State Law versus Federal: Who will protect the CCO?

We may not be the first to tell you, but it is important to note that the challenges presented to those holding the CCO title and their duty to supervise recently became more complicated following a decision of the New York Court of Appeals which upheld last month the right of a hedge fund manager to terminate a CCO (who was an at-will employee) for allegedly voicing objections over inappropriate securities trading by his employer (Sullivan v. Harnisch).


The CCO alleged that he was dismissed for doing his job and “speaking out” internally about a securities violation as he was supposed to do given his position. He argued that the manager should not be able to dismiss him under such circumstances. The New York Court of Appeals disagreed.  It found that discharging his obligations under the federal securities laws did not protect the CCO from dismissal under state laws and implied that if the federal legislature wished to protect employees from such at-will termination, it would have to enact new laws.  In the court’s view, an employee is protected from anti-retaliation only if the employee reports the wrong-doing to the SEC and does so under the Dodd-Frank whistleblower statute.  The court also noted that the firm had no express company anti-retaliation policy.

It is interesting that the Chief Judge of the New York Court of Appeals dissented and said that “the message that will be taken from the majority’s decision is self-evident: if compliance officers (and other similarly situated) wish to keep their jobs, they should keep their hands down and ignore good-faith suspicions or evidence they may have that their employers have engaged in illegal and unethical behavior, even where such violations could cause or have caused staggering losses to their employers’ clients”. This decision puts CCOs in a difficult and conflicting situation. On one hand, they face enforcement actions and personal liability from the SEC for failure to supervise. On the other hand, they are not protected from retaliatory termination for doing their job correctly. This is not an optimal result and hopefully, Congress or the SEC will provide guidance. Until then, CCOs could do a few things:

  1. Encourage independent review and testing of the compliance program either internally by an independent audit department or a third-party provider as recently advised by two senior SEC officials, Carlo di Florio, the Director of the Office of Compliance Inspections and Examinations (“OCIE”) and Norm Champ, the Deputy Director of OCIE. See the rest of the recommendations by the SEC in our previous Communiqué “When should newly registered private fund managers expect to be examined by the SEC?”. Independent review procedures should be established before problems arise and when there is more internal consensus on their adoption. A second set of eyes and an independent report can help the CCO make a case that he or she supervised “reasonably” and may, in some instances facilitate communications with the firm’s management as well.
  2. Encourage the adoption of anti-retaliation policies in their firms’ compliance programs and employee handbooks.
  3. Document in detail their efforts to inform management about possible violations and management’s reaction and efforts to correct and/or address violations even if the actions taken by the CCO, while reasonable, are not exhaustive and did not entail pursuing every possible course of action, such as whistleblowing.
  4. Do extensive due diligence before accepting the CCO title. Is there tone at the top?  If you find yourself in a position where you are holding the CCO title, there is limited tone at the top and you are unable to implement change, seriously consider calling a headhunter.