EU Further Delays SFDR Level 2 for Asset Managers
The EU has delayed the SFDR Level 2 requirements by six months to July 2022. John Berrigan, head of the European Commission’s financial services unit, said in a letter to the European Parliament that a further delay of six months was needed to avoid a last minute rush for market participants and due to the complexities of the ESG regulation.
“Due to the length and technical detail of those regulatory technical standards … we deem it necessary to facilitate the smooth implementation of the standards by product manufacturers, financial advisers and supervisors,” Berrigan said in his letter. This would mean that the disclosures detailed in the Level 2 would not be published before 1 July 2022. It remains to be seen what the impact of the delay will be on the timeline for the Taxonomy Regulation Level 2.
Expanding Your Compliance Program: Robust Compliance Management in a Post-Pandemic Era
Compliance departments were no strangers to constraints during the pandemic. They were yet another area of the investment management industry that felt the effects of the pandemic, specifically with budget and resource constraints. Many CCOs had to pivot and look for creative ways to find resources within their organization to help fill gaps caused by budget cutbacks and loss of staff. Add to that the continued flow of new regulations and the new work from home (WFH) environments many found themselves in, it is no wonder that many compliance projects were delayed.
During the pandemic, CCOs had to seek additional internal resources to help maintain their compliance programs. They often collaborated with other departments such as trading, operations, or marketing to help with testing and reviews.
Then, upon the start of the recovery, CCOs had to be selective with resources. They recognized that many tasks had been neglected during the pandemic, so they sought ways to outsource parts of their program that were tactical and time-consuming such as e-communications surveillance and Code of Ethics reporting maintenance. This way, their time could be spent getting back on track and focusing on the new regulations coming from the SEC such as the Marketing Rule.
Regulatory Focus in Post-Pandemic World
Moving into the post-pandemic world, it is important that investment managers evaluate the regulators exam priorities and ensure they have sufficient compliance resources in these areas. In August of 2020, the SEC released a Risk Alert to share several COVID-related compliance risks, focusing on the importance of protecting investor assets. For example, during the pandemic, as firms moved to a WFH protocol, cyber hackers became aware of vulnerabilities that existed at firms and increased their attempts to break into firms’ systems or otherwise gain access to client information. As you assess how your firm can effectively manage cybersecurity risks and protect your clients’ information, consider what the next six months to a year will look like at your firm. Will employees be required to return to the office full-time, or will there be a hybrid model where employees are in the office and work from home a few days a week?
If your firm intends to offer staff the option to work remotely, consider the IT controls the firm may already have in place and whether there are any opportunities to expand upon those controls. For example:
- Enhance system access security – require multi-factor authentication wherever possible.
- Discourage employees from printing any sensitive client information from home unless it is necessary to service the client’s account. In any instance where information needs to be remotely printed, employees should make sure to destroy the information in accordance with your document destruction policy.
- Send reminders to staff to make sure their home Wi-Fi is password-protected and have them sign an attestation of compliance with the firm’s information security policies.
- Conduct phishing testing and cybersecurity training for your staff or consider hiring a third-party vendor to assist with training and testing.
These are all easy steps that can be taken to help enhance your cybersecurity controls and mitigate the risks of having your clients’ information compromised.
ESG Products and Investment Strategies
ESG products and investment strategies are another hot topic for the regulators right now. In April, the SEC created a new ESG Task Force in the Division of Examinations that will be focusing on material gaps and misstatements in disclosures of climate-related risks. For investment advisers, funds and private funds that use ESG investment strategies, you can expect that the SEC will want to review your portfolio management practices for consistency with your ESG disclosures and will be looking for formal policies and procedures related to ESG investing. The SEC also issued in April a Risk Alert on ESG investing that noted the lack of compliance review and oversight of ESG investing practices. The SEC has observed compliance staff that had limited knowledge of ESG investment analyses, which they felt resulted in a less effective compliance program at these firms. If you are utilizing an ESG strategy, you will want to make sure compliance personnel are knowledgeable about ESG investing and are aware of related risks. Look to what’s already been put into effect in the EU with the Sustainable Finance Disclosure Regulation (SFDR). The SFDR imposes mandatory ESG disclosure obligations for asset managers and other financial markets participants with substantive provisions of the regulation effective from 10 March 2021, with the Level 2 disclosures applying now from July 2022.
