Richard A. Levan & Associates, PC - NRS Spring Compliance Conference Course Book 4/22/03

Every compliance officer is charged with a single, but at times, daunting task: to keep his or her firm out of trouble. Millions of dollars are spent each year by securities firms to achieve this goal in the form of staff salaries, training and testing. Millions more are spent each year -- largely in the form of fines imposed by regulators -- when the goal is not met. Firms already strapped for cash in a harsh down market are feeling the compliance pinch acutely.

The SEC has been ramping up its enforcement capability, filing 598 enforcement actions in FY 2002, a new record, and more than 100 cases over the prior year.^[1] Hundred-million-dollar fines for firms are almost common now.

In February 2003, Congress approved a $716 million budget for the SEC in 2003, and the Bush administration has proposed $841.5 million for fiscal 2004. The funding will allow the SEC to hire 710 more attorneys, accountants and examiners over the next two years. The appropriation represents a big leap in the agency's budget which is currently $548 million.^[2]

More SEC staff and funding, coupled with recent regulatory efforts to improve overall compliance and strengthen accountability within securities firms, should translate into increased personal exposure for compliance officers.^[3] As of January 2002, NASD member firms are required to designate a principal as the firm's chief compliance officer (absent certain exemptions). In February 2003, the SEC proposed sweeping rule changes requiring investment advisory firms and mutual funds to develop and maintain comprehensive, written compliance programs.^[4] Among other things, the proposed rules call for the designation of an individual at each firm with overall responsibility for the firm's or fund'scompliance program. There will soon be no place for a compliance officer to hide.

Against this background compliance officers must pause and ask themselves two critical questions: "What are the regulators saying I should be doing in terms of compliance?" and "What kinds of violations are regulators searching for and prosecuting?" Locating the intersection of these two spheres - separating the "rhetoric" from the "reality" if you will - is what makes a compliance officer's job so daunting. This article explores the current state of enforcement activity by the SEC and the likely areas where regulators will be searching for violations. Equipped with such knowledge, compliance staff will be better able to meet the challenges that await them.^[5]

Where We Are -- and Where We Are Headed (SEC Direction on Compliance and Enforcement)

It has been over a decade now since then-SEC Chairman Richard Breeden publicly proclaimed that the Commission would come down on securities law violators with "hobnailed boots." While this colorful characterization was probably directed more at purveyors of outright fraud than at professional investment firms, it signaled a shift in policy toward stiffer penalties for all violators of the federal securities laws. The period of regulators willing "to look the other way" had clearly ended.

The SEC's new rule proposal mandating comprehensive, written compliance programs for advisers and funds (issued February 5, 2003) is a good starting point in identifying the critical components of a successful compliance program. If nothing else the release represents the Commission's latest (and official) pronouncement on the subject.^[6] While the Commission stressed in its release that there is no one set of required policies or procedures for all funds or advisers (i.e., no "one-size-fits-all" approach), it identified the following minimum areas where it expects registrants to focus:

The problem with such "lists," of course, is that by saying so much, they end up saying so little. Perhaps in recognition of this plight the SEC stressed that the structure and content of a firm's compliance program would depend upon the registrant's operations and business mix. According to the SEC, the litmus test for any program is whether the policies and procedures have been adequately designed to "prevent, . . . detect . . . and correct" violations of the federal securities laws.^[9] Such a pronouncement is hardly news; it merely restates what the regulators have been telling the regulated for some time now. What is news, however, is that the proposed regulations codify the SEC's expectations on compliance programs.

The SEC's newly-proposed compliance rules represent but another step in the agency ongoing attempt to elevate the level of compliance at many securities firms. For at least the past year the SEC's senior staff has been advocating for the implementation of "enhanced internal controls" and overall better risk assessment in its speeches and publications.^[10] This "big picture" concern over compliance systems and risk control has been picked up by the NASD and New York Stock Exchange as well.^[11] It shouldn't be long before such concerns begin to appear as bases for regulators' enforcement actions as the gap between talk and practice narrows.^[12]

As previously noted, the SEC's enforcement numbers for the past several years have been rising generally, and the number of actions against investment advisers has increased 26% in the last year alone. (See accompanying chart below.)^[13] The vast majority of these actions, however, have been filed after the exposure of significant wrongdoing at a securities firm, a "close-the-barn-door-after-the-horse-has-left" approach.^[14] The SEC has served notice, however, that the manner and scope of its inspection process has been changed in order to better identify and correct problems before they occur.^[15]

According to Lori Richards (Director of the SEC's Office of Compliance Inspections and Examinations), the agency will now select inspection targets based on registrants' "risk profiles" (as developed by the SEC). In addition, the agency's field examinations will focus more stringently on registrants' "risk management and internal control processes."^[16] Based on these changes and the proposed rules on written compliance procedures discussed above, the value and importance of an effective compliance program has never been greater.

