Primer: Detecting and Preventing Insider Trading

Most everyone in the securities industry knows what insider trading is, at least the general outlines. Challenges arise when figuring out how to manage it internally from a compliance perspective, and how to detect (and avoid receiving) material non-public information (“MNPI”) in the first place. This primer sets out the basics briefly as a background but will focus on practical strategies to detect and prevent insider trading.

Managing Insider Trading Issues:

Investment advisers, fund managers, broker-dealers and other participants in the marketplace regardless or registration or exemption status, should have policies and procedures in place to prevent and detect insider trading. These can include, among other things:

  1. Clear agreements with research providers (especially expert networks) that contain representations to the effect that the firm is not engaging the provider for purposes of obtaining MNPI, and that the provider is aware of the laws pertaining to insider trading and will not transmit MNPI.
  2. Establish a policy prohibiting insider trading with the following supporting processes:
  • Employee training;
  • Emphasize that MNPI can be received in connection with the firm’s work or through other means. Receiving MNPI is still a risk to the firm even if the employee receives it separately from his or her work;
  • Periodic review of electronic communications;
  • At least quarterly reviews of employees’ personal securities transactions. More frequent reviews are always better and should be considered necessary to manage a high volume of activity and/or increased risk of receiving MNPI;
  • Real-time maintenance of restricted/watch lists;
  • Escalation of MNPI or a new risk area to Chief Compliance Officer; and
  • Restrict access to any MNPI that is in the firm’s possession.
  1. Analysts or other employees who may contact public companies in the course of their research, or who otherwise might access MNPI should receive additional and/or more frequent training on how to handle insider trading issues.
  2. Employees who think they have received MNPI must not share that information with anyone other than the Chief Compliance Officer and must not trade while in possession of that information (e., even if the MNPI is not a factor or is among other factors in a decision to trade).
  3. Identify areas in which a firm may be more likely to receive MNPI and implement additional policies if needed:
  • Issuers in a client portfolio that may be involved in M&A activity, tender offers and the like;
  • Activist strategies;
  • Confidentiality agreements with respect to information about a public company (e.g., for private equity funds, such an issuer might be in a position to acquire a portfolio company);
  • Use of expert networks; and
  • Employees/principals or their family members who have relationships with public companies (board/officer positions, employees, significant shareholders).


  1. Insiders. An “insider” includes officers, directors and employees of an issuer of securities. Additionally, anyone who has a confidential relationship with the issuer, such as its attorneys, accountants or other consultants is considered a “temporary insider.”
  2. Material Information. Information is material if there is a substantial likelihood that a reasonable investor would consider it important in making an investment decision, or if that information is reasonably certain to have a substantial effect on the price of an issuer’s securities. Material information can be positive or negative, and can relate to any aspect of a company’s business or to a type of security. While this definition is intentionally broad, common examples include:
  • Revenue and earnings information;
  • Projections and forward-looking information;
  • Mergers, acquisitions, tender offers, joint ventures, or changes in assets (even if preliminary);
  • New products;
  • Developments about customers or suppliers, such as the loss of a major contract;
  • Changes in control or management;
  • Events regarding the issuer’s securities, including defaults on strict securities; calls of securities for redemption; repurchase plans; stock splits; changes in dividends; changes to rights of securities holders; public or private sales of securities;
  • Change in auditors or audit report; and
  • Bankruptcies or receiverships.


  1. Non-public Information. Information is non-public until it has been effectively communicated to the marketplace. Practically speaking, this means that some fact will show that the information is available to the general public, e.g. through an SEC filing, a newspaper or online article, a quotation service such as Bloomberg, or a widely distributed communication by the issuer. Rumors or other information known to a smaller segment of the investment community is not considered public.

