by Terrance J. O’Malley

A decade ago, legal and compliance issues stood at the top of the priority list for most private fund firms looking at the operational side of their business.  Wide-ranging interviews with leading industry participants, surveys of Chief Operating Officers, and other anecdotal evidence, however, suggests that may not be the case today.  Meanwhile, recent actions by the SEC staff, including the release of “risk alerts” highlighting deficient industry practices, indicate that the SEC has taken notice.  This blog post suggests that senior management should revisit legal and compliance roles to ensure that these functions remain a top priority.

The Rise Before the Fall

Up until the mid-2000s, private fund firms enjoyed an exemption from SEC registration as investment advisers.  As long as a firm managed 14 or fewer funds and didn’t publicly advertise, the firm was off the SEC’s radar.  Some firms nevertheless implemented robust legal and compliance programs; others did not.

Private funds, as entities, also enjoyed a long-standing registration exemption available if a fund limited investors to 100 or fewer.  Moreover, Congress had recently added a further exemption in 1997 by enacting Section 3(c)(7) of the Investment Company Act that allowed private funds to have an unlimited number of “qualified purchaser” investors.  That change (and an average annual return for the S&P index of just over 28% from 1995 to 1999) led to tremendous growth, substantial wealth creation, and of course regulatory scrutiny.

The additional scrutiny resulted in a 2003 milestone report issued by the SEC staff, “Implications of the Growth of Hedge Funds (PDF: 1,715 KB).” The report laid the groundwork for the SEC to soon change its rules and require the adviser registration of private fund firms.

At the same time, the SEC was busy on other fronts.  These initiatives included: 

• Adopting the “Compliance Rule” mandating that registered firms have a chief compliance officer and a compliance manual;
• Proposing another rule to require that registered firms have a written code of ethics; and
• Ramping up its compliance inspections with a new emphasis on emails, particularly in the wake of the mutual fund market-timing scandal.

The SEC’s next step was to pull the registration trigger for private fund firms in 2004.  In effect, the SEC changed its rules so that private funds were no longer counted as a single client.  Instead, firms had to look-through all of their funds and register if they had 15 or more investors on an aggregate basis.  The net result: firms had to register, hire or designate a CCO, draft a compliance manual, and get ready for an SEC compliance inspection.  In short, the SEC’s move accelerated a trend in the private fund industry to staff up on legal and compliance talent and also to dedicate resources for legal and compliance programs.  

As an aside, the hedge fund industry generally supported the registration requirement, while the private equity industry opposed and successfully fought it. The result was a registration rule that omitted the “look-through” for funds with at least a two-year lock up. That meant private equity stayed out of registration, as did those hedge fund firms who could command a two-year lock-up from investors.

The SEC’s registration rule change was soon challenged in court and thrown out in 2006.[1]  Nevertheless, a large percentage of the hedge fund industry had already registered and decided to remain so. 

By the mid-2000s, the private fund industry was booming.  But as the decade came to a close, the industry experienced a number of hugely impactful events.  The 2008-2009 financial crisis – including the collapse of Lehman Brothers – crashed down on the industry and saw regulators implement a series of emergency legal requirements, such as short selling bans and enhanced reporting. The Madoff scandal led to expanded requirements for custody of client assets and generally greater industry scrutiny. 

Then came the implementation of the Dodd-Frank Act. The Act settled the debate about registration.  Every private fund firm (or at least over a certain minimum AUM size) had to register with the SEC (PDF: 1,482 KB)  by early 2012. This time, it included private equity firms.  The Act also enhanced the SEC’s inspection authority – another concern for existing and newly-registered firms.  Finally, the SEC adopted Form PF (PDF: 864 KB), which also went live in 2012.

This tempest of regulatory activity – and it wasn’t limited to just the SEC – justified making legal and compliance the top priority in the private fund space and might be seen as the modern high-water mark.

Causes of the Fall

In the decade that followed, a number of factors likely contributed to the declining priority of the legal and compliance function.  Here are the most significant factors.

