and Amber Allen. Given the increased focus from the SEC and the fact that many elements of the rule proposal represent challenges already facing SEC-registered firms, this is an episode you won’t want to miss!! 
 
Show
Interview with Carlo di Florio (Co-Host), Christine Tetherly-Lewis (ACA Aponix), and Mike Pappacena (ACA Aponix) and Amber Allen (Fairview Cyber)

Historical look at the SEC’s focus on Cybersecurity
Formalization of cybersecurity protocols and Rule Proposal 206(4)-9
Overview of the Cybersecurity Risk Management Rules and Amendments for Registered Investment Advisers and Funds
What is Rule 10, how does it relate to 206(4)-9, and what are some of the key differences and similarities?
When has a cybersecurity incident occurred?
How can firms provide proper oversight and staffing of its cybersecurity program?
What are the incident disclosure periods for 206(4)-9 and Rule 10
When does a firm actually “know” an incident has occurred that requires reporting to the SEC or disclosure to its clients?
How does Cybersecurity Rule Proposal reconcile with Rule 206(4)-11 and the rule proposal on outsourced service providers?
What are the components of the Cybersecurity Rule Proposal and what is the impact of each?
When it comes to potential adoption, what are some major challenges that firms face with regard to these rule proposals?

 
Quotes
10:14 – “You really see the growth and focus by the SEC and FINRA and other regulators starting in 2010 and forward timeframe. You mention a number of risk alerts there and I would observe that the exam division has published more risk alerts, special reports, exam priorities specifically focused on cyber than any other subject. And the same thing at FINRA with some really excellent reports.” – Carlo di Florio
12:20 – “So under the proposed rule 206(4)-9, the SEC has set forth this proposal that would require advisors to adopt specific and fairly prescriptive requirements to address cybersecurity at a firm level. It would require comprehensive programs to address things like cybersecurity risk assessments which would be conducted annually and potentially more frequently depending on changes in firm risks and also even just industry risks.” – Amber Allen
31:44 – “You don’t know what you don’t know is sort of a cliché when it comes to cyber, but making sure that you have appropriate tools in place that can help you detect an incident or a potential incident. I think that what firm’s need to do with respect to understanding if there is a significant incident is really—when they look at their incident response plans and how they receive alerts, notifications, and monitoring—is really set some guidelines and some boundaries around what that all means.” – Mike Pappacena
33:28 – “I think it’s really critical for firms to have thorough monitoring programs in place so they can keep an eye on potential breaches. And under the proposed rule, the SEC did note that firms should be reporting once they have a reasonable basis for concluding that an incident is occurring or has occurred. And it’s interesting that it also noted specifically that, that does not mean that they