Types of Insider Trading:

  1. Classical Theory. Classic insider trading occurs when an officer, director, employee, or other insider trades on the basis of MNPI about the issuer for which s/he works, in breach of his/her duty to the issuer to refrain from such trading. The duty to refrain from trading extends to attorneys, accountants and other consultants who obtain information through their relationship as well as to “tippees,” if they are aware, or should have been aware, that they were given confidential information by an insider who has breached their duty to the issuer.
  2. Misappropriation Theory. This form of insider trading takes place between the source of the information and a third party who owes a duty to the source. If the third party steals or misappropriates information from the source and then trades on it, the third party is liable for insider trading. This is potentially broader than classical theory insider trading. In a 2013 case, the trader arguably did not receive MNPI as such, but had sufficient knowledge to make a correct, educated guess about an acquisition and traded accordingly. We discussed this case here; the SEC’s release and complaint are available on its website.


UK FATCA: New Filing Obligations for Overseas Crown Territories

The United Kingdom and its Crown Dependencies, such as the Cayman Islands and the British Virgin Islands, have entered into intergovernmental agreements (“IGA”) to improve compliance with UK tax laws. These new IGAs are popularly referred to as UK FATCA due to their similarity to the United States Foreign Account Tax Act (“US FATCA”).

Pre-existing and new investors, as of July 1, 2014, of funds located in UK FATCA jurisdictions have different obligations. Funds are required to obtain a form of self-certification for new investors. Here are the respective rules:

  • New investors to funds in UK IGA jurisdictions will have to self-certify as either a “Specified UK Person” or a “Passive Non-Financial Foreign Entity.” Specified UK Persons will have additional forms to complete. The Cayman Islands FATCA working group has created forms for the purpose of distribution to investors while funds in other IGA jurisdictions have distributed questionnaires in subscription documents.
  • Funds with pre-existing investors should obtain self-certification forms from their investors. Furthermore, UK FATCA requires that the funds perform an adequate search of possible links to the UK (“UK Indicia”). This search includes looking for UK mailing addresses or UK bank account information. If there is a link, UK FATCA will require the fund to obtain additional information.

New and pre-existing investors also have different timelines for compliance obligations:

  • July 1, 2014: Obtain self-certification from all new investors;
  • June 30, 2015: Complete UK Indicia review for pre-6/1/2014 individuals;
  • May 26, 2016: Report to local tax authority for the 2014 and 2015 calendar years;
  • June 30, 2016: Complete UK indicia review for pre-6/1/2014 entity investors;
  • May 31, 2017: Report to the local tax authority for the 2016 calendar year.

Finally, there are two more important things to note about UK FATCA:

  • Unlike US FATCA, UK FATCA does not have any tax withholding provisions as a consequence of non-compliance. Compliance obligations are only based on the laws and regulations of the UK IGA jurisdiction where the fund is located. Fines and penalties are based on local laws.
  • Investment funds that recognize certain investors as reportable based on UK FATCA will have to do so on an annual basis. This includes a variety of information ranging from the investor’s birthdate to his or her account balances.

UK FATCA is a step in the direction of increased global regulation of financial services on a variety of fronts.  Managers to offshore funds should review the relevant jurisdiction’s websites to stay updated on changes.

Further reading:

The Cayman Islands Tax Information Authority website is a great resource for more information regarding UK FATCA.  More on Cayman is available on Maples & Calder’s website.

Schulte Roth and Zabel’s UK FATCA Alert provides a thorough discussion of requirements.

PwC provides an in-depth discussion of the interaction between FATCA and the UK regime.

Considering a Tech Solution for Compliance Workflows? Six Questions to Ask Yourself

A technology platform to manage compliance-related tasks, recordkeeping and calendaring is an alluring prospect for many firms. There are many to choose from, all with their particular strengths and, depending on a firm’s needs, weaknesses. They can also be expensive. Firms that fully adopt and utilize their chosen platform can save money and time in the end, freeing up compliance staff for more substantive work. In contrast, firms that are unsure of their needs or ability to fully utilize a technology platform may make an expensive mistake.

To ensure the best choice and fit and before you even review specific platforms, ask yourself the following questions:

  1. How much compliance data do we manage?

The more data that you manage, the more likely you can benefit significantly from a technology solution. Factors to consider include:

  • Number of employees;
  • Volume of activity in key areas (political contributions, personal trading, gifts and entertainment, outside business activities);
  • Complexity of pre-approval processes; and
  • Extent of filing or other deadline-driven obligations.


