December 2024 Regulatory Roundup
SEC Delivers its Enforcement Report, Industry Says Goodbye to SEC Chair Gensler, and Lessons on Third-Party Transfers and Cherry-Picking
Welcome to our December 2024 Regulatory Roundup, where we provide practical advice on the latest regulatory headlines. We start this issue with the SEC’s 2024 enforcement results, which fell somewhat short after its 2023 banner year. We also say goodbye to SEC Chair Gary Gensler, who tendered his resignation after Donald J. Trump won his presidential bid. Given the president-elect’s views on government, I expect the next chair to have a less aggressive regulatory agenda. For firms following the ongoing drama in the Fifth Circuit Court of Appeals about the Corporate Transparency Act, the current answer as of December 26 is that the requirements to report Beneficial Ownership are stayed. But stay tuned since that answer may change once again. Finally, I included a few enforcement cases, one on the misappropriation of client funds and two on cherry-picking. I want to highlight that in two cases, the firm was sanctioned for failure to discover and detect the nefarious activity. In the third (the cherry-picking complaint), the individual responsible, not the firm, was charged. This appears to be due, at least in part, to the efforts of the Chief Compliance Officer. The SEC highlighted the CCO’s training and messaging that emphasized the need to follow the firm’s aggregation and allocation procedures. Compliance officers should take notice. Even if you cannot catch bad actors, being able to prove that you had policies and procedures in place, that you communicated them to the relevant parties and provided periodic training can go a long way to protecting yourself and your firm.
Finally, I would like to wish you all a happy new year on behalf of me and my colleagues at SEC3! Thanks to all of you for your support and best of luck in your compliance efforts for 2025!
SEC’s Present to Financial Industry – 2024 Enforcement Report
The SEC issued a press release announcing its enforcement results for the September 30, 2024 fiscal year. Enforcement actions were down from 2023 (583 in 2024 compared to 760 in 2023), but penalties were up ($8.2 billion in 2024 compared to $6.43 billion in 2023). The Commission conceded that more than half of the total financial remedies are attributable to the $4.47 billion settlement with Terraform Labs and its founder Do Kwon, after a jury found the firm liable for defrauding investors through its stablecoin Terra USD offering, which crashed in 2022. Nationwide sweeps contributed to the remaining $3.7 billion. Matters related to investment advisers and investment companies were at the top of the enforcement list with 23% of total actions, with actions involving securities offerings and broker-dealers tied for second place with 17%. Delinquent filings also made the list with 10% of total actions.
Interestingly, the SEC also highlighted efforts by financial firms to “self-report, remediate, and meaningfully cooperate with our investigations…” The SEC seems to imply that increased self-reporting and remediation might have contributed to the low number of enforcement actions in 2024.
For investment advisers, the results highlight the Enforcement Division’s focus on Marketing Rule compliance, the failure of certain insiders and market participants to disclose their securities holdings and transactions, and the use by market participants of false or misleading disclosures involving artificial intelligence, social media, cybersecurity and crypto assets. See the full report for more details on the Division of Enforcement’s activities for the year.
Adieu to SEC Chair Gary Gensler
SEC Chair Gary Gensler announced his resignation effective on January 20, 2025, President-elect Donald Trump’s inauguration day. Although Chair Gensler’s term doesn’t end until 2026, he followed tradition by announcing that he will depart on the day the new administration starts. According to the SEC’s press release, Gensler “led the agency through a robust rulemaking agenda to enhance efficiency, resiliency, and integrity in the US capital markets.” Gensler also strongly opposed cryptocurrency, targeting companies such as Binance and Coinbase. He was also responsible for cracking down on the use of WhatsApp and other unauthorized communication channels used by financial firms to discuss business, imposing more than $2 billion in fines since 2021.
Wait – What? Fifth Circuit Reinstates Stay of Corporate Transparency Act
Unregistered private fund advisers can hold off compliance with the Corporate Transparency Act (“CTA”) and its Beneficial Ownership Information Reporting Rule (“BOI Rule”) for now. Although SEC-registered investment advisers are exempt from the beneficial ownership reporting requirements of the CTA, certain unregistered funds and funds managed by state-registered or unregistered advisers may be in scope.
