Jul. 04, 2024

Focus on Compliance Program Basics

Rule 206(4)‑7 under the Investment Advisers Act of 1940 (Advisers Act) – the so‑called “Compliance Rule” – requires investment advisers to, among other things, adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act and the SEC’s rules. In other words, hedge fund managers must have compliance programs. Despite the fact that this is not a new requirement, some fund managers are still struggling to satisfy the SEC’s expectations for compliance programs – resulting in exam deficiencies and enforcement actions for violations ranging from having inadequate policies and procedures to failing to tailor a compliance program to the manager’s actual practices. Due to the Fourth of July holiday in the U.S. today, this issue highlights five articles from the Hedge Fund Law Report’s archives that focus on compliance program basics, including compliance issues identified by the SEC in exams of private fund managers; the logistics of tailoring a compliance program; how to improve such programs with gap analysis and risk assessments; the importance of providing effective compliance training; and how to use a checklist to streamline and organize the annual compliance program review. The week starting July 15, 2024, the Hedge Fund Law Report will resume its normal publication schedule. See “SEC Cites Adviser, Whose Founder and CCO Had Died, for Multiple Compliance Failures” (Oct. 26, 2023).

SEC Risk Alert Identifies Compliance Program Issues in Exams of Private Fund Managers

The SEC’s Division of Examinations (Division) previously issued a risk alert on notable compliance program issues its staff identified during examinations of private fund managers (Risk Alert). Among other issues, the Risk Alert details a lack of compliance resources; a dearth of autonomy and empowerment of CCOs; and a failure to adequately tailor and implement policies and procedures across an array of areas. Peter Driscoll, then-Director of the Division, emphasized the severity of those issues in remarks given the same day (Speech), which further explained the Division’s stance on certain key issues. Taken together, the Risk Alert and Speech highlight the poor compliance practices widespread at private fund managers at the time, many of which likely persist among fund managers today. The first article in a two-part series analyzes the Division staff’s observations about the lack of resources, primitive information technology capabilities and marginalized CCOs at fund managers. The second article details the Risk Alert’s warnings about deficient annual reviews and ill-tailored policies, along with certain high-level takeaways to consider. See our two-part series on why fund managers must adequately support CCOs and compliance programs: “Recent Failures Lead to SEC Enforcement Action” (May 9, 2019); and “Six Valuable Lessons From Recent Enforcement Actions” (May 16, 2019).

The Logistics of Tailoring a Compliance Program

Investment advisers are required to, among other things, adopt and implement written compliance programs pursuant to Rule 206(4)‑7 under the Investment Advisers Act of 1940. Moreover, those programs must be specifically tailored to a manager’s business, including its strategy, structure and specific practices. Failing to customize the compliance program, such as by simply adopting an off-the-shelf program or manual, can result in deficiency letters and enforcement actions from regulators, as well as lost allocations from investors. This three-part series delves into the logistics of tailoring a fund manager’s compliance program. The first article outlines the expectations of the SEC, DOJ and investors as to the customization of compliance programs, as well as the consequences of failing to tailor those programs. The second article lays out what fund managers should consider when tailoring their programs, including the role of off-the-shelf programs. The third article identifies five triggers for a review – and possible update – of a manager’s compliance program. See “How Lawyers Can Leverage the Shifting Environment to Enhance Compliance Programs” (May 11, 2023).

Improving Compliance Programs With Gap Analysis and Risk Assessments

The need for an adviser to have an effective compliance program cannot be overstated. In many SEC-settled enforcement proceedings, the only violation alleged is the adviser’s failure to comply with Rule 204(4)‑7 under the Investment Advisers Act of 1940 – the Compliance Rule. To assist advisers in navigating their obligations under that rule, an ACA Group program addressed the fundamental elements of compliance programs; use of gap analysis and risk assessments to create an effective program; testing and documentation; and qualifications of CCOs and compliance staff. The article synthesizes the program’s key takeaways. See “Overview of the SEC’s Standards for Resilient and Effective Compliance Programs and Fiduciary Practices (Part Two of Two)” (Feb. 2, 2023).

Compliance Training 101

Although hedge fund managers must have compliance programs, neither Rule 204(4)‑7 under the Investment Advisers Act of 1940 – the Compliance Rule – nor its adopting release states that managers must provide training on their compliance programs. Without proper training, however, employees will not know what the manager’s policies and procedures are or how to comply with them. Moreover, the SEC clearly expects managers to provide compliance training. The first article in a two-part series explains the SEC’s expectations as to compliance training and provides three traps to avoid as to the substance of a fund manager’s training. The second article discusses who conducts the compliance training and identifies five traps to avoid when providing training. See “High- and Low-Tech Innovations for Fund Managers to Overcome Compliance Training’s Drawbacks” (Feb. 1, 2018); and “Early and Often: Compliance Training Pays Big Dividends for Private Fund Advisers” (Jul. 8, 2009).

A Checklist for Investment Advisers to Streamline and Organize Their Annual Compliance Program Reviews

According to Rule 206(4)‑7 under the Investment Advisers Act of 1940, registered investment advisers must evaluate, at least annually, the adequacy of their compliance program and the effectiveness of that program’s implementation. Compliance with the annual review requirement is an area of focus for the SEC. This two-part series is structured as a checklist fund managers can adapt and use to streamline and organize their annual reviews. The first article analyzes Rule 206(4)‑7 and sources of guidance on complying with the rule; spells out who should be involved in conducting a fund manager’s annual compliance program review, what information should be gathered for review and what areas should be covered; and notes the questions that SEC examiners are likely to ask about a manager’s annual review during an examination, which managers should be able to answer after having conducted their reviews. The second article provides a non‑exhaustive list of the questions advisers should answer for each substantive area covered in the review. See “Use a Risk Assessment Template to Take a Thoughtful Approach to Compliance” (Apr. 23, 2020).