SEC Reporting Modernization Ready with CSS
Clean and timely source data
Timely, accurate, complete and consistent data are required for Form N‐PORT (30 days after month end) and Form N‐CEN (75 days afterer year end), with any failure bringing regulatory and consumer censure. Firms will need to create a centralized auditable store of clean data brought together from multiple internal and external sources.
Compliance workflow management
With tight timelines, firms will be hard pushed to implement an efficient sign‐off process that has the appropriate balances and checks to ensure accurate and timely filing. Quality control, with multi‐eye approval and a built‐in audit trail, are key to meeting requirements.
Organizational scale
The changes are going to challenge most firms’ organizational scale – the rules involve a near doubling of the data points while the reporting period is halved. Firms will need to choose support that can accommodate multiple filings and sources, with increased resource available at peak times.
End‐to End process control
Firms need to be cognizant of the consistency of reporting across different public venues where their data is visible.
The key will be automation and making sure they have the right vendors in place to handle requirements.
PRIIPs Compliance with CSS
The PRIIPs KID stipulation covers packaged retail products such as funds, insurance‐based investments, structured products, derivatives and investments issued by some special purpose vehicles. From the end of 2019 UCITS funds will also be included in the PRIIPs KID framework. Manufacturers will have to produce the KID, containing information about a product’s key features, risks, and costs. External providers of funds that are wrapped by insurance‐based investment products, or indeed included in multi‐option investment solutions, will be required to provide some of the data and documents needed by their PRIIPs manufacturer clients. Distribution channels and intermediaries will be responsible for delivering the KID to the end investor in good time.
EPT Generation and Distribution
Asset management firms will be expected to create EPT (European PRIIPs Template) data files to support their wholesale clients who package investment funds in PRIIPs.
EPT Collection
PRIIPs manufacturers that use external management firms and structured product issuers will need to liaise with numerous external firms to collect EPT data templates for timely, accurate and efficient KID production.
Transaction Cost Calculation
PRIIPs manufacturers and underlying investment managers are required to calculate three‐year averages for transaction costs to facilitate cost disclosure requirements within the KID.
MiFID II Compliance with CSS
MiFID II will have multiple impact areas for both product manufacturers and distributors, affecting governance, controls, operations, technology, infrastructure and client/partner relationships. For the investment industry and its distribution network it can be divided into two key parts:
Regulatory reporting:
The regulations usher in a new era of market and infrastructure transparency, and with it a more consistent application of reform across Europe, along with an extension of scope from the original MiFID equity coverage to include non‐equity markets such as fixed income and OTC derivatives.
New pre- and post‐trade reporting, along with T+1 transaction reporting, will become mandatory and will lead to new publication entities emerging as authorised APAs (Approved Publication Arrangements) to support near real‐time, post‐trade reporting. T+1 transaction reporting will operate either directly through the local National Competent Authority (NCA) or via an authorised Approved Reporting Mechanism (ARM).
Investor protection:
MiFID II aims to remove conflicts of interest that arise through commission payments and inducements, with greater transparency on the use of client money.
Electronic Messaging Exams: Looking Beyond Emails
The SEC is conducting “electronic messaging” examinations, which include all forms of written communications related to an Adviser’s business which are conveyed electronically by methods other than email messages sent or received using the Adviser’s email system.
The types of electronic messaging in the examination include those of the Adviser and the Adviser’s personnel (including independent contractors) used for the Adviser’s business and subject to the Books and Records rule (Rule 204-2(a)(7) or (11)).
The types of electronic messaging include:
- Instant messaging
- Text/SMS messaging
- Email and personal or private messaging, whether on the Adviser’s systems or third party apps or platforms
- The Adviser’s mobile devices
- Personally owned computers or mobile devices used by Adviser personnel, including independent contractors
The exam document request asks the Adviser to provide copies of written policies and procedures relating to electronic messaging, including informal or unwritten policies or procedures, and those addressing transmittal of sensitive information and related security and privacy concerns. The exam requests identification of all persons overseeing the policies and procedures and their roles and responsibilities, monitoring and review processes, exception reports, whether any violations have been detected, a summary of any internal audits or compliance reviews associated with electronic messaging, and copies of any risk assessments or risks, and how the Adviser mitigates or addresses these risks. Information regarding recordkeeping is requested, including if maintained by a third party vendor.