But given the many twists and turns of this legal battle, firms should keep a close eye on the latest developments. Let’s review. On December 3, 2024, the U.S. District Court for the Eastern District of Texas issued a nationwide preliminary injunction preventing the CTA and BOI reporting rule from being enforced (Texas Top Cop Shop, Inc., et al. v. Garland, et al., No. 4:24-cv-00478 (E.D. Tex.). This meant that companies required to submit BOI reports to the Financial Crimes Enforcement Network (FinCEN) could hold off for now.
But wait, there’s more. On December 23, the Fifth Circuit issued a temporary stay of the injunction, which then reinstated CTA compliance. In response, FinCEN issued an alert confirming that BOI reporting requirements were in effect and extending the reporting deadline to January 13, 2025. Then, on December 26, 2024, the Fifth Circuit issued a new order vacating the stay and reinstating the nationwide preliminary injunction. FinCEN has acknowledged the most recent court order and stated that “reporting companies are not currently required to file beneficial ownership information with FinCEN.” Firms should continue monitoring this injunction’s status on the FinCEN website.
Misappropriation by IARs Exposes Flaws in Oversight System and Software
A large investment adviser/broker-dealer (the “Adviser”) was fined $15 million by the SEC for failing to prevent its financial advisers from using two forms of unauthorized third-party disbursements, Automated Clearing House (ACH) payments and certain patterns of cash wire transfers, to misappropriate funds from advisory client and brokerage customer accounts.
Long story short, the Adviser already had two regulatory settlements under its belt, one from FINRA and another from the SEC, for failing to monitor funds disbursed from customer accounts going back to 2009. In the settlement order, the SEC acknowledges that the Adviser tried to fix the problem by using third-party software to monitor client funds being transferred to third-party accounts. Unfortunately, the Adviser’s software was not configured to catch suspicious cash transfers from clients’ accounts to single third-party accounts. Consequently, some financial advisers were able to misappropriate client funds for their personal gain. The financial advisers transferred cash out of client accounts to their accounts via ACH.
According to the SEC’s settlement order, it wasn’t until 2021 that the Adviser discovered that the software it was using to detect unauthorized transfers was not configured to pick up cash transfers from multiple client accounts to a single third-party account. So, financial advisers involved were able to steal from client accounts for years without detection. The order states that the Adviser “never conducted any testing of the software system’s performance” in monitoring this type of activity, which might have alerted the firm to a gap in its surveillance procedures. It took a client complaint and another year to pass before the Adviser began an in-depth review of ACH transactions for the previous five years. This review identified similar misconduct by other financial advisers.
Ultimately, the SEC charged the adviser with violations of Advisers Act Section 206(4) and Rule 206(4)-7 (the Compliance Program Rule) for failing to adopt and implement written policies and procedures “reasonably designed” to prevent misappropriate by its financial advisers using externally initiated ACH payments.
In this case, the Adviser knew that some of its financial advisers were transferring funds from client accounts and depositing them to accounts at external financial institutions for their own benefit. The ability of financial advisers to make these unauthorized transfers was a known risk. And there was a pattern that could be detected– cash transfers from multiple client accounts to a single third-party account. In some cases, the ACH payment instructions identified the financial adviser as the beneficiary of the payments. The Adviser selected a software system to help detect these types of suspicious cash transfers. The order states that the Adviser did not test the system to confirm that it worked as contemplated. While it is possible that the Adviser tested the system, it appears that it had no written records to prove it. It is also possible that the financial advisers deliberately structured their transfers to evade the monitoring system. The settlement order does not answer these questions.
But based on the facts we’ve been given, there are a few takeaways. First, firms cannot depend on the sales pitch when relying on software to detect compliance issues. Compliance personnel may not always understand how the software works, so IT should help analyze new systems. Moreover, firms should institute periodic testing to confirm that the system is working as advertised — and, of course, document that testing. Finally, for a known risk that harms investors, firms should consider additional testing and monitoring instead of relying solely on software systems.
Years of SEC Scrutiny Not Enough to Stop Determined Cherry-Pickers
Cherry-picking by investment advisers is a practice where an adviser purchases securities in an omnibus account, waits to evaluate their performance and then allocates profitable trades to favored accounts and unprofitable trades to unlucky accounts. The SEC has a long history of punishing advisers for this practice because it violates the adviser’s fiduciary duty and the Advisers Act Section 206 anti-fraud provisions. Most firms prohibit this practice by adopting trade allocation policies that require aggregated securities transactions, or block trades, to be allocated shortly after the trade is executed using predetermined allocations. Firms also require a written allocation plan before the order is entered. Firms may also take additional steps to ensure that trades are being allocated fairly by segregating order placement (by portfolio managers) and trade execution (by traders). Centralizing the trading function and using automated systems are just two ways firms can prevent cherry-picking.
