The Friday List: 10 Most Significant Compliance Concerns Arising From a Severe and Sudden Market Disruption

Today, we offer our “Friday List,” an occasional feature summarizing a topic significant to investment management professionals interested in regulatory issues. Our Friday Lists are an expanded “Our Take” on a particular subject, offering our unique (and sometimes controversial) perspective on an industry topic.
The coronavirus pandemic has caused a sudden and rapid market correction. Although reacting to a pandemic is new to us, dealing with the compliance and regulatory implications of a rapidly declining stock market is not. Cipperman Compliance Services has been advising clients for over 17 years, and most of our senior professionals have experience dating back to the Clinton administration. We helped clients through the dot-com bust, the 9/11 attacks, the 2008 financial crisis, Hurricane Sandy, and several other less dramatic market events. We have learned many compliance lessons from these experiences. Below we have listed the 10 most significant compliance concerns arising from a severe and sudden market disruption.
10 Most Significant Compliance Concerns Arising From a Severe and Sudden Market Disruption
- Accurate Disclosures to Investors. Make sure that your disclosures to investors and clients are continuing, fulsome, and transparent. When the Reserve Fund ‘broke the buck’ in 2008, defendants allegedly failed to provide key material information to the Primary Fund’s investors, board of trustees, and ratings agencies after Lehman Brothers filed for bankruptcy protection.
- Liquidity Risk Management. Stress testing can help to help detect risks to your firm associated with large market moves, evaporation of liquidity, prolonged periods of market distress, or structural changes in markets.Both FINRA and the SEC have highlighted the importance of managing liquidity during times of market volatility.
- Employee Supervision. Supervisory responsibilities should be reviewed to ensure that they are both adequate and diligently performed. With many employees working remotely and outside the watchful eye of day-to-day supervision, ensure your policies and procedures include monitoring procedures using a combination of technology and on-site reviews.
- Valuation. Valuations should continue to comply with your valuation policy and reflect fair valuations based on available inputs. Many of the cases that arose from the 2008 financial crisis charged that firms over-valued securities as a result of inadequate valuation procedures.
- Reconciliation. Prior to the financial crisis, many transactions were not documented in a timely fashion, and trade portfolios with counterparties were not regularly reconciled, leading to mismatched trading books. Disputes between portfolio and trade valuations presented a major challenge in the close-out of trading books with defaulted counterparties.
- Board Reporting. The SEC has highlighted the importance of the Board’s role in risk oversight. In order to fulfill their responsibilities, fund service providers must provide board members with accurate, relevant and timely information.
- Material Non-Public Information. Increased volatility makes the markets and individual securities more vulnerable to market-moving morsels of information that might not be considered material in more ordinary times. Firms should assess their insider trading policies to ensure compliance with them as written and enforced.
- Financial Condition Disclosure. The SEC has pounced on numerous firms that failed to provide disclosure to investors regarding their deteriorating financial condition. Investment advisers should review their Form ADV Item 18 to ensure that their disclosure remains accurate.
- Business Continuity. Investment advisers and broker-dealers are well aware of how critical business continuity plan testing is after Hurricane Sandy, even as the SEC’s proposed business continuity rule remains pending. As you may see an uptick in remote access in the coming weeks, test or employ your business continuity plan and flag any issues, particularly with regard to remote access, and work out any kinks such as IP address recognition or the number of VPN licenses.
- Data Privacy. Firms must be cognizant of the added risk to data privacy if personnel are using personal devices to access sensitive information on the firm’s network, such as client’s personally identifiable information (“PII”). Make sure to remind your personnel about your firm’s policies and procedures with regard to privacy safeguards, especially as they pertain to mobile devices, removable devices (i.e. flash drives) and secure email.