Top Tips for Updates to Your Compliance Program for 2024
By Jaqueline M. Hummel, J.D., IACCP®
Director of Thought Leadership, SEC3
Every year compliance officers face the unenviable job of performing their compliance program’s annual review under Advisers Act Rule 206(4)-7). An essential element of that review is updating the firm’s compliance policies and procedures to reflect relevant regulations and changes to regulatory guidance. Here’s a cheat sheet for Chief Compliance Officers summarizing the SEC’s big-ticket items from 2023.
The Big Picture
The SEC’s most significant rule changes in 2023 were strategically aimed at private fund managers, imposing a higher level of transparency through additional reporting, disclosure obligations, and conflict mitigation measures. These changes are not to be taken lightly. Specifically, the SEC introduced five new private fund-focused rules: the Restricted Activities Rule, the Preferential Treatment Rule, the Adviser-Led Secondaries Rule, the Quarterly Statements Rule, and the Audit Rule. The last two rules will only take effect in 2025, providing firms with a grace period. The SEC also made several amendments to Form PF, including a new requirement to report certain triggering events within a relatively short time frame. New record-keeping requirements under Rule 204-2 of the Advisers Act accompany these rules.
Other advisers will also feel the squeeze of the SEC’s rulemaking activities. Under Advisers Act Rule 206(4)-7, the SEC also mandated that all registered advisers maintain a written report of the annual review of the firm’s compliance program.
Another change to the securities laws that may affect investment advisers is the new Securities Exchange Act Rule 14Ad-1, which requires investment managers that exercise investment discretion over securities with an aggregate value of at least $100 million (Form 13F filers) to report their say-on-pay votes annually on Form N-PX.
The new T+1 rules will also have significant implications for investment advisers. The SEC amended Rule 15c6-1 under the Securities Exchange Act to reduce the standard settlement cycle for most broker-dealer transactions in securities from two days to one (T+1). In light of this new T+1 settlement, Advisers Act Rule 204-2(a)(7)(iii) was also amended to require investment advisers to maintain records of “confirmations they receive and of allocations and affirmations they send or receive for any transaction that is subject to the requirements of Rule 15c6-2(a).” This change necessitates a shift in recordkeeping practices for investment advisers, which should be reflected in their compliance programs.
The SEC also adopted amendments to the beneficial ownership reporting requirements under Sections 13(d) and 13(g) under the Securities Exchange Act of 1934, shortening the reporting deadlines and requiring that the reports be made in XML format. Advisers required to make Form 13D and 13G filings should update their policies and procedures to reflect the new requirements.
The Division of Examinations (EXAMS) published seven Risk Alerts in 2023 (three fewer than in 2022). Two alerts were forward-looking, providing advisers with a roadmap for upcoming examination requests, addressing the Marketing Rule and providing details on the SEC’s examination selection process and document requests.
The remaining alerts detailed the Division’s findings in five different areas: newly registered investment advisers, LIBOR-transition preparedness, safeguarding customer records at branch offices, broker-dealer Regulation Best Interest compliance, and broker-dealer anti-money laundering compliance.
Compliance officers should review all of the EXAM’s risk alerts, but I would put Risk Alert: Examinations Focused on Additional Areas of the Adviser Marketing Rule at the top of my list. I recommend Risk Alert: Safeguarding Customer Records and Information at Branch Offices for retail advisers. For firms that have never been through an SEC examination or expect one soon, I recommend Risk Alert: Observations from Examinations of Newly-Registered Advisers and Risk Alert: Investment Advisers: Assessing Risks, Scoping Examinations, and Requesting Documents.
Recommended Changes
Based on this regulatory background, here are my recommendations for updating your compliance program in 2024:
1. Private Fund Managers should document changes to policies, procedures and business practices implemented to address the SEC’s new private fund rules – the Restricted Activities Rule, the Preferential Treatment Rule, and the Adviser-Led Secondaries Rule
These three new rules become effective sooner for larger firms. Specifically, the rules become effective on September 14, 2024, for advisers with $1.5 billion or more in private fund AUM, and March 14, 2025, for other private fund advisers.