Two recent cases highlight how portfolio managers are still cherry-picking for their own gain. In the first, the SEC settled with an investment adviser where an investment adviser representative (IAR) managed client accounts and allocated profitable trades to his own accounts and those of his wife and family members. In the second case, the SEC published a complaint charging the chief investment officer of a large asset manager for engaging in similar activities.
In the first case, the firm allowed its IAR to act as portfolio manager for client accounts and enter trades directly into the system using an omnibus account to place aggregated securities transactions. The firm’s policies and procedures required a written allocation plan submitted before an aggregated order was entered and that allocations be fair and equitable. The IAR ignored these mandates and, according to the settlement order, the IAR’s allocations were not reviewed by the Chief Compliance Officer or a designee. The firm’s custodian sent alerts to the firm about unallocated block trades but they were never elevated to the CCO. In that case, the firm got off relatively lightly, receiving a penalty of $375,000.
The second case made headlines because it involved a well-known asset management firm and its former chief investment officer. According to the SEC’s complaint, the CIO routinely placed trades with brokers and then waited until later in the trading day to allocate after determining which were profitable. The SEC alleges that the CIO favored accounts invested in a specific investment strategy, presumably because these accounts paid the firm higher fees than others. This increased profit for the firm and the CIO’s bonus.
The second case is only in the complaint stage, so we only have the SEC’s side of the story. However, according to the SEC, the CIO did not use the firm’s electronic trading system or specify trade allocations when placing trades. Instead, he called brokers directly to place trades and often provided allocations only after the market closed. These were red flags that might have led to earlier detection. Given the CIO’s position and excellent track record, employees might have been reluctant to report the activity.
It can be difficult for a compliance officer to identify whether cherry-picking is happening, especially when portfolio managers are given discretion to trade client accounts directly. In most cherry-picking cases, the perpetrator does not provide an allocation plan when the trade is entered or shortly thereafter. The accounts that get favorable treatment tend to be those of the perpetrator, family members, or accounts that charge higher fees.
Here are our tips on preventing cherry-picking:
- Consider segregating trade orders from trade execution. This forces the person who places the order to determine the allocation before the trade is executed.
- Consider centralizing the trading function. Firms that require trading activity to go through a trading desk have a second set of eyes on all activity and are in a better position to spot cherry-picking activity. If IARs are managing client accounts and have the discretion to place trades directly, this makes it much more difficult to identify cherry-picking.
- Test the allocation process. In both cases described in this article, there is no indication that the compliance team was reviewing written allocations. Investment professionals engaged in cherry-picking commonly fail to follow the firm’s policies and procedures on trade allocation, including having a written allocation plan. Periodic testing might have uncovered the issue much earlier.
- Compare the performance of accounts managed in a similar investment style. In many cases, the adviser engaging in cherry-picking allocates profitable trades to their own accounts or those of their family members. If the related accounts perform significantly better than the adviser’s other accounts, this could indicate cherry-picking.
- Confirm that disclosures match actual practices. Compliance officers should dig into the details of firm trading activity. Find out exactly what it means to allocate block trades fairly and equitably and then confirm the practice is being followed.
Cherry-picking remains an issue since there will always be people driven by greed. Segregation of duties, automation of the allocation process, and testing to ensure policies and procedures are being followed are ways to detect and prevent this fraudulent activity. Compliance teams must also have the staff and tools to perform this testing, along with support at the highest levels of the organization.
Photo by Екатерина Коробова on Unsplash
Need assistance with your compliance program? SEC’s team of experienced compliance professionals can help. For more information, please email us at info@sec3ccompliance.com, call (212) 706-4029 x 229, or visit our website at www.sec3compliance.com.