  1. What are the pros and cons of our current system?

Historically, compliance disclosures and pre-approvals were managed entirely on paper, organized into folders or binders and tracked on spreadsheets.  Filing deadlines, cyclical reviews and similar tasks were, and largely still are, managed on calendars (e.g., Outlook or Google), spreadsheets or lists. These methods are inexpensive and easy to create and use, but there are pitfalls. For example, it can be difficult to stay current with new or changing obligations and especially so for managers to multiple funds that may have different deadlines for similar tasks (such as state Blue Sky filings).

  1. Can we do better with a technology platform?

The answer is almost always yes. These platforms allow compliance staff to manage nearly all of their work on a single interface.   They typically offer document storage and retrieval for compliance manuals and related items, built-in audit trails, electronic forms and reporting, and integration with other platforms (e.g., email, calendaring and feeds from the most common brokers for personal trading reconciliation).

  1. But, do we need a technology platform?

The question becomes whether you will use any of the bells and whistles, or even most of the core functions. Carefully consider the complexity of the firm’s business or compliance program, such as multi-layered approval processes. For firms with affiliates and/or funds with deadlines or other functions to manage, uniting all of those on a single platform could be extremely useful, saving time and minimizing the risk of missing something. The greater or more complicated your needs, the more weight you might have in favor of a platform on the remaining two questions.

  1. What is our budget?

Cost is always a factor, if not the ultimate deal-breaker. In addition to the cost of the platform itself, consider the costs of implementation and training, for example:

  • Depending on the vendor, a certain amount of initial implementation and training may or may not be included.
  • Determine what is included in the training. Will the vendor train compliance staff who then trains employees on how to use the platform? Will the vendor conduct training for employees as well?
  • To what extent is the platform customizable, if needed, and are there additional costs?


  1. Will everyone at the firm come on board?

Firm management will, of necessity, have the final approval on purchasing a compliance platform. In addition to management, involve other key stakeholders who, if you proceed with implementing a platform, will advocate it within their departments or the firm as a whole. Key stakeholders might include: c-level officers, department/team leaders, human resources, senior portfolio managers and those whose monitored activities are extensive.

If you have any concerns about complete adoption of the platform across your organization, you should carefully weigh this question.

Cybersecurity: Takeaways for State and SEC Registered Investment Advisers

This September, the North American Securities Administrators Association (“NASAA”) released the results of a pilot project designed to gain a better understanding of cybersecurity threats to mid-sized investment advisers. The results were promising and suggested that cybersecurity issues might not be as serious a problem as previously feared. Of the 440 investment advisers surveyed, only 4.1% participants had encountered any cybersecurity breach. Only 1% had an incident of theft or loss as a result of a security breach. Furthermore, a majority of these investment advisers are taking appropriate precautions. 77% of the firms had policies and procedures in place regarding cybersecurity threats. In addition to the NASAA’s survey, the SEC issued a Risk Alert and conducted its examinations of 50 registered advisers. Here were items that were focused in the NASAA report and the SEC examination:

  • Both the NASAA and the SEC are concerned with the physical equipment firms are using including smartphones, tablets, laptops and desktop computers. If data is traveling among multiple devices, especially ones outside of the firm, there are more opportunities for cybersecurity attacks;
  • It is important to have a solid written procedure that discusses what the firm will do to prevent and in response to a cybersecurity threat. A firm will be less susceptible and recover more easily after an attack if there is a concrete policy in place;
  • Consider when and how affected clients or investors should receive disclosure about risks, the firm’s policies and any breaches. Public companies have an affirmative obligation to disclose instances of cyber attacks and possible risks, but this is not currently the case for investment advisers and private funds. Regulators’ increased focus in this area may warrant some additional disclosures, whether in fund offering documents, client agreements or Form ADV Part 2; and
  • Expect more regulations and recommendations to be made in the future as a result of the NASAA and SEC’s findings. Cybersecurity continues to be of interest to regulators as technology rapidly becomes ingrained into every facet of business.

