Practical Controls Around Expert Network Usage
Unsurprisingly, recent SEC examinations of investment advisers are focusing closely on insider trading (see our primer on detecting and preventing insider trading). The staff’s approach is multi-pronged and extensively covers a firm’s use of expert networks. A firm should state in their policies if they do not use expert networks.
For firms that do utilize expert networks, some controls that can be placed around this area to maximize compliance are listed below.
Policies and procedures should specify how expert network and other research arrangements will be evaluated and approved. For example:
- State that providers must be approved by firm management, including the Chief Compliance Officer; only approved providers may be utilized by employees;
- Prior to approving a provider consider, among other things:
-Whether or not it has compliance policies and procedures in place that are designed to prohibit and prevent insider trading;
-The depth and scope of such policies and procedures;
-The means by which these policies and procedures are carried out and tested;
-The added value of utilizing the provider relative to the internal research function at the firm; and
-The reputation of the outside research provider.
- Require a written agreement with the provider that addresses and prohibits the communication of material non-public information. Consider implementing a checks and balances process that requires the Chief Compliance Officer and/or General Counsel to review the agreement but also another officer’s signature;
- Require any transmission of material non-public information to be reported to the Chief Compliance Officer; and
- Otherwise encourage employees to discuss their concerns and questions with the Chief Compliance Officer (i.e., an open door policy).
- Reviews and Recordkeeping
Expert network activities should be reviewed as part of the annual review, at minimum. For firms with a lot of activity or other risk factors, reviews should be more frequent. Recordkeeping should be robust to establish compliance with stated policies and procedures and to demonstrate that policies and procedures are sufficient to prevent the transmission of material non-public information.
Recordkeeping might include:
- Log of calls;
- Due diligence files on chosen service providers:
-Terms of service documentation if separate from the agreement;
-Documentation of the selection process, including the reasons for using a service provider and this one in particular, the purpose for the research (e.g., for general market, sector or similar information and not on specific issuers) and any other material that demonstrates the manner in which the firm became comfortable with the service.
- Any relevant policies on insider trading generally and the use of expert networks. These should be considered living documents, to be reviewed and updated on a continual basis;
- Any reporting that is circulated among compliance and other departments regarding usage.
- Real-Time Controls
Particularly where there is a lot of activity, firms should consider the kinds of real-time controls they can place around expert network usage. These might include:
- Utilizing Scripts. Scripts should be as concise as possible, written and distributed to all analysts. Analysts should receive robust training on when and how to use the script to ensure maximum compliance. They are typically be recited at the beginning of a call and/or copied into an email setting up the call.
- Establishing guidelines specific to a particular provider or a particular outside research function on an as-needed basis;
- Targeted training to analysts;
- Targeted reviews of communications among the firm/its analysts, the service provider and experts utilized;
- Placing hard limits on usage (e.g., a set number of calls per month, or only in certain sectors or markets of interest; prohibition on calls about specific issuers);
- Any tools provided by the service or otherwise available, such as:
-All calls are routed through a bridge line to eliminate the exchange of direct contact information. This will also enable monitoring by compliance, either to chaperone all calls or randomly dial in. There is usually functionality for a pre-recorded script;
-Pre-approval such that a call cannot be setup absent approval by the firm’s compliance team.