Pre-Trade for Position Limit Monitoring – Client Success
Position Limit Monitoring requires the regular sourcing of limits from exchanges and regulators to ensure that the most current limits are applied to a firm’s positions, even during a trading day. Compliance and effective monitoring of intraday positions requires firms to calculate spot effective periods, aggregation correlation and ratio adjustments – complex tasks for firms relying solely on an order management system (OMS) not designed for these purposes. Monitoring merely intraday positions that are settled can lead to a sub-optimal, reactive trading strategy. To ensure true intraday compliance, firms need the ability to monitor position limits and adjust orders before execution.
Colorado Passes Privacy Act
The Colorado Legislature recently strengthened personal data privacy rights with the passing of the Colorado Privacy Act (Bill SB21-190), becoming just the third U.S. state to recently modernize its privacy regulation in a manner similar to the EU’s General Data Protection Regulation (GDPR). The bill seeks to meet the changing needs for data protection due to technological advances. Consumers are given the ability to opt-out of having businesses process and share their personal information. The bill requires companies to ensure they are protecting personal data through performing assessments of their processing activities and ensuring customers have consented to data collection. The Attorney General and district attorneys have the authority to enforce this bill. It is expected to go into effect in July of 2023.
SEC Publishes Regulatory Agenda
The SEC has proposed a busy regulatory agenda. Among the topics listed are:
- ESG (proposal stage)
- Cybersecurity risk disclosure (proposal stage)
- Amendments to the custody rule (proposal stage)
- Amendments to Form PF (proposed stage)
- Streamlined shareholder reporting for registered funds (final rulemaking)
New Gartner Report on the State of Privacy Regulations
Gartner predicts that by 2023, 65% of the global population will be covered by privacy regulations and by 2024, over 80% of global companies will be subject to modern data protection rules. The “CCPA Effect” continues to be felt in the U.S. as more states have proposed legislation mirroring California’s privacy act.
Keeping Your Compliance Program on Track
This year more than ever, it’s a time for renewal and optimism. As compliance professionals, we have completed our reviews of last year and updated our ADVs, so now it’s time to start working on our real goals for the year.
At the time of this writing, it appears that Gary Gensler, President Biden’s choice to lead the SEC, will be confirmed by the Senate and arrive at the Commission shortly. Gensler has a reputation as an active regulator and will seek to implement the administration’s priorities around climate change and diversity. These initiatives will likely manifest themselves in increased disclosure and potential new rules.
On March 3, 2021, the SEC’s Division of Examinations released their examination priorities for 2021. As in prior years, their examinations will prioritize the protection of retail investors, including seniors, teachers, military personnel and those saving for retirement. As part of this initiative, examinations will look at how registered investment advisers meet their fiduciary obligations and, similarly, how broker dealers are complying with Reg BI. The Division also found that many advisers did not file Form CRS when they should have. A more complete discussion of examination priorities can be found here and an overview of cybersecurity-related priorities here.
Aside from the SEC examination priorities, regulators globally will focus on sustainability, the transition away from LIBOR as a reference rate, changes in a post-Brexit world and the rise of digital assets, including monitoring for fraudulent offerings. In additions, as remote work because of the COVID-19 pandemic continues, regulators will look at how firms have handled issues related to business continuity, data protection, cybersecurity and third-party oversight.
In addressing regulatory and business priorities, compliance professionals can struggle with where to start. Here are some tips for getting started and staying on track:
- Start small and get organized – get your folders and filing structures in place, especially for tracking activities like trade errors, marketing reviews and personal trading. Even the completion of small tasks like these can provide momentum and motivation to tackle larger projects.
- Meet with other departments – reach out to leaders across the firm to understand their upcoming plans. How can you plan accordingly? How do their plans affect yours? Adopt an internal service provider mentality and make a point of checking in regularly to be a resource and see how you can help.
- Set your compliance goals – balance the regulatory and business needs to set an action plan in motion. What do you want to accomplish this year? Goals aren’t just for other departments and new business. Look at your staffing and other resources to determine if you need more people, efficiency or technology. Consider opportunities to enhance training and make your compliance policies and procedures more concise and understandable.
- Quantify and communicate your efforts – keeping track of compliance activities will provide a good measure of contribution to the business and provide a solid basis for evaluating the sufficiency of resources.
The demands of an advisory firm will always challenge a CCO to keep up. Having a plan for executing your compliance program can help a CCO stay on track, while reserving capacity to be an effective resource to the business.
Compliance Solutions Strategies Named to CyberTech100
CSS awarded for its technology and service offerings which enable clients to take a proactive approach to cybersecurity risk management
NEW YORK, June 8, 2021 – Compliance Solutions Strategies (“CSS”), a leading RegTech platform providing technology-driven solutions which assist financial services firms in meeting their regulatory compliance requirements, today announced its inclusion in the CyberTech100. Compiled by FinTech Global with winners selected by a panel of industry experts and analysts, the annual list recognizes the world’s 100 most innovative providers of digital solutions helping financial services firms fight off cyberattacks and protect their data assets.
The CyberTech industry has experienced tremendous growth as recent well-publicized cyberattacks have resulted in extensive disruptions to the global supply chain. A combination of factors is driving increasing levels of vulnerability. As all companies become increasingly reliant on technology and data management infrastructures, cyberattacks are growing in number, complexity and sophistication.
CSS addresses regulatory, business and operational risks across the global investment management industry, supporting a broad scope of institutional asset managers, hedge funds, private equity firms and insurance companies. With its selection to the CyberTech 100, CSS continues to build momentum and deliver market-leading cybersecurity solutions and services for dark web monitoring, policy and procedure development and review, security testing, cyber training and preparedness assessments. CSS’s expertise in regulations governing the protection and use of personally identifiable information (PII), such as GDPR and the California Consumer Protection Act (CCPA), is increasingly being leveraged by investment managers and advisers seeking to implement the controls necessary for properly managing data related to investors and employees.
“We’re thrilled to be included among the world’s most innovative cybersecurity companies,” said E.J. Yerzak, Head of Cyber IT Services at CSS. “CSS uses AI-based technology backed by in-house regulatory and cybersecurity expertise to partner with firms in the development of a comprehensive cybersecurity risk management program. The latest cyber news has accelerated the need for clients to take a more proactive approach to evolving the strength and maturity of their cybersecurity defenses.”