Here are some tips on cybersecurity and in response to the SEC and NASAA’s findings:

  • Beware of potential threats. Learn about how devices interact with one another and how to identify signs of an attack. Consider encrypting correspondence and data transmissions (e.g., to or from any client/investor portals or cloud-based applications);
  • The risks for different firms are unique depending on devices, applications and policies in place.  A firm’s cybersecurity program will likely be unique and complex. Figure out a specific plan that will aid staff in preventing, repelling and recovering from attacks;
  • The SEC will always be concerned with disclosure issues, and cyber attacks are no different. If the firm is a victim of a cyber attack, it is critical to appropriately address the event and its impact on clients or investors;
  • Advisers that are doing it right should not rest on their laurels; review and refine cybersecurity policies and procedures at least annually, or more often depending on the firm’s particular risks.
  • Review policies concerning prevention of identity theft to ensure that they work alongside the larger cybersecurity initiative and do not conflict with one another.


Though cybersecurity and the risk of attack is top of mind for both regulators and financial firms, it is important not to panic and rush into policies and procedures that may not be the best fit.  Firms should work with information technology, finance and operations teams to build a comprehensive plan of defense that truly works for their business.   Start with a clear understanding of hardware, software, communication methods, and potential points of entry into the firm’s information (e.g., through online investor or client portals or cloud-based platforms). The best way to avoid issues with cybersecurity is to recognize threats and avoid danger before they compromise the firm.

Key Points from Norm Champ’s Remarks at the Practising Law Institute

On September 11, 2014, the SEC’s Director of the Division of Investment Management Norm Champ spoke at the Practising Law Institute’s Hedge Fund Management Seminar. Mr. Champ’s speech focused on the growth of registered fund advisers, SEC initiatives and the importance of having strong compliance programs. Additionally, Mr. Champ urged advisers to recognize the complicated nature of being an SEC-registered fund adviser and to consider the reasoning for entering the space carefully.

Changing Landscape:

Mr. Champ acknowledged how much the regulatory landscape for hedge fund managers has changed over the past four years. Among things he referenced were:

  • The significant growth of SEC-registered private fund advisers as a result of the Dodd-Frank Act (the “Act”). Title IV of the Act is the specific reason that the number of registered advisers has increased by 50% since 2010.
  • All registered advisers combined represent around $5.4 trillion in assets.
  • The SEC has been able to track significant changes in the hedge fund space through the expanded Forms ADV and PF. The SEC requires more reporting and information in these forms than in prior years and has expanded the usage of the two forms throughout the Commission.

Expansion of Forms and New Initiatives:

  • The Forms ADV and PF are now strongly used by the Risk and Examination Office (“REO”) in attempts to preemptively combat industry risks. The REO’s efforts in tracking industry threats rely largely on information from industry stakeholders.
  • The OCIE has a new initiative for 2014 to engage and examine around 20% of all advisers who have been SEC-registered advisers for more than three years. This new initiative complements the SEC’s 2012 “presence” examinations for newly registered advisers.

Importance of Compliance:

Due to the SEC’s initiatives and the expansion of the Forms ADV and PF, Mr. Champ advised the audience to be cautious when becoming advisers, especially to registered funds.   His discussion highlighted the importance of managing conflicts of interest.

  • Rule 206(4)-7 requires registered advisers to establish a CCO and a compliance program. The creation of Rule 206(4)-7 was based on the understanding that investment advisers are less likely to violate securities laws either purposefully or out of ignorance. Any instances of violations of the law are less likely to be seriously harmful to investors.
  • It is the duty of the adviser to recognize potential conflicts of interest that may compromise his or her fiduciary duty. Mr. Champ recognized that there can be inherent conflicts of interest in the investment adviser model.
  • Despite these issues, an adviser must never put their own interests above those of his or her investors. If there are any conflicts, Mr. Champ believes it is necessary to disclose this information.
  • Champ opinioned that failing to disclose a fee to investors is not justified by “market standard” or “industry practice” excuses.