Takeaways:
- Review your policies and procedures related to electronic messaging. Ascendant’s Cybersecurity Practice can partner with you to craft more robust policies related to Electronic Communications, Acceptable Use and Information Security that are tailored to your business and cover policies and controls for email, text messaging, apps and cloud-based services. You can also use our proprietary technology tool, Ascendant Compliance Manager, to manage and distribute those policies, capture employee attestations, document your control activities and log any material findings. Contact us to learn more.
- We’ve also previously weighed in on some of your options relating to policies regarding personal e-mails at work in a previous blog we did on cybersecurity, linked here.
- We believe this is a sweep exam in the NY region, which may be designed for information gathering and result in a soon-to-be SEC Guidance Alert. We will continue to keep you posted if/when we learn anything new.
Form ADV Help: ComplianceCast, Toolkit
By now, many have heard about the coming changes to Form ADV which will be effective October 1, 2017. These changes can be largely grouped into three categories:
- Separately Managed Accounts: Firms will be required to provide additional information about their SMA businesses, including assets under management, borrowings and derivatives, number of clients and types of assets held
- Additional Identifying Information: Firms will also be required to include additional identifying information about their businesses, which is either new information (e.g. addresses of all company social media accounts) or more specific answers to existing questions (e.g. stating exact # of clients or AUM where it used to be a range)
- Umbrella Registration: Private fund adviser entities operating a single advisory business who meet certain conditions will be able to register using a single form ADV as part of an “umbrella registration”
In addition to the above, the final rule, which was enacted in October 2016, included changes to the Investment Advisers Act Books and Records Rule requirements. Subsequently-released technical amendments to Form ADV were also issued in May 2017 to reflect the recent changes to Wyoming’s state registration protocol.
The way we’re thinking about these changes are – they’re material, but manageable. We don’t think they should be a huge burden on most firms, but they do require close attention. For that reason, we’re hosting a ComplianceCast on the topic on Thursday, July 20 to talk through the changes in more detail.
In addition, on August 1, we’ll be releasing our free Ascendant Form ADV Toolkit, which will be hosted on our proprietary technology tool, Ascendant Compliance Manager (ACM). The toolkit will have valuable content like templates, checklists of the new information required and commentary from our consulting team to make this process as painless as possible – whether you’re filing your firm’s Form ADV for the first time or the 20th.
COMPLIANCECAST REGISTRATION | FORM ADV TOOLKIT REGISTRATION
*Note if you are an existing client on ACM, you will automatically have access to the toolkit and do not need to register to receive a copy.
FinTech, Briefly Frozen by DOL Rule, Is Hot Again
The unsure nature of the Department of Labor Fiduciary Rule effectively perplexed many investment advisers in the months following the election of President Donald Trump, with many paralyzed by the murkiness regarding whether he would or wouldn’t scrap the rule.
After a brief delay, part of the rule went into effect on June 9, although the DOL announced an intention to continue its review in a move that could portend additional future changes.
With a glimpse of improved clarity however, has come action. According to InvestmentNews.com, even the partial implementation of the rule has caused a skyrocketing in demand for technological answers to meet the fiduciary rule requirements.
One firm that offers FinTech solutions characterized the burst of activity as “a tidal wave of interest.” Another has seen a 40% increase.
The numbers show that firms are embracing technology-based solutions to their compliance challenges. This mirrors the trends with the regulators, as well; the SEC has spent heavily in big data technologies over the last several years, and within the last month, its Acting Director and Acting Chief Economist of the Division of Economic and Risk Analysis Scott W. Bauguess noted that improved artificial intelligence technology has bolstered the SEC’s capabilities of spotting potential wrongdoing.
In its 2018 budget request, the SEC’s No. 1 bullet is to “us[e] leading technologies to support our economic and risk analysis functions and permit the SEC to better keep pace with the entities and markets we regulate.” The takeaway is clear: neither regulators nor compliance officers can expect to effectively detect 21st century fraud with 20th century technologies.
Ascendant emphasizes to clients the importance of embracing technology in their compliance programs. We recommend you review your roadmap for the next two years and ensure your executive team is aware of the importance of investing now in an efficient and tech-enabled compliance program, for DOL and beyond.
For compliance with the DOL Fiduciary Rule, Ascendant’s proprietary tool, ACM, offers policy and checklist templates, along with a framework to distribute training materials to your entire staff. Ascendant’s ACM Trade Blotter Manager also offers an opportunity to move compliance officers at investment firms out of a manual, Excel-based testing model into a robust post-trade compliance engine and data analytics platform that detects, prioritizes and mitigates operational and compliance risks derived from trading activities.
For more information on how we can help you automate your compliance program, contact us.