SEC EXAMS Staff Identify Deficiencies in Adviser MNPI Controls

Risk Alert Focus Areas

The Alert primarily reminds investment advisers of their obligations under Advisers Act Sections 204A and 204A-1:

• All advisers — whether registered or unregistered — must establish, maintain, and enforce written policies and procedures reasonably designed, taking into consideration the nature of such investment adviser’s business, to prevent the misuse of MNPI by the adviser or any person associated with the adviser pursuant to Section 204A.
• Advisers that are registered or required to be registered must establish, maintain, and enforce a written code of ethics that sets forth the standards of business conduct expected from the adviser’s supervised persons and includes, among other things, a requirement for “access persons” to report their personal securities transactions and holdings to the chief compliance officer (CCO) (or other designated person) in accordance with the Code of Ethics Rule.

Our Take

While the EXAMS staff reminds us that the Alert, “like all staff statements, has no legal force or effect: it does not alter or amend applicable law, and it creates no new or additional obligations,” the Alert provides valuable guidance for investment advisers to consider as they update and enhance their compliance policies and procedures and prepare for examination. Some of the observations in the Alert concern issues that are not expressly required by the Code of Ethics Rule (e.g., logging calls with expert networks or documenting due diligence), and several others relate to considerations put forth by the SEC staff in an adopting release from almost 20 years ago. Exam findings like these are important for advisers to review and keep in mind as they continually revise policies and procedures for their adequacy and the effectiveness of their implementation in accordance with their obligations under Rule 206(4)-7 under the Advisers Act.

As the Alert notes, compliance issues associated with Section 204A and the Code of Ethics Rule are familiar subject matter for EXAMS staff’s published examination findings and have been covered at length in SEC staff statements and speeches, examination priorities, risk alerts, and SEC enforcement proceedings.¹ The SEC under Chair Gary Gensler has taken an increasingly expansive view of insider trading and MNPI and shown a willingness to apply theories of insider trading to increasingly novel fact patterns.² Given the recurring nature of these deficiencies in EXAMS staff communications over the past few years and the SEC’s more assertive approach toward enforcement, investment advisers should take this opportunity to revisit their MNPI policies and procedures and code of ethics in advance of their next examination. Advisers should carefully review the findings highlighted in this Alert, together with other recent SEC publications and statements covering similar topics, and adopt enhancements in applicable areas that EXAMS staff have identified as recurring issues.

As noted in the Alert, it is important to keep in mind that not all of the staff’s observations will apply to every adviser as they may not be relevant to a particular investment adviser’s business. As advisers expand where and how they accumulate data into more nontraditional alternative data sources, they must develop and maintain their policies and procedures to be tailored to how the adviser actually uses that data as part of its specific business. Tailoring is key: There is no one-size-fits-all model for dealing with the risks of misuse of MNPI, and advisers must consider their business facts and circumstances to meet their individual compliance challenges and conflicts.³

EXAMS Alert Findings

Compliance Issues Related to MNPI Policies

EXAMS staff observed that some investment advisers lacked, failed to consistently implement, or failed to properly memorialize policies and procedures reasonably designed to address the potential risks associated with exposure to and misuse of MNPI through adviser personnel’s interaction with (i) “alternative data”⁴ service providers, (ii) “value add-investors,”⁵ and (iii) “expert networks.”⁶ Deficiencies and weaknesses described in the Alert include the following:

• Policies and procedures related to alternative data. EXAMS staff observed that some advisers
  • failed to memorialize and apply diligence processes consistently for all alternative data service providers
  • lacked policies and procedures regarding the assessment of terms, conditions, or legal obligations related to collection or provision of alternative data including when sources of data raised red flags
  • failed to consistently apply due diligence processes to all sources of alternative data or did not have a system for determining when due diligence needed to be reperformed based on passage of time or changes in data collection practices
  • could not produce documentation showing policies and procedures had been consistently implemented
• Policies and procedures related to so-called value-add investors. EXAMS staff observed that some advisers
  • lacked policies and procedures regarding MNPI risks posed by value-add investors who are more likely to possess or have access to MNPI, including officers or directors at a public company, principals or portfolio managers at asset managers, and investment bankers
  • failed to correctly identify value-add investors and track their relationships with potential sources of MNPI
• Policies and procedures related to expert networks. EXAMS staff observed that some advisers lacked adequate policies and procedures for communications with expert network consultants who may have access to MNPI, including instances where advisers failed to track or log calls with expert network consultants or review detailed notes of such calls and failed to review trading activity of supervised persons in securities of publicly traded companies that are in similar industries as those discussed in such calls.

Compliance Issues Related to the Code of Ethics Rule

The Alert highlighted observed deficiencies by advisers where they failed to enforce or failed to include provisions in their code of ethics required by the Code of Ethics Rule. The Alert notes examples where some advisers failed to

• identify and supervise certain employees as access persons or accurately reflect which employees are considered access persons in their code of ethics
• obtain required preapprovals for certain investments by access persons including interests in initial public offerings and limited offerings
• properly document supervisory review of access persons’ personal securities holdings and transaction reports
• put policies and procedures in place to assign CCO reporting to another member of the adviser and permitting the CCO to review their own holdings and transaction reports
• enforce submission of personal securities holdings and transaction reports by access persons in timeframes and with content required by the Code of Ethics Rule
• provide supervised persons with a copy of the code of ethics or obtain written acknowledgement of supervised persons’ receipt of the code of ethics or any amendments

Compliance Issues Related to SEC Staff Recommendations

The Alert includes observations by the EXAMS staff of deficiencies in policies and procedures relating to restricted trading lists and allocation of investment opportunities. The EXAMS staff observed advisers that

• failed to enforce personal trade prohibitions on securities on the restricted trading list
• failed to ensure that investment opportunities were first offered to clients before the adviser or its employees resulting in the adviser’s or its employees’ purchasing securities ahead of the adviser’s clients at a better price

These two areas were identified by the SEC staff in the Code of Ethics Rule adopting release for advisers to consider including when drafting their code of ethics. Note that while the SEC staff presented these provisions for advisers to consider, they are not specified as requirements under the Code of Ethics Rule.

¹Inv. Adv. Act Rel. No. 5510 (May 26, 2020); Inv. Adv. Act Rel. No. 5441 (Feb. 4, 2020); Inv. Adv. Act Rel. No. 4909 (May 8, 2018); for further discussion, see Sidley’s Investment Funds Update “Navigating Interactions Between Investment Advisers and Their Portfolio Companies: Risks and Best Practices.”

²For further discussion of the SEC’s recent insider trading enforcement, see Sidley Update “Implications of SEC’s Recent Insider Trading Enforcement Action in SEC v. Matthew Panuwat.”

³For further discussion of alternative data and MNPI, see Sidley’s update “SEC Fines Alternative Data Provider for Securities Fraud.”

⁴Examples of “alternative data” noted by EXAMS include information gleaned from satellite and drone imagery of crop fields and retailers’ parking lots; analyses of aggregate credit card transactions, social media, and internet search data; geolocation data from consumers’ mobile phones; and email data obtained from apps and tools that consumers may utilize.

⁵EXAMS describes “value-add investors” as clients or fund investors who are corporate executives or financial professionals who may have MNPI.

⁶EXAMS describes “expert networks” as a group of professionals who are paid for their specialized information and research services.