Closing Remarks:

Mr. Champ urged those considering becoming investment advisers to think about their reasoning for doing so, including the significant amount of work involved in complying with the evolving regulatory landscape and the SEC’s increased access to information.  For existing registrants entering the fund space, significant overhauls of their compliance programs may be necessary and some issues cannot be addressed by simply adding new policies.

SEC Case Digest Q3 2014

Recent SEC cases include false advertising, disclosure issues, fraudulent investing schemes, alterations of documents, insider trading and trading/filing violations.

 Policies and Procedures/Disclosure Issues

In the Matter of Strategic Capital Group, LLC et al.

 According to the SEC, Strategic Capital Group of Gig Harbor, WA engaged in over 1,100 principal transactions without disclosing required information to clients or obtaining consent. Additionally, Strategic Capital Group allegedly provided false and misleading advertisements to investors. For example, one advertisement did not deduct fees from the presented results figure thus implying a significantly better return than the reality.

The SEC determined that the firm’s CEO George Price caused these violations and that the firm’s compliance program was inadequate.

In the Matter of Barclays Capital Inc.

The SEC charged Barclays Capital with failing to adequately maintain a compliance program after acquiring the advisory business of Lehman Brother in 2008.  For example, the SEC found that Barclays executed 1,500 principal transactions without getting proper consent and charged commission fees for 2,785 advisory client accounts that were inconsistent with prior disclosures made to those clients.

Barclays paid a $15 million penalty and hired an independent compliance consultant to conduct an internal review. Additionally, Barclays has spent $3.8 million to reimburse or credit the clients who were affected.

Fees and Expenses

In the Matter of Anthony Coronati et al.

Staten Island resident Anthony Coronati was charged with conducting several fraudulent securities offerings and siphoning money for personal use. Mr. Coronati would present himself as an investment adviser to a hedge fund to potential investors. However, Coronati’s hedge fund did not exist, and he spent investors’ money on a Caribbean vacation and plastic surgery.

When he ran out of money from the fraudulent scheme, Coronati began to offer membership interests in his company Bidtoask LLC. Coronati and Bidtoask promised to invest in promising pre-IPO tech start-ups. However, Bidtoask hid a significant number of fees from investors.

Coronati has been barred from the securities industry.

In the Matter of Sean C. Cooper/In the Matter of WestEnd Capital Management

A Bay Area hedge fund manager was accused of taking an excessive amount of management fees from the hedge fund he managed. Mr. Cooper remodeled his home and bought a Porsche with the stolen money, over $320,000.

WestEnd Management, Cooper’s former employer, is being charged separately. The SEC alleges that the firm did not adequately monitor Cooper’s activities and essentially allowed him to use the fund as his personal bank account.

In the Matter of Lincolnshire Management LLC

The SEC filed charges against New York investment advisory firm Lincolnshire Management with breaching its fiduciary duty by combining expenses from two separate portfolio companies. The companies were separately advised and had different sets of investors, but were managed as one company.  This created variances in practice from what was disclosed to the relevant set of investors, including payment of significant amounts of unnecessary fees.

Lincolnshire has agreed to pay $2.3 million to settle the SEC’s charges.

Fabrication of Documents

In the Matter of Judy K. Wolf

The SEC announced an enforcement action against a former Wells Fargo compliance officer, Judy K. Wolf, asserting that she altered documents to make it appear as if she had done a more thorough investigation into suspicious trading activities than was actually conducted. Wells Fargo was previously charged in an administrative proceeding and settled for a $5 million penalty. Initially, Wolf had denied the fabrication charges but has since admitted to altering documents.

Insider Trading

SEC vs. Tamayo

In our last round up, we reported on SEC vs. Eydelman et al., a case in which the SEC charged a stockbroker and a law firm clerk with insider trading. In this case, a middleman was recruited in an effort to avoid contact with each other.

On September 19th, the SEC identified Frank Tamayo as the middleman. Mr. Tamayo wrote notes regarding stocks on either Post-it notes or napkins at different eateries and bars in New York City near Grand Central Terminal. After divulging stock tips, Mr. Tamayo would chew or eat the post-its or napkins. After divulging information, Tamayo would exchange emails with the law firm clerk to give the appearance that the trades were based on legitimate research.