Implementation of Form CRS and Regulation Best Interest
The SEC is focusing on the two new regulatory requirements that went into effect in 2020, Form CRS and Regulation Best Interest (Reg BI). During exams, the SEC has started focusing on whether firms have made a good faith effort to comply with the new requirements and has said the Form CRS is now the first document they will read about a firm before digging into the ADV. Now is the time to take another look at your firm’s Form CRS and ensure:
- Clear, plain-English language has been used
- Express statements are made regarding whether a firm does or does not act
- Required disclosures have not been altered
- No additional disclosures have been added beyond what is required in the form’s instructions
Since all SEC-registered investment advisers and broker-dealers with retail investors were required to file a Form CRS, they are now publicly available, and you can see how other firms approached their Form CRS.
As for Reg BI, the SEC and FINRA are evaluating specific firm procedures for compliance with the regulation and whether firms made any changes to their product offerings to ensure higher cost products have been replaced with lower cost products. They are also looking at how firms are considering costs when making recommendations, identifying and addressing conflicts of interests related to recommendations. Reg BI is a great example of how technology can help firms comply with regulatory requirements. Many firms are utilizing third-party systems to evaluate product transactions and rollovers and help document the firm’s evaluation of account recommendations.
Business Continuity Planning and Pandemic Preparedness
Business continuity is a primary focus of the SEC as it relates to the pandemic. The SEC is now reviewing firms’ business continuity plans to see if they address how the firm will respond to events such as a pandemic, including policies on permitting employees to work from home, issuing laptops to key employees so they can work remotely, and making sure the firm is able to continue communicating with employees and clients. We have also seen the SEC ask firms for a summary of the steps the firm took during the pandemic to continue servicing clients. This is an area where you can be proactive and document the firm’s response to COVID-19 before you get examined.
Now is the Time to Catch Up!
Now is the time to revisit budgets and assess whether resources need to be realigned. Consider whether an independent review of your compliance program could help your firm identify and address any new gaps and/or conflicts of interest that may exist. Move forward with projects that were tabled, and take this time to get ahead of the regulators on their top exam priorities.
If you had to modify any processes during the pandemic, you should reevaluate whether a temporary process has become permanent practice. If so, make sure to update your written policies and procedures. Now that we are well over a year out from the start of the pandemic, the regulators will expect that firms’ policies and procedures are up to date and match actual firm practices.
CSS’s team of regulatory experts is here to help optimize your compliance program. Please don’t hesitate to reach out with any questions on our compliance solutions and services to help you close any compliance gaps: info@cssregtech.com.
UK Suggests More Pronounced Split From EU Financial Services Rules, Post-Brexit
Today the Chancellor of the Exchequer, Rishi Sunak, stated in a speech in London: “[O]ur ambition had been to reach a comprehensive set of mutual decisions on financial services equivalence. That has not happened. Now, we are moving forward, continuing to cooperate on questions of global finance, but each as a sovereign jurisdiction with our own priorities. We now have the freedom to do things differently and better, and we intend to use it fully.” See the full text of the speech here.
Expanding Your Compliance Program – Code of Ethics Management
Are you tired of spending hours opening envelopes, stapling statements together, logging the receipt of statements in a spreadsheet, and then beginning the manual process of comparing transactions on the statement to pre-clearance records and a restricted list? Not to mention the unavoidable papercuts, overflowing file cabinets, and boxes and boxes of 3+ year old statements that need to be retained, but can be moved offsite (when you have time)? A Code of Ethics technology solution gets rid of those things!!!
Code of Ethics technology platforms (“COE Solutions”) enable firms to streamline the management of Code of Ethics reporting and monitoring through an online solution. The systems provide a rules-based interface that automates the requirements of your Code of Ethics, with separate credentialed permissions for users and compliance personnel. While the specific functionality varies, they all have core features that can help save time for compliance personnel and the business. They also enable improved oversight and surveillance of compliance with the requirements of your Code.