Restricted Activities Rule: Firms that manage private funds will need to update their policies and procedures to reflect the requirements of Advisers Act Rule 211(h)(2)-1. The rule applies to all private fund advisers, including those registered with the SEC and those exempt from registration (ERAs). This rule requires disclosure and, in some cases, consent from investors before the adviser can engage in the restricted activities described in the rule.
Preferential Treatment Rule. Advisers Act Rule 211(h)(2)-3, the Preferential Treatment Rule creates new requirements for all private fund advisers to disclose preferential terms (also known as side letter terms) that have a material economic effect on investors before the fund accepts an investor’s commitments and disclose all preferential terms after an investor invests. It also requires advisers to offer certain terms to all investors. Advisers to private funds will need to prepare disclosures before and after each fund closing and offer “most favored nation” elections to all investors if they contain such preferential redemption or portfolio investment information terms.
The Restricted Activities and Preferential Treatment Rules include grandfathering options that exempt existing governing fund agreements from certain aspects of the rules. Firms should note, however, that these “legacy provisions” only apply when (i) the fund commenced operations before the applicable compliance date, (ii) the governing documents were entered prior to the compliance date, and (iii) compliance with the rules would require the parties to amend the governing documents.
Adviser Led Secondaries. Advisers Act Rule 211(h)(2), the Adviser-led Secondary Rule, requires that SEC-registered private fund managers obtain a fairness or valuation opinion before engaging in an advisor-led secondary transaction and distribute a written summary of material business relationships with the opinion provider to all investors. The rule defines an “adviser-led secondary transaction” as any transaction where a fund’s investors are offered two options, first to sell all or a portion of their interests in the fund and second, to convert (or exchange) all or a portion of their fund interests into interests in another vehicle managed by the adviser or its related persons.
The SEC also amended Advisers Act Rule 204-2, which requires SEC-registered investment advisers to retain copies of the notifications, consents, and other documents distributed to or received from private fund investors under these three rules. Firms will need to incorporate these changes into their recordkeeping procedures.
For more details, check out our blog post: SEC Adopts Significant Changes to Rules Governing Private Fund Advisers, the SEC’s Adopting Release, and A Small Entity Compliance Guide.
2. All RIAs should Amend Policies and Procedures for Conducting the Annual Review of the Compliance Program to Include Written Documentation of the Results
Advisers Act Rule 206(4)-7(b) was amended effective November 13, 2023 and requires that SEC-registered advisers document their review of the adequacy of their compliance policies and procedures and the effectiveness of their implementation efforts. While most SEC-registered advisers already document their annual review, this change may cause SEC examiners to closely scrutinize whether the reviews (i) demonstrate why an adviser’s implementation of a policy is adequate, (ii) critically identify deficiencies uncovered, and (iii) present action-oriented plans to remedy any such deficiencies. Investment advisers should ensure their policies and procedures regarding the annual review required under Rule 206(4)-7 are amended to reflect the documentation requirement.
3. Form PF Filers Should Be Ready to File Additional Reports and Provide More Details
Amendments to Section 5: Current Large Hedge Fund Adviser Reporting for Qualifying Hedge Funds. The SEC made changes to Form PF that require large hedge fund advisers to report “triggering events” concerning “qualifying hedge funds” within 72 hours of occurrence. These Triggering Events” include extraordinary investment losses, significant margin and default events, termination of or restrictions on a prime broker relationship, operational events, and large withdrawal and redemption requests. Large Hedge Fund Advisers, defined as any adviser having at least $1.5 billion in regulatory assets under management attributable to hedge funds, must file a current report on Form PF Section 5 as soon as practicable but no later than 72 hours after the Triggering Event occurs for any qualifying hedge fund. A qualifying hedge fund is any hedge fund with a net asset value of at least $500 million, individually or combined with any feeder funds, parallel funds and parallel managed accounts.