SEC vs. Szymik/SEC vs. Peixoto

Two people were charged with insider trading based on information regarding a hedge fund’s negative opinion of Herbalife Ltd. Filip Szymik learned from his roommate, an employee of Pershing Square Capital Management that the firm, was going to announce its negative view of Herbalife publicly. He relayed this information to Jordan Peixoto who then purchased put options one day before the announcement. The SEC found that Szymik and Peixoto violated the antifraud provisions of the federal securities laws.

In the Matter of George T. Bolan et al.

In a final insider trading case, that the SEC charged two Wells Fargo employees in a scheme involving ratings.  Gregory T. Bolan Jr., a research analyst at the bank, would tip off Joseph C. Ruggieri, a trader, before his department released market changing ratings. Bolan also gave tips to a friend outside of Wells Fargo who is since deceased. Ruggieri and Bolan’s friend would make their trades overnight before ratings were changed. The SEC identified Ruggieri’s suspect trades because they were inconsistent with his typical trading behavior. Ruggieri made more than $117,000 as a result of the scheme.


In the Matter of Advent Capital Management, LLC et al.

In a continuing enforcement initiative, the SEC has brought sanctions against 19 different private equity firms and hedge fund managers as well as one individual trader that participated in offering a secondary offering after short-selling it during a restricted period. The charges were based on Regulation 105 of Rule M that is intended to prevent manipulation of stock prices. The firms and the individual trader agreed to pay a combined total of $9 million in penalties, interest and disgorgement.

In the Matter of Paul D. Arling et al.

The SEC announced charges against 28 officers, directors and major shareholders in addition to six publicly traded companies for failing to make Section 16 filings regarding holdings and transactions in their own company’s stock.   33 of the 34 individuals and companies have agreed to settle and pay a combined total of $2.6 million in penalties.

Filing Deadline for Treasury Department Form SHL Approaches


Every five years, the US Department of the Treasury (“Treasury”) and the Federal Reserve Bank of New York (“FRBNY”) jointly conduct a survey of foreign holdings of US issuers of securities.  Data for the survey is gathered on Form SHL.  US issuers of securities include private funds and their managers.   The filing is due on August 29, 2014.

Filing is required for:

  1. Any firm or fund that has been contacted by Treasury/FRBNY and asked to complete Form SHL; or
  2. Foreign shareholders (or equivalent) holding $100 million or more in reportable US securities.  For US fund managers, this includes:
  • Foreign investors in the manager’s US funds;
  • Offshore feeder funds’ investments into US master funds;
  • The reportable US securities owned by an offshore fund that are not held at a US custodian (e.g., any securities held at a foreign custodian or privately placed US reportable securities that are not required to be held at a custodian pursuant to the SEC’s custody rule);
  • Reportable US securities include:

-Stock, whether common, preferred or restricted;

-US-resident fund shares, whether open-end or closed-end, REITs, money market, index funds and unit investment trusts;

-All other equity interests, including shares or units in unincorporated entities (e.g., limited partnerships);

-Asset-backed securities; and

-Debt securities.

For purposes of determining whether the $100 million threshold has been met, fund managers must include all US-resident parts of their organization, including any US investment funds.  This calculation, as well as all data on Form SHL, must be as of close of business on June 30, 2014.

Form SHL overview:

  1. The Form includes two schedules:
  • Schedule 1 contains basic identifying details about the filer and a summary of the data provided.  A firm that has been contacted by Treasury/FRBNY but does not meet the $100 million threshold need only complete Schedule 1;
  • Schedule 2 requires detailed information for each security being reported, including issuer name, type of instrument, currency denomination and market value.
  1. The form may be submitted electronically or on paper (electronic filing is required for those submitting more than 200 Schedule 2 records); and
  2. All filers, whether on paper or electronic, must obtain a 10 digit Reporter ID by contacting FRBNY by phone at 212-720-6300 or 646-720-6300 or by emailing

Next Steps:

  1. If you have been contacted by the Treasury/FRBNY or think you may meet the threshold, obtain your Reporter ID as soon as possible;
  2. Review your US funds to determine whether any investors are foreign persons, which may involve your fund administrator;
  3. Review holdings information in US securities to determine whether the $100 million threshold has been met (remember to aggregate the holdings of offshore funds with your onshore funds for purposes of calculating the threshold), which may involve gathering needed data from your custodians;
  4. Ask your legal counsel or compliance consulting firm regarding any interpretation issues with respect to Form SHL/its instructions.  The above is an overview only and firms should read the form and instructions in their entirety.