Table of Contents
Regulatory Roundup for December 2024
Welcome to our December 2024 Regulatory Roundup, where we provide practical advice on the latest regulatory headlines. We start this issue with the SEC’s 2024 enforcement results, which fell somewhat short after its 2023 banner year. We also say goodbye to SEC Chair Gary Gensler, who tendered his resignation after Donald J. Trump won his presidential bid. Given the president-elect’s views on government, I expect the next chair to have a less aggressive regulatory agenda. For firms following the ongoing drama in the Fifth Circuit Court of Appeals about the Corporate Transparency Act, the current answer as of December 26 is that the requirements to report Beneficial Ownership are stayed. But stay tuned since that answer may change once again. Finally, I included a few enforcement cases, one on the misappropriation of client funds and two on cherry-picking. I want to highlight that in two cases, the firm was sanctioned for failure to discover and detect the nefarious activity. In the third (the cherry-picking complaint), the individual responsible, not the firm, was charged. This appears to be due, at least in part, to the efforts of the Chief Compliance Officer. The SEC highlighted the CCO’s training and messaging that emphasized the need to follow the firm’s aggregation and allocation procedures. Compliance officers should take notice.
Tips for Updating Your Compliance Program in 2025
In addition to basic blocking and tackling, compliance officers often have the thankless job of performing the annual review of their compliance program required by Advisers Act Rule 206(4)-7. As discussed in our blog post, Write the Best Annual Compliance Program Review Ever!, that review should consider changes to the Advisers Act and applicable regulations, legal proceedings and guidance from regulators, including risk alerts and interpretations. To simplify the task of collecting all of this information, I’ve identified the top regulatory hot buttons to help advisory firms update their compliance programs for 2025. This is not an exhaustive list; instead, it is the highlight reel of SEC focus areas.
Advisers’ Year-End Checklist for 2024
Compliance officers love checklists, so we’ve put together some “to dos” to consider completing before the end of the year. Enjoy! Get out Your Checkbook
Regulatory Roundup for October and November 2024
Things have perked up this month, with EXAMS’ release of its 2025 priorities and publication of a new FAQ on Form PF’s compliance deadlines. The SEC also settled with two advisers on “greenwashing” charges, presumably resulting from EXAMS promise in its 2020 Exam Priorities to review “the accuracy and adequacy of disclosures provided by RIAs offering clients new types or emerging investment strategies, such as strategies focused on sustainable and responsible investing, which incorporate environmental, social, and governance (ESG) criteria.” I also could not resist including two cases from September. The first case includes a textbook example of the issues raised when cross-trading illiquid fixed-income securities. The second case provides a rare example of the SEC pursuing a firm for failing to register because of operational overlap.
September Surprise: SEC Finds Gaps in MNPI Controls for CLO Manager
In the SEC’s burst of settlements at the end of its fiscal year, one case about the potential misuse of material nonpublic inside information (“MNPI”)
Regulatory Roundup for September 2024
FinCEN added to advisers’ compliance burden this month by imposing new anti-money laundering policies and procedures for January 1, 2026. The SEC also ended its fiscal year with more heart attack-inducing fines against 11 broker-dealers, investment advisers and a dual registrant for “widespread and longstanding failures” for using unapproved electronic communications methods, known as “off-channel communications.” In a surprise move, the Commission announced the first settlement where an adviser received no penalty for its record-keeping failures, presumably because of its self-reporting and selflessness by helping the SEC build a case against another firm. The SEC also continued its “broken windows” regulatory approach by announcing settlements with 11 investment managers for failing to file Form 13F and 13H with civil penalties exceeding $3.4 million. We wrap up with a case showing that the SEC has not given up on its assault on private funds, charging a firm with fraud for singling out some of its investors for preferential treatment.
For over two decades, we have been providing compliance consulting services and servicing as outsourced Chief Compliance Officers. Our professionals have served as SEC regulators and in senior leadership, guiding the industry’s principal compliance association. Our consultants also have hands-on industry experience as chief compliance officers, experienced securities attorneys and senior management of investment advisers, broker-dealers and fund administrators.
What can SEC3 do for you?
SEC3 offers an extensive suite of customizable compliance services for investment advisers, private fund advisers, CPOs, CTAs, investment companies, institutional investors and broker-dealers which can complement your internal compliance program on a one-time or recurring basis depending on your needs.
Call us today at (212) 706-4029 x 229, or shoot us an email at info@SEC3compliance.com so we can set up a time for one of our consultants to discuss your needs and how we can help.