A COE Solution enables automated feeds of personal securities transactions and holdings from the broker-dealers where Access Persons maintain accounts. All the relevant data is transmitted to the platform on a daily basis, so you have pretty near real-time information. No more waiting until 30 days after quarter-end to identify violations that may have occurred on the first day of the quarter!
There is workflow to support pre-clearance of IPOs and limited offerings, as well as any additional pre-clearance requirements that may be applicable to your firm, and automated oversight of a restricted list. Investing in ETFs is prohibited without pre-clearance? You can set up a rule in the system to flag any transactions in ETFs where there is not a corresponding pre-clearance request and approval. COE Solutions also enable you to build rules around how long the pre-clearance approval lasts—so if your rule is that the pre-clearance is valid until close of business on the day of approval, but the corresponding transaction occurs on the next day, the system will flag it. Basically, you build the rules, and the system notifies you when a possible violation occurs.
The workflow functionality also enables automation of other Code-related pre-clearance and reporting. Most Codes also require some sort of reporting, and pre-clearance for Gifts & Entertainment at a certain dollar threshold, Political Contributions, as well as outside business activities and other conflicts. The platform can be customized to support pre-clearance requests and approvals of such activities, as well as enabling tracking of cumulative thresholds.
COE Solutions also enable Supervised Persons to fulfil the firm’s requirements to complete attestations and certifications in an online environment. Typically, a standard library of template attestations is provided for those related specifically to Rule 204A-1, such as initial and annual acknowledgements to the Code. You’ll also typically find a “build-your-own” option that lets you create firm-specific questionnaires and certifications that are fully customizable. This means the IT department can disseminate attestations relating to the safeguarding of the firm’s data and compliance with cybersecurity protocols, or HR can use the system to facilitate new hire and other employment-related certifications that are unique to the firm.
COE Solutions provide a central repository of Code-related books and records and WORM-compliant tracking of workflow. Let’s face it. The Code of Ethics rule requires that we collect and monitor extremely personal information about employees–account numbers, holdings, assets, and related data needs to be secure! COE Solutions are set up with all the encryption levels necessary, locked down to a “need to know” basis. It’s not living on a server somewhere in a folder that others have access to.
COE Solutions can also be specifically set up to share information with specific members of the Compliance department. Gone are the days of printing off all your sensitive information and having it sit on someone’s desk. Employees don’t have to worry about unopened statements sitting somewhere in the firm just waiting on someone (and hopefully the right someone) to open.
There are other advantages for employees. Code of Ethics reporting is frequently top of mind for most people when they think about Compliance. With disclosure initially (and sometimes before) hiring, then quarterly and annual at the least, most would point to personal securities transactions and the disclosure of outside business activities as what “compliance” means to them. Code Solutions helps employees save time.
– Customized Questionnaires Based on Responses: Instead of having every possible question on a Word document or piece of paper, COE Solutions can be built out to have decision-trees. If someone marks yes to a particular question, it can then prompt them for more information. If they mark no, then there’s no need to continue the questioning…they can just move on.
– Secure, Personalized Records: COE Solutions do a great job of remembering previously submitted information. So when someone discloses an outside business activity initially, the system can just ask if it’s still applicable, rather than starting with a blank slate. Without this feature, employees inevitably have to come back and say, “I can’t remember if I told you about…” or “What did I say last time?”
-Confirmation of Completion: Employees are able to see they’ve completed the task, and the system provides them a readily-accessible copy of everything they’ve done. There’s also something gratifying about getting a screen that says “Thanks for completing the task” and checking it off your list!
Does all this really matter? Well, in our experience, Code of Ethics discussions are often the first communication with a new employee, and then becomes the most frequent topic of conversation. These can be sensitive subjects, with Compliance needing to demonstrate just how these items are handled at the firm. Having a well thought-out, polished system is a good way to “show off” in the sense that compliance matters to the firm, enough to dedicate some resources. It’s quick, it’s efficient, it’s secure- what’s not to like?
On another note, I find very few things in life to be as annoying as nagging. Whether I’m the one doing it, or I’m the one being nagged, it’s just plain unpleasant. Since this is one of the most frequent touch bases for employees, that means it’s one of the most common reviews/tasks for compliance professionals. With these tasks being pushed out electronically, you can set up reminders to automatically e-mail (nag) people when they don’t complete. It’s amazing how annoying these reminders can be, which also points to how effective they can be. Don’t like getting the e-mails? COMPLETE THE TASK!