Employee Compliance Training: Basics and Beyond

Depending on the type of registrant, applicable rules may require annual, biannual or other periodic training either for all employees or a subset (e.g., the Associated Persons of CFTC registrant).   New employees must usually also acknowledge receipt and understanding of the firm’s policies and procedures and make other disclosures upon hire.  In this second of two articles on compliance education, we provide tips for both periodic formal training and ongoing outreach to employees.  See our previous article for CCOs to stay informed of regulatory developments and other tools.

  1. Annual or other periodic training can take a few different forms; below are some suggestions:
  • It can be particularly effective to schedule the training during a regular firm meeting, which will ensure that the majority of employees can attend (but be sure to follow up with anyone who was absent);
  • Carefully crafted, a PowerPoint presentation will keep the trainer on track and employees engaged.  Printed, it can double as a useful quick reference to take away (with the caution that it is not a substitute for reading the manual in its entirety);
  • If a PowerPoint is not an option, trainers should prepare an outline for their own use in presenting the information, enabling them to keep their place in the material and manage time.  The outline can also be used when onboarding new employees, providing both a quick reference and helping to keep initial training consistent;
  • Consider asking outside counsel or a compliance consultant to train employees on key issues such as insider trading.  These service providers are often extremely well-versed in the details of notable cases and these examples can help employees understand the nuances.
  1. In addition, CCOs can find ways to reach out to employees throughout the year, including:
  • Having time set aside for compliance matters at regular firm meetings;
  • Distributing email reminders of preapproval requirements and other issues (tip: change these seasonally as relevant issues come up, such as emphasizing prohibitions on/approvals of political contributions at election time, or gift disclosures/approvals around the holidays);
  • Distributing regulatory news of note to employees generally or a relevant subset;
  • Ensuring that they are visible and available within the firm.  For example:

-CCOs may spend some part of their workday sitting at the trading desk, or with other key groups such as client/investor relations or operations.

-Others make a point of circulating around the office and/or;

-Keeping their doors open except when needed for confidentiality reasons and keeping candy or snacks in their office to encourage employees to drop in, whether to ask compliance-related questions or generally catch up.

  1. Recordkeeping

Finally, particularly for formal trainings, CCOs should keep sufficient records to show the content of the training (the PowerPoints and outlines are handy here) and the attendees.  In the latter case, sign-in sheets and/or certificates of attendance will suffice.   If the meeting is being recorded, a roll call would work especially well for small groups (less so for very large groups as it may delay the substantive portion of the meeting).  Calendar entries may be helpful, but are not a complete record as they do not show that a particular person attended.

In terms of ongoing outreach, the email reminders described in Section 2, create documentation of ongoing continuing education for employees.

For initial trainings, CCOs will collect the acknowledgements and disclosures required by the firm’s policies and procedures.  In addition, many keep a spreadsheet or other documentation that an orientation took place (again, the outline, PowerPoint or other reference tool and calendar entries will be helpful here, though not a complete record on their own).

Feel free to share other tips regarding employee training and outreach in the comments!

Online and Continuing Education Resources for CCOs

It can be challenging to stay on top of regulatory developments, not only for compliance staff’s own purposes, but in training employees and maintaining a culture of compliance within a firm.  In this first of two articles we will provide practical tips for CCOs to stay informed; our second article will help them create continuing education opportunities for employees in their firms.

