Compliance Avenue

HedgeOp Compliance, LLC announced today the version 2.0 release of it’s Employee Level Filing (ELF) platform with electronic linkages to over 2,800 brokerage institutions using patented state-of-the-art technology created by Yodlee™, the leading provider of online personal financial management (PFM) and revenue-generating payments solutions and services.

The ELF version 2.0 Platform contains a streamlined compliance workflow that allows employees to instantly connect to their brokerage accounts electronically, allowing for the seamless, automatic download of transaction and holdings data for compliance review purposes.

Typically, advisers comply with rule 204A-1 by receiving paper copies of employee brokerage statements.   The process of reviewing of these statements can be quite burdensome, even for smaller advisers.  The ELF platform streamlines this process by allowing for electronic links and automates much of the review process for CCO’s.

To learn more about the upgraded ELF platform, click here.

If you own or license personal information about a resident of the Commonwealth, you should already be familiar (and compliant, as of March 1, 2010) with the Massachusetts Data Security Regulations, set by The Massachusetts Office of Consumer Affairs and Business Regulation (OCABR).

While the Regulations themselves are best explained by Mr. Patrick Shea of HedgeOp Compliance in an earlier post of this blog, let’s take a moment to look at practical approaches to meeting (and exceeding) the requirements outlined in the Regulations. I will focus my post on the technological aspects of the Regulations but make sure you address the non-technology pieces, including risk identification and assessment, employee training, maintaining proper documentation, etc.

I would like to introduce you to what I call the C.I.A. of your data: Confidentiality, Integrity and Availability. As a business owner or IT gate keeper you want to make sure that your data remains secured, accurate and readily available to your employees and investors. We will get back to data C.I.A. in a second.

Read the rest of this entry »

In this day and age of digital communications where advisers distribute performance information, client newsletters and other sensitive communications via email, it is a best practice (and smart business move) for advisers to require all personnel to utilize a standard disclaimer underneath their email signature.   After the jump, you will find a sample of a recommended disclaimer.

Read the rest of this entry »

Rule 204A-1 under the Advisers Act (the “Code of Ethics Rule”) requires that all SEC-registered investment advisers establish, maintain and enforce a written Code of Ethics.

Last week, HedgeOp Compliance CEO Bill Mulligan conducted a seminar entitled: Code of Ethics Compliance: Understanding the Rule and Building an Infrastructure as part of HedgeOp’s Excellence in Compliance Seminar Series.

This seminar was focused on helping advisers overcome the burden of the Code of Ethics Rule by teaching about the specific provisions and reporting requirements that must be adhered to. Additionally, the seminar looked at how innovative technology can help automate many aspects of the Code of Ethics Rule and cut down on your paperwork. This seminar is not only geared towards SEC-registered managers, but also unregistered managers who have implemented (or want to implement) a Code of Ethics as a form of “best practice.”

You can watch the seminar and download the presentation materials below.

Download Presentation Materials

As reported today on FINalternatives, smaller hedge funds would have to register with the Securities and Exchange Commission under an amendment to the financial regulation reform bill making its way through Congress. Read the rest of this entry »

It has been reported that a bankrupt hedge fund is in talks with Goldman, Sachs & Co., to recoup losses it sustained in the “Timberwolf” securities deal.

invested approximately of $100 million in a $1 billion security Goldman packaged and sold as “Timberwolf” in Q1 2007.  If you have been following the Goldman Sachs Senate Subcommittee investigations this week you would have heard that this deal was criticized in in-house e-mails.  Namely, “Boy, that Timberwolf was one [$%&!] deal.”

The hedge fund is said to have lost approximately $56 million on the Timberwolf security. Goldman has not yet commented on its talks with the hedge fund.

As reported earlier on this blog, the Securities and Exchange Commission filed a lawsuit April 16 against Goldman alleging that the firm secretly created investments designed to fail while a hedge fund manager, John Paulson, who helped package the deal, was betting against them.

As compliance professionals, this should stand as an acute reminder to train employees on the importance of using discretion in drafting and sending out e-mails and other electronic communications (among a whole host of other compliance related issues!).   While often tagged as a best practice, firms should implement an electronic communications (i.e., emails and instant messages) monitoring and review system.  People tend to forget that once an electronic communication is put out in cyberspace it can and may be used against (or for) you.  While training and monitoring can never stop someone from committing a fraud or potential fraud (and this is not to imply that Goldman is guilty in anyway — I’ll leave that decision to the courts!), it can certainly help catch it before it grows  into something much bigger.

Advisers Act Rule 206(4)-7 requires that SEC-registered hedge fund managers conduct an annual compliance review of their compliance infrastructure and procedures. In adopting the Rule, the SEC did not specify exactly what the annual review should entail.

Today, HedgeOp Compliance CEO Bill Mulligan taught a webinar on “Conducting an Annual Compliance Review” as part of HedgeOp’s Excellence in Compliance seminar series.  This seminar looks at HedgeOp’s suggested method for conducting an annual review including: review of compliance inventory items, conflicts of interest of review, use of employee and service provider questionnaires and more.   This seminar is not only geared towards SEC-registered managers, but also unregistered managers looking to conduct an annual compliance review as a form of “best practice.”

Download Presentation Materials

Going back to yesterday’s subject of privacy forms, I thought it would be good to focus on some of the basics of Reg S-P from the perspective of an investment adviser.  When developing privacy policies, all investment advisers should understand the following: Read the rest of this entry »

Eight federal regulators (including the SEC and CFTC) recently released a final version of a model privacy notice that will make it easier for consumers (i.e. investors/advisory clients) to understand how financial institutions collect and use personal information.

As way of background, the Gramm-Leach-Bliley Act contains a series of requirements governing the disclosure and use of non-public personal information by financial institutions.   The GLB Act requires the SEC (among others) to carry out the purposes of the provisions and establish standards for their application.  The SEC’s Reg S-P covers investment companies, broker/ dealers and registered investment advisers.  In 2006, the Financial Services Regulatory Relief Act of 2006 amended the GLB Act to require the applicable agencies to provide a succinct model form that allows consumers to easily compare the privacy practices of different financial institutions.

The initial proposed form was released in 2007 and after a comment and research period, a new model form has now been released. This new model form (there’s actually two versions–one with opt-out and one with no opt-out), which can be found here, provides a safe harbor for complying with the privacy rules.

Willkie Farr & Gallagher has a very nice summary of some of the other features and drawbacks of the new model privacy form.

With all the recent attention on insider trading, I thought it would be useful to take a quick look at some of the basic concepts involved.

The term “insider trading” itself is not defined in the federal securities laws, but generally is used to refer to the use of material non-public information to trade in securities (whether or not one is an “insider”), or the communication of material non-public information to others.  Section 204A of the Investment Advisers Act requires that all investment managers adopt formal policies which forbid any member, officer, director or employee from “insider trading.”

Although not specifically defined, it is generally understood that the law prohibits:

• trading by an insider, while in possession of material non-public information;
• trading by a non-insider while in possession of material non-public information, where the information either was disclosed to the non-insider in violation of an insider’s duty to keep it confidential or was misappropriated; or
• communicating material non-public information to others in breach of a fiduciary duty.

Next we’ll examine a few steps that advisers can take in order to minimize the risks of insider trading. Read the rest of this entry »