May 10, 2018

Why Every Fund Manager Should Adopt an Employee Handbook (Part One of Three)

In the era of #MeToo, there has never been a more important time for a fund manager to clearly articulate to its employees the adviser’s expectations regarding what is and is not acceptable employee behavior, given that a single rogue employee’s bad behavior could cause severe damage to the adviser’s reputation and expose the firm to potential liability. Employee handbooks play a key role in communicating the employer’s expectations to its employees and minimizing employer liability. For these reasons alone, most, if not all, employers should adopt an employee handbook. Unfortunately, the task of drafting and implementing these policies can be challenging for private fund advisers, many of which are leanly staffed and often lack in-house employment expertise. This three-part series on employee handbooks is designed to assist fund managers that have not yet adopted employee handbooks, as well as provide a benchmark for established managers that have already adopted them. This first article outlines the key benefits to fund managers of adopting employee handbooks, the laws that frequently inform the policies included in handbooks and the administration of employee handbooks. The second article will review the most important policies that advisers should consider including in their handbooks. The third article will explain how advisers can avoid common mistakes when drafting their employee handbook policies. For more on employment-related issues, see “What Fund Managers Need to Know About the Legislative Response to #MeToo” (May 3, 2018); and “Evaluating Pay Equality: Steps Investment Managers Should Consider to Avoid Running Afoul of Equal Pay Laws” (Nov. 30, 2017).

What Are the GDPR’s Implications for Alternative Investment Managers? (Part Two of Two)

Now that the effective date for the recast Markets in Financial Instruments Directive has passed, investment managers across the E.U. and beyond have turned their attention to implementing policies and procedures to enable them to comply with the E.U.’s General Data Protection Regulation (GDPR), which is scheduled to become effective on May 25, 2018. Although the GDPR will primarily affect investment managers and private funds domiciled in the E.U., it will also have broad extraterritorial effect, as investment advisers and funds domiciled outside of the E.U. will likely periodically process personal data of natural persons, especially where the investment manager or fund accepts investments from E.U. investors. In this two-part guest series, Oliver Robinson, associate director of the Alternative Investment Management Association, breaks down the key provisions of the GDPR and how they may affect advisers and private funds. This second article discusses the rights of data subjects, the minimum requirements applicable to a processor, the role of a “Data Protection Officer,” the cybersecurity measures required by the GDPR, the obligation to report breaches of the GDPR and parallel legislation introduced in the U.K. in light of Brexit. The first article reviewed the driving forces behind the enactment of the GDPR, its territorial scope, the data-protection principles that apply when processing personal data, the legal bases pursuant to which in-scope firms may process personal data and the rules surrounding cross-border transfers of personal data. For more on the GDPR, see “The Challenges and Benefits of Multi-Factor Authentication in the Financial Sector (Part Two of Two)” (Nov. 9, 2017).

SEC Emphasizes Investment Adviser Fiduciary Duty and Proposes Enhanced Adviser Regulation

It is important for investment advisers to understand how the SEC expects them to fulfil their fiduciary duties in order to mitigate the risk of adverse client or regulatory action. The SEC recently issued a release seeking comment on the agency’s proposed interpretation of an investment adviser’s fiduciary duty and its proposal to enhance regulation of advisers through, among other things, licensing, account statement delivery and financial responsibility requirements. This article summarizes the key takeaways from the release. See “What Precisely Is ‘Fiduciary Duty’ in the Hedge Fund Context, and to Whom Is It Owed?” (Jul. 23, 2009).

What Fund Managers Can Learn About Cyber-Breach Disclosure From Yahoo’s $35-Million SEC Settlement

On the heels of publishing disclosure guidance, the SEC has issued an order in its first-ever action against a public company for failing to disclose a material data breach. Altaba Inc. (formerly known as Yahoo) has agreed to a $35‑million fine to settle SEC accusations that it failed to promptly notify investors about its massive 2014 data breach in which hackers stole personal data relating to hundreds of millions of user accounts. The SEC’s cease-and-desist order highlights the nearly two-year delay in fully investigating and notifying the public of the event. During this time period, Yahoo included generic descriptions of its cybersecurity risk factors and incident history in its Forms 10‑K and 10‑Q filings, the order explains. This article analyzes the order and provides lessons to fund managers on disclosing cybersecurity breaches. See “SEC Confirms Cyber Disclosure Expectations in New Guidance” (Apr. 26, 2018).

SEC Settlement With Deutsche Bank for Alleged Fraudulent Bond Sales Practices Highlights Challenge for Fund Managers to Obtain Accurate Pricing

Fund managers that purchase thinly traded securities rely, in part, on the good faith of dealers in those securities. A recent SEC settlement with Deutsche Bank Securities, Inc. (DBSI) and a former head trader is a reminder of the fine line between sales puffery and outright fraud, as well as of the challenge of obtaining accurate pricing information. According to the settlement order, DBSI and its head trader failed to reasonably supervise employees who made misrepresentations to customers in secondary market trading in commercial mortgage-backed securities. Among other sanctions, DBSI has agreed to reimburse a significant amount to affected customers in connection with those allegedly fraudulent sales practices. This article details the alleged misconduct, the respondents’ violations and the terms of the settlement. For other actions involving improper sales talk in bond trading, see “SEC Complaints Against Former CMBS Traders Highlight Need for Fund Managers to Verify Broker Pricing for Thinly Traded Securities” (Jun. 1, 2017); “SEC Settlement With Ex-Goldman Head RMBS Trader Highlights Risk That Puffery May Become Misrepresentation When Trading Illiquid Securities” (Sep. 8, 2016); and “Pricing Information Provided by Brokers to Hedge Fund Managers for Thinly Traded Securities May Not Be Reliable” (Sep. 17, 2015).

Timothy Clark Rejoins Dechert in New York

Investment funds lawyer Timothy Clark has returned to his former law firm, Dechert, in New York after serving as a partner at O’Melveny & Myers. Clark advises private funds on a wide range of transactions including fund formation; investments; and mergers and acquisitions. For commentary from other Dechert partners, see “How Cross-Border European Fund Managers Can Prepare for Brexit’s Momentous Regulatory Effect” (Apr. 6, 2017); and “Recent Hedge Fund Fee and Liquidity Terms, the Growth of Direct Lending and Demands of Institutional Investors” (Jul. 14, 2016).