Amendments to Section 6: Quarterly Reporting for Private Equity Fund Advisers. Private fund advisers with at least $150 million in private equity fund assets under management must now file a Section 6 “private equity event report” within 60 calendar days after the end of the fiscal quarter in which certain triggering events occur, which include the removal of a general partner, certain fund termination events, and the occurrence of an adviser-led secondary transaction. The SEC adopted these amendments in May 2023 and became effective December 11, 2023. More details about these amendments are available on the SEC’s Fact Sheet.
Affected firms will need to create a system to determine if any of these trigger events occurred and conduct analysis to review and file the current reports. Policies and procedures must also be developed to incorporate these new filing requirements and associated recordkeeping.
Amendments to Section 4: Increased Annual Reporting for Large Private Equity Fund Advisers. As part of the newly amended Section 4, large private equity fund advisers (defined as firms with $2 billion or more private equity assets under management) must provide more detailed information in their annual Form PF filings. The effective date is June 11, 2024, so for large private equity fund advisers with a December 31 fiscal year end, this new information will be reported on the Form PF submitted by April 30, 2025. Here is a summary of the changes:
- Question 82 asks the adviser to disclose the implementation of any general partner clawback or a limited partner clawback (or clawbacks) exceeding 10% of a fund’s aggregate capital commitments.
- New Questions requesting disclosure about:
Form PF Question | Topic |
66 (new question) | Investment strategies |
67 (enhanced question) | Country exposure based on NAV |
68 (new question) | Fund-level borrowings (including credit available and average amount borrowed over the reporting period) |
77 (enhanced question) | Portfolio company events of default |
78 (enhanced question) | Identification of institutions providing bridge financing |
4. All Registered Investment Advisers Should Update Their Books and Records Procedures to Include Confirmations, Allocations and Affirmations Required under the New T+1 Rules
The SEC amended Rule 15c6-1 under the Securities Exchange Act of 1934 (the “Exchange Act”), shortening the standard settlement cycle for most broker-dealer transactions in securities from two days to one (T+1). The SEC also adopted new Rule 15c6-2 requiring broker-dealers to enter into written agreements or have written policies and procedures to ensure completion of allocations, confirmations and affirmations “as soon as technologically practicable and no later than the end of trade date.”
Advisers are also affected since the SEC also amended Advisers Act Rule 204-2(a)(7)(iii) to require investment advisers to keep records of confirmations and allocations, including the time, to the minute, that allocations and affirmations are set to or received by a broker-dealer. Alternatively, the SEC acknowledged in the final release that, in some cases, “affirmation is performed by the asset owner’s custodian (or its prime broker) on the asset owner’s behalf.” The SEC confirmed “that an adviser may rely on a third party to make and keep the required records.” The compliance date for these new rules is May 28, 2024.
In its Risk Alert: Shortening the Securities Transaction Settlement Cycle, the SEC’s EXAMS alerted market participants that it will be assessing their level of preparedness for T+1. Advisers should confirm whether their trading partners, such as broker-dealers and custodians, are ready to meet the shortened settlement timeline and their ability to provide allocations and affirmations required.
5. For Advisers that File Form 13F: Prepare for New “Say-on-Pay” Disclosures on Form N-PX
The SEC adopted amendments to Form N-PX under the Investment Company Act and rules and amendments under the Exchange Act to make proxy voting information provided by mutual funds, ETFs, and other registered funds (collectively “Funds”) easier to read and understand.
The Commission also adopted new Rule 14Ad-1 under the Securities Exchange Act of 1934, requiring all institutional investment managers that exercise investment discretion over securities with an aggregate value of at least $100 million (regardless of whether the adviser manages private funds) to report their say-on-pay votes annually. An “institutional investment manager” is defined as an entity that either invests in or buys and sells securities for its own account. As discussed in an FAQ from the SEC, banks, including their trust departments, insurance companies, broker-dealers, trustees, and investment advisers that manage private accounts, mutual fund assets, or pension plan assets are institutional investment managers.