  1. Regulators’ websites are the most obvious source for certain kinds of information:  laws, rules, formal guidance and forms, just to name a few.   However, sometimes it takes some digging to locate the wealth of other, extremely informative tools on these sites.  These include:
  1. Beyond laws and rules, it can be useful to know what other CCOs, legal professionals or other service providers and industry participants have to say about a particular issue.    Opportunities may vary depending on location, but might include:
  • Occasionally conferences in major cities will cover compliance-related topics and a few are dedicated exclusively to compliance matters.   If a live conference is not an option,  webinars on compliance matters (often free) are increasingly available; the Regulatory Compliance Association is one such provider;
  • Local industry groups may have smaller panel events, which even if these are not on a compliance topic, will enable compliance professionals to learn more about issues of note for their colleagues and firms generally;
  • Local or online (searching Groups on LinkedIn is a good place to start tracking some of these down) groups dedicated to compliance and regulatory issues for financial firms;
  • Service providers such as law and accounting/audit firms, especially, produce useful articles and other materials on new regulations that can assist CCOs in drafting and implementing policies in response.   An easy way to access all of these in one place is to follow the firms on social media since they usually share their articles.  Nearly all of them also distribute newsletters, white papers and other updates to subscribers by email (subscribe to their mailing list on their websites).

Feel free to share other continuing education tips and resources in the comments!

Managing Your Search for a Compliance Consultant

Word of mouth is probably among the most preferred ways to hire, whether the hire is an employee or a service provider.  In addition to this useful method, we offer the following tips for hiring a compliance consultant to help ensure the best fit and value:

  1. Scope of Services.  The most important factor in selecting a consultant is determining what your needs are.  If you do not know or are considering more than one scenario, talking to your peers might be helpful to determine how others utilize their consultants.  This is also a good place to start for recommendations.    The scope generally falls into three buckets:  project-based (such as a mock exam), ongoing compliance support, typically for firms with substantial needs, or consulting upon request, typically for firms that handle the majority of compliance work in house.   On the latter two, be sure to check pricing, as these might vary significantly and include/exclude certain services.
  2. Cast a Wide Net.  Once you have determined your needs, begin researching consultants, perhaps starting with firms recommended by your peers or other service providers.   Online searches and industry publications may be other sources.    Particularly if you have a long list, consider how to organize all the detail in a way that allows meaningful comparison; asking prospective consultants to complete the same Request for Information is one way of doing that.  You may also simply collect the information and organize it yourself in a spreadsheet to compare the variables that matter most.
  3. Best of Breed and Expertise.  Consider not only your scope of services (e.g., if you are looking for a mock examination, which consultant seems to be the best at that?) but your type of business, registration status and even strategy or platform to determine if any consultant seems to have expertise in these areas.
  4. Scalability.  Particularly if you are a startup, consider whether or how a consultant can work best with your business as it grows.   This is also a key issue for multi-platform firms, dual-registrants or others with significant complexity to their business.
  5. The Team.  Will your consultant be working closely with other service providers, such as fund administrators, accountants or legal counsel?  If so, ask them for their recommendations.
  6. Fee Structures.    Similar to the first point, this generally falls into three buckets:  flat fee, some form of periodic billing, or hourly.  Project-based engagements are frequently charged as a flat fee, making cost comparison relatively simple among multiple consultants.   However, make sure you understand what is included in the flat fee and when you will be billed, e.g., upon completion, at commencement or some variation of these.

Not all consultants work on an hourly basis; others may do so exclusively.  Be mindful of what your needs are when evaluating hourly arrangements.  Generally, the more robust your needs, the more you should focus on an arrangement that involves periodic billing for a specific suite of services.  Periodic billing arrangements vary significantly in terms of frequency (monthly, quarterly, annually) and levels of services.   If you need to save money, consider the types of compliance-related activities that you can keep in house and choose your consultant and suite of services accordingly (for example, controls, review and testing around trading, fee calculations and other core operations can sometimes be easily incorporated into existing workflows, without the consultant’s day to day involvement).

Regulators expect firms to not only be aware of the applicable requirements and implement them, but to do so in a way that is tailored to their particular business and risks.  When selecting a compliance consultant, be mindful of this expectation and choose the consultant whose experience, knowledge and approach works best for your business.