1. The industry figured it out. The rationale most favorable to the industry is that firms simply figured it out, and that the resources needed to maintain a legal and compliance program aren’t as significant as those needed to create one. 
2. Nothing to see here. The industry hasn’t had any major public blowups in about 10 years.  At worst there have been a few enforcement cases (primarily involving — ironically — private equity managers (PDF: 226 KB) who got tripped up on fee disclosures).
3. Apprehension over SEC examinations subsided. Substantially.  There’s nothing like the threat of a full on, inside out, upside down regulatory exam to keep everyone in line.  But on an industry-wide basis, it never happened.  When examiners did show up, they were regular, smart professionals trying to do a conscientious job – sometimes finding things and sometimes not.
4. Compliance fatigue. People got tired of hearing about legal and compliance.  The business team didn’t want legal and compliance telling them what to do, nor the cost center.  Colleagues on the operational side maybe grew a bit uncomfortable with the enhanced status of legal and compliance.  Even legal and compliance teams got a bit weary of the routine.  And regulators – after the intense period of implementing Dodd-Frank mandates – started looking beyond the private fund business. 
5. Competing issues. Other operational issues arose to compete with legal and compliance.  There is of course cybersecurity (though it has a legal and compliance component), and worthy social causes like ESG.  There are also financial considerations that have grown more acute in a low-return, fee-compression era.  In addition, firms have grappled with implementing new technology, and whether, when and where to outsource.
6. Investor expectations. Finally, a decade ago, investors seemed far less tolerant of any reputational risk coming from the operational side of the managers they invested with. But for some of the same reasons described above, reputational risk from the legal and compliance side has dropped down the investor priority list, particularly when managers produce favorable returns.  As a result, having a best-in-class legal and compliance program (not to mention the entire operational side of the business) is not viewed by many investors as a substantial differentiator.

Legal and Compliance Revisited

The march of progress can change some things forever. But in the financial services field, some things are just cyclical. 

In that context, the SEC staff has recently taken steps that suggest a renewed interest the status of the legal and compliance functions at private fund firms.  The Commission’s compliance inspection staff put out a “risk alert (PDF: 277 KB)” in June 2020 specifically addressing deficiencies in the private fund industry, including conflicts of interests and inadequately disclosed fee arrangements.  The compliance inspection staff followed up with another risk alert (PDF: 275 KB) in November highlighting deficiencies with compliance programs spanning the entire asset management business.  The November risk alert described, among other concerns, that some firms were not devoting adequate resources to their compliance programs and that other firms had CCOs that “lacked sufficient authority” to adequately fulfill their role.  Meanwhile, the SEC has recently added senior personnel with exceptional knowledge to help oversee the private fund business.

The SEC may be poised to take additional steps in the future.  Some steps may be obvious, such as enforcement actions, and the staff can issue interpretive guidance, initiate compliance examination sweeps, and make speeches.  Less obvious steps might include informal engagement with industry participants.  The Commission staff can reach out to legal and compliance professionals, and also to fund executives such as Founders and portfolio managers.  The staff might also reach out to investors/allocators (the ones who write the checks, often with the oversight of a board), as well as other important intermediaries such as consultants and operational due diligence teams.

Final Thoughts – The Self-Assessment  

With a re-emerging focus on private fund firms and the role of legal and compliance personnel, along with the general cyclical nature of the business, senior executives might take the opportunity assess the status of the legal and compliance functions at their firm.  To assist in that exercise, here is list of questions that can help. 

• Does the firm have an individual whose sole role is legal/compliance? If not, how does that compare with peer firms?
• If the CCO is dual hatted, what other role(s) does the CCO perform? Does the dual-hatted CCO have meaningful compliance experience?  What efforts does the dual-hatted CCO take to stay informed about regulatory developments?  Does the individual list their CCO title first or last?
• Who does the general counsel and/or CCO report to (i.e., who hires/fires and determines annual compensation)? The Founder/portfolio manager or some intermediary? If to an intermediary, what is the Founder/PM’s rationale?  And if to an intermediary, does the firm claim some sort of “dotted line” reporting?
• How much does the GC and/or CCO get compensated, and how does that compare to peer firms, as well as to other senior personnel within the firm?
• Where does the GC and/or CCO sit, literally? Next to the Founder/PM, down the hall, on another floor, or in another building?
• How often does the Founder/PM meet with the GC and/or CCO, and do they meet one-on-one?
• Does the GC and/or CCO participate on all significant firm committees?
• Does the GC and/or CCO make the decision on hiring outside counsel and/or compliance consultants? Or is that authority retained by someone else?
• In the event of turnover at the GC and/or CCO level, how “promptly” has the firm informed the SEC by amending its Form ADV, and did the firm inform its investors, also promptly?

An objective evaluation of responses to these questions can help a firm determine how it currently prioritizes legal and compliance issues, whether additional support might be advisable, and ultimately how the SEC might view the firm.

Footnotes

[1] Goldstein v. Sec. & Exch. Comm’n, 451 F.3d 873 (D.C. Cir. 2006).

Terrance J. O’Malley is a Principal at TJO Management, LLC.

Disclaimer

The views, opinions and positions expressed within all posts are those of the author alone and do not represent those of the Program on Corporate Compliance and Enforcement (PCCE) or of New York University School of Law. PCCE makes no representations as to the accuracy, completeness and validity of any statements made on this site and will not be liable for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with the author.