- In addition, new Rule 14Ad-1 requires these institutional investment managers to report annually on Form N-PX “votes on the approval of executive compensation and on the frequency of such executive compensation approval votes, as well as votes to approve ‘golden parachute’ compensation in connection with a merger or acquisition,” known as “say-on-pay.” Reporting is required for institutional managers who (i) have the ability to vote or direct the voting of a security, including the ability to determine whether to vote a security or recall a loaned security before a vote and (ii) exercise this voting power. Institutional investment managers with proxy voting authority who decide not to vote, such as by deciding not to recall and vote securities on loan, are still required to file Form N-PX. Likewise, managers who do not vote on any reportable matter are also required to file a notice report indicating that no votes were cast.
Form N-PX must be filed by August 31, 2024, containing the reporting persons proxy voting records for the most recent 12-month period ending June 30.
The adopting release clarifies that say-on-pay vote disclosures on Form N-PX will be required of all institutional investment managers subject to section 13(f) for any say-on-pay shareholder vote, not just for 13F listed securities.
The final rule requires the Form N-PX filers to report each voting matter using the same order as printed on the issuer’s SEC proxy card and using the same language. Form N-PX must be filed using a custom XML language. The Form also requires the disclosure of:
- The number of shares voted
- The number of shares that were loaned but were not recalled (if the investment manager can recall securities
- Whether the vote was for or against management’s recommendation
- CUSIP or ISIN of the security.
Impacted institutional investment managers will want to review their proxy voting processes to confirm they can generate the output needed for these new filing requirements in the required XML format.
6. Get Ready for Shorter Deadlines for Schedule 13D and 13G
The SEC adopted amendments to the beneficial ownership reporting requirements under Sections 13(d) and 13(g) under the Securities Exchange Act. Significantly, the amendments shorten the initial filing deadlines for Schedules 13D and 13G. The SEC also provided guidance on current legal standards related to beneficial ownership reporting – including the treatment of cash-settled derivative instruments and the circumstances where a “group” may be considered to exist under the beneficial ownership rules. The amendments also require that Schedule 13D and 13G filings be made using XML structured data. Compliance with the new filing deadlines and the XML structured data requirement for Schedules 13D and 13G will be required by September 30, 2024, and December 18, 2024, respectively.
Investment advisers and institutional investors who file these beneficial ownership reports should update their policies, procedures, and compliance calendars to ensure they meet the new filing deadlines.
Here is a summary of the new filing deadlines:
- For Schedule 13D filers, initial filings will be due within five business days of exceeding 5% of the voting class shares outstanding or when converting from Schedule 13G. This period is reduced from 10 days. 13D amendments will be due two business days after ownership changes by 1% in either direction (material).
- Registered investment advisers who invest passively often file Schedule 13G as Qualified Institutional Investors or “QII”; others may file 13G as Passive Investors. Under the amended rules, initial and amended 13G filings for all 13G filers will be due within 45 days of each quarter end in which a position exceeds 5% of the voting class shares outstanding. This represents a shift from an annual to a quarterly filing. For QIIs filing 13Gs, if a position exceeds 10% of the shares outstanding at any month’s end, an amended 13G will be due within five business days after the month’s end, up from 10 days.
Determining which filings apply to an investor’s holdings of a particular portfolio company is fact-specific and nuanced. Accordingly, an investor who beneficially owns more than 5% of a voting class of registered equity securities should consult outside counsel to confirm the appropriate Schedule 13D or Schedule 13G filing status.
7. All RIAs Should Review Their Compliance Programs to Ensure Issues Raised in EXAMS Risk Alert on Examinations of Newly-Registered Advisers are Addressed
EXAMS issued a risk alert, Observations from Examinations of Newly-Registered Advisers, which describes common deficiencies found during initial examinations of newly registered advisers, including issues with compliance policies and procedures, disclosure documents and filings, and marketing practices. Advisers should read this Alert carefully to determine whether their current practices sufficiently address the deficiencies cited.
The Alert highlighted various faux pas EXAMS has been seeing, including:
- Compliance policies and procedures that:
- Failed to address certain key areas, such as portfolio management and fee billing;
- Failed to include procedures for implementing policies, such as best execution; and
- Were ignored by advisory staff or were not consistent with current processes.