Employees – including you – don’t even need to be in the office anymore! Since the Code of Ethics platform is online, it’s available anywhere there’s an internet connection. As we move into a post-Covid world, the workplace looks a lot different than it did 15 months ago. Many firms are moving to a hybrid schedule, some have accommodated a work-from-home arrangement on an ongoing basis for certain employees, and some are even electing to stay fully remote. A Code Solution enables effective management of the Code of Ethics requirements from wherever you and members of team can log in.
Are COE Solutions effective, though? I can resoundingly say YES.
We live in a data-driven society. The quicker information is available, the better and more efficiently we can make decisions. One of those data points these systems can generate is status updates – where everyone is in terms of completing certain tasks. In a few clicks, you can know immediately who’s still outstanding. You can even take it to another level and measure how quickly people are completing the tasks, which would be an important measure of success for implementation.
Like I said, data seemingly runs the world. And with the constant evolving of technology, there’s more and more data available than ever before. Sifting through all this data can be tedious, looking for that “needle in a haystack.” A COE Solution automates rules and allows for ready identification of potential red flags. You can create rules to flag certain specific securities, types of securities, or activities (like price movement). With this set up, you can save time by ignoring the “non-reportable securities” and focus on the real areas of risk.
Inevitably, red flags will lead to a number of false positives, and no matter the extent of your efforts, real issues. These systems give you built-in ways to document reviews/responses, so when you review something and take action, you can document what you did right there. If something popped up and it wasn’t an issue, you can also say why it was flagged but no action was required. It saves time from having to hand-write on a physical statement, comment with a note on a .PDF, or have some completely separate documentation somewhere else.
A COE Solution offers you the opportunity to enjoy, on an ongoing basis, one of those truly rare “win-win” experiences. And by the way, regulators like it, too!
Outsourced Compliance – Client Success
The alternative credit manager focuses on alternative credit strategies and has $5+ billion in assets under management. The experienced Chief Compliance Officer (CCO) required assistance in rewriting the firm’s existing compliance manual to keep their focus on big-picture strategy while providing employees understandable, accurate and useful compliance policies and procedures. The CCO also needed help with the current marketing review process that was causing both inefficiencies and risk to the organization.
Compliance Solutions Strategies Launches Pre-Trade Monitoring of Position Limits
First Intraday Compliance Capability for Order Building in Market
NEW YORK, June 29, 2021 – Compliance Solutions Strategies (“CSS”), a leading RegTech platform providing technology-driven solutions which enable financial services firms to meet mandatory regulatory compliance requirements, today announced the launch of the first pre-trade solution on the market for position limit monitoring.
Asset managers face persistent challenges in the accurate and timely monitoring of their investment positions stemming from ever-changing regulations and complexities in sourcing exchange-imposed limits. CSS’s Position Limit Monitoring solution fully automates the tracking of exchange and regulator-imposed limits on futures, options and other derivative instruments. The platform sources position limits and accountability levels daily on more than 50 exchanges, in addition to CFTC and MiFID II limits, leveraging automation technology and an API that integrates directly with order management systems. Pre- and post-trade monitoring capabilities for position limits enable institutional asset managers and hedge funds to build forward-looking investment strategies with complete visibility throughout the trading day.
The inclusion of pre-trade controls for position limits strengthens CSS’s position as a world-class RegTech solutions provider to the investment management industry with a comprehensive and global investment monitoring offering for compliance with position limits, shareholder disclosure thresholds, sensitive industries regulations and issuer shares outstanding data requirements.
“Position limit monitoring has traditionally only been done post-trade or via an order management system, which is not built for monitoring these limits in real-time and adjusting trades before execution,” said Ronan Brennan, Chief Product Officer of CSS. “Unique in the market, CSS’s Pre-Trade for Position Limit Monitoring enables front offices and portfolio managers to build orders and check forecasted trades against the relevant limits. Implementing these controls in real-time permits a firm to maximize its investment opportunities while staying ahead of regulatory changes and mitigating related risks.”