- Firms falling short of meeting regulatory responsibilities by:
- Failing to devote sufficient resources to compliance activities;
- Failing to conduct due diligence on outsourced service providers to ensure they were meeting the adviser’s regulatory obligations;
- Failing to mitigate conflicts of interest created by advisory personnel wearing multiple hats; and
- Failing to have adequate business continuing plans.
- Firms should have included required or accurate information in disclosure documents and met filing deadlines.
- Marketing materials with false or misleading information.
Most of the information should not be news to advisers since it includes observations made in previous alerts. EXAMS also included a list of resources from the SEC website, including where to find all prior risk alerts and the SEC’s examination priorities.
8. All Advisers Should Prepare for More SEC Scrutiny on the Marketing Rule
The SEC’s Division of Examinations issued a risk alert devoted to telling advisers all the different areas the staff will be looking at to ensure compliance with the Advisers Act Marketing Rule (Rule 206(4)-1) (the “Marketing Rule). This Alert reiterated topics discussed in a risk alert from September 2022, Examinations Focused on the New Investment Adviser Marketing Rule, and added a few focus areas, including
- advisers’ marketing rule policies and procedures
- firms’ ability to substantiate material statements of facts in advertisements
- compliance with performance advertising requirements
The staff noted that it will also be looking for compliance with the Marketing Rule requirements for:
- Testimonials and endorsements (including all required disclosures, adviser oversight of dissemination, agreements with promoters, and no compensation of ineligible persons) and
- Third-party ratings (including disclosure identifying the party providing the rating, the period on which the rating was based, and any compensation provided in connection with the rating).
The Alert “encourages advisers to reflect upon their own practices, policies, and procedures to implement any appropriate modifications to their training, supervisory, oversight, and compliance programs.”
9. All Advisers Should Prepare for Their Next SEC Exam
EXAMS issued its seventh risk alert in 2023 that describes its risk-based approach for selecting advisers for examination along with a typical document request list. The risk-based approach is not new, having been adopted in 2003. In this latest discussion, EXAMS provides a list of 11 firm-specific factors that influence the selection process, including (i) “repetitive deficient practices” observed by the SEC staff in prior reviews, (ii) the disciplinary history of the firm’s representatives or affiliates, (iii) business activities of the firm and its personnel that create conflicts of interest, (iv) firms with custody of client assets, and (v) tips, complaints and news articles about an adviser or its personnel. The Alert also listed common examination areas, including an adviser’s operations, disclosures, conflicts of interest, compliance practices covering custody and safekeeping of client assets, valuation, portfolio management, fees and expenses and best execution.
The Alert also included an attachment describing the “types of initial information, including documents, that staff may request and review during a typical examination of an adviser.” This is the first time the SEC has publicly provided a sample request list, so advisers should review it closely and consider how they would respond. Now that this list has been released, examiners may expect firms to be better prepared when they come knocking.
10. All Registered Investment Advisers Should Compare Practices for Safeguarding Customer Records to EXAMS Risk Alert Recommendations
EXAMS published a risk alert highlighting weaknesses in broker-dealer and investment adviser branch office policies and procedures to safeguard client information. The Safeguards Rule issued under Regulation S-P requires brokers and advisers to “adopt written policies and procedures that address administrative, technical, and physical safeguards for the protection of customer records and information.” The crux of this risk alert is that while many firms with multiple office locations have adopted reasonable policies and procedures to address their home office activities, they still need to do so in their branch offices. The Alert breaks down these gaps into the following categories:
- Vendor Management – When firms use a business model that allows branch offices to select their own vendors, EXAMS found weaknesses in branch office vendor selection and oversight practices as well as a lack of training, guidance, standards, and other information provided by home offices to assist branch offices with their responsibilities. Firms should consider their branch office vendor management approach while reviewing service provider oversight policies and procedures.
- Email Configuration – EXAMS found weaknesses when firms permit branch offices to use different email systems from the home office. Firms should carefully consider the additional risks associated with this approach and the controls that can help them properly mitigate and manage them.
- Data Classification—EXAMS observed firms with a reasonable process for classifying their data as electronic records in their home office but failing to follow those same procedures or leverage the same controls for data classification in their branch offices. As a result, those firms failed to properly identify and control customer records and information. Firms using different approaches or controls in branch offices should include them in the firm’s policies and procedures.
- Access Management – EXAMS’ observations in this category centered on differences between home and branch office requirements regarding password complexity and Multi-factor Authentication (MFA) use. Again, some firms implemented appropriate policies and procedures in their home offices but not their branch offices.
- Technology Risk – EXAMS noted firms with reasonable policies and procedures to address technology management practices for inventory management, patch management and vulnerability management at their home office but lacked awareness of the systems used in branches. As a result, branch offices with outdated patching and end-of-life operating systems eluded detection by home office oversight. Once again, firms that allow branch offices to maintain their own systems should consider applying their home office standards to branch office systems if possible or setting specific minimum standards for branches and then reviewing them for compliance periodically.
The SEC expects firms to demonstrate how they consider safeguarding-related risks in the context of home and branch office activities. Firms should consider this holistically – including how branch office expectations are addressed in firm policies and procedures, whether and how to impose minimum standards, providing guidance and training to assist its branch offices in meeting their responsibilities, and finally, providing oversight of branch office compliance with the firm’s expectations.
11. Prepare to comply with the Corporate Transparency Act
Although SEC-registered investment advisers are exempt from the beneficial ownership reporting requirements of the Corporate Transparency Act, certain unregistered funds and funds managed by state-registered or unregistered advisers may be in scope. Investment advisers should review whether any of their funds, affiliated entities, or special purpose vehicles (created to serve as general partners or managing members of private funds) may be subject to the reporting requirements and update their compliance policies and procedures accordingly.
The Corporate Transparency Act (CTA) went into effect on January 1, 2024. According to FinCEN, the CTA requires many companies to report information about who ultimately owns and controls them to the U.S. government. The CTA was enacted as part of the Anti-Money Laundering Act of 2020 and focuses on start-ups, small companies, and shell companies with limited to no operations since these entities are more likely to engage in money laundering, tax fraud, and other illicit activities.
According to the FAQs provided by FinCEN, domestic reporting companies include corporations, limited partnerships, limited liability companies, business trusts, and any other entities or entities created by filing a document with a secretary of state (or similar office) under that state’s law. Foreign reporting companies are entities (including corporations and limited liability companies) formed under the law of a foreign country that have registered to do business in the United States by filing a document with a secretary of state or any similar office.
Whether an entity within a private fund structure must report information about its beneficial owners is a “facts and circumstances” determination. Fund managers need to proceed cautiously and engage outside expertise when determining whether various entities will require beneficial ownership disclosure. For more information on this complicated rule, see FinCEN’s brochure and Small Entity Compliance Guide.
In 2024, investment advisers must be ready to adapt quickly to regulatory changes. The SEC’s focus on private fund managers, accelerated settlement cycles, and heightened scrutiny of marketing practices require compliance officers to up their game in response. Key changes, like the Restricted Activities Rule and the Preferential Treatment Rule, necessitate prompt policy adjustments. Additionally, compliance officers must document annual reviews, refine Form PF filings, and bolster safeguards for customer records. Finally, the introduction of the Corporate Transparency Act adds complexity, requiring a thorough evaluation of reporting requirements for fund entities.
Photo by David Pisnoy on Unsplash
For over two decades, we have been providing compliance consulting services and servicing as outsourced Chief Compliance Officers. Our professionals have served as SEC regulators and in senior leadership, guiding the industry’s principal compliance association. Our consultants also have hands-on industry experience as chief compliance officers, experienced securities attorneys and senior management of investment advisers, broker-dealers and fund administrators.
What can SEC3 do for you?
SEC3 offers an extensive suite of customizable compliance services for investment advisers, private fund advisers, CPOs, CTAs, investment companies, institutional investors and broker-dealers which can complement your internal compliance program on a one-time or recurring basis depending on your needs.
Call us today at (212) 706-4029 x 229, or shoot us an email at info@SEC3compliance.com so we can set up a time for one of our consultants to discuss your needs and how we can help.