Recognizing that "the devil is always in the details," the author will now examine the specific compliance areas where the greatest increase in SEC enforcement activity has been witnessed. While the whole is always greater than the sum of its parts, any compliance program must have good working parts that lead to the prevention, detection and correction of violations if the whole is to pass regulatory muster.

The SEC has been trumpeting the importance of adequate oversight and supervision of employees and their activities for many years now, and in this area the number of enforcement cases brought by the SEC matches the Commission's rhetoric. The enforcement actions brought by the SEC in the wake of the Salomon treasury bond market scandal in 1991 signaled that top executives would henceforth be held accountable for the misconduct of their subordinates, particularly where the firm lacked adequate procedures to detect and punish the misconduct, or where the people charged with enforcing the procedures failed to act. In the intervening ten years, supervision cases against mid- and upper-level executives have become far more routine.

Last December, the SEC brought and settled an enforcement proceeding against an advisory firm, Millennium Capital Advisers, and it chief compliance office, Louis Sozio, based largely on supervisory lapses at the firm.^[17] The case sent ripples of fear through the compliance community after Sozio, the firm's compliance officer, was sanctioned for failing to follow the firm's (limited) compliance procedures, as well as for failing to conduct an adequate investigation into the underlying misconduct (improper trading by a portfolio manager).^[18]

The precise impact of the Millennium case on compliance officers is somewhat unclear because Sozio was acting in several different capacities at the time the misconduct was uncovered: as the firm's chief compliance officer, as the individual responsible for conducting the internal investigation, and, finally, as the direct supervisor of the portfolio manager who engaged in the improper trading.^[19] At the very least, however, the Millennium case dramatizes the need for compliance professionals to either stay out of the supervisory chain of command, or to be sure they are doing all that it is required of them.

Another recent supervision case that continues to perplex advisers is the case of Western Asset Management, in which the SEC found a duty on behalf of a mutual fund advisory firm to supervise the activities of its sub-adviser.^[20] That case involved the concealment of substantial losses by the sub-advisor's portfolio manager, which caused the fund to overstate materially its net asset value. Both the fund's manager and the sub-adviser were found to have failed to reasonably supervise the portfolio manager. The fund adviser's liability stemmed from the specific facts of the case, including the fact that the fund adviser (1) had agreed in writing to supervise the sub-advisor's activities; (2) played a role in the appointment of the portfolio manager; and (3) was on notice of several irregularities regarding trading in the fund's account. Based on these factors, the SEC concluded (in a settled proceeding) that the fund adviser lacked adequate policies and procedures to respond to indications of misconduct once "red flags" were raised. While Western Asset Management can be distinguished because of the fact-sensitive nature of the proceeding, it nonetheless represents a serious concern for those who deal with sub-advisers. At the very least, the case should be read as a warning of "how not to structure" a sub-advisory relationship.

Other recent cases include Dean Witter Reynolds, Inc., n/k/a Morgan Stanley DW, Inc., Mark Rodgers, and Paul Grande, Rels. No. 34-46578, Adm. Proc. No. 3-10905,(October 1, 2002) (imposing sanctions on a broker-dealer and branch manager for failing to properly supervise an employee who engaged in unsuitable and unauthorized trading); Vanderbilt Capital Advisors LLC, Rel. No. IA-2053, Adm. Proc. No. 3-10882, (September 3, 2002) (imposing sanctions on firm for failing to properly supervise a portfolio manager who manipulated the prices of bonds purchased for various clients' accounts in connection with an "adjusted trading" scheme); ND Money Management, Inc., Ranson Capital Corporation, and Monte L. Avery, IA-2027, IC-25523, Rels. No. 34-45743, Adm. Proc. No. 3-10757 (April 12, 2002) (imposing sanctions on two advisory firms for failing to institute procedures that would have prevented violations of their codes of ethics, and for failing to inform employees of their duties under the codes).

Supervision serves as a cornerstone of the SEC's own regulatory program and the Commission's increased emphasis on risk assessment and internal controls should only enhance the attention to be paid to this function. Registrants are therefore well-advised to examine both their compliance and supervisory structures for weaknesses - before the regulators do.

Statistically speaking, cases in the advertising, marketing and disclosure area represent the greatest number of enforcement actions brought by the SEC after outright fraud cases. The impact of false or misleading performance data and other marketing claims on the selection of investment advisers has not escaped the SEC, and they perennially grapple with advisers who misrepresent their performance and make otherwise unsupportable claims.

SEC officials have long decried advertising abuses in the industry, and in this arena, as in supervision, their deeds have matched their words. Enforcement cases over the past few years have focused on the following areas:

There is no reason to believe these types of actions will lessen in the coming months. They are typically easy to prove and hard to defend - a "prosecutor's dream" if you will - and their close connection to the investing public make this area a "given" for enforcement attention.

Recent cases in this area include Davis Selected Advisers NY, Inc., Rels. No. IA-2055, IC-25727, Adm. Proc. No. 3-10885, (September 4, 2002) (imposing sanctions for failing to disclose the impact of short-term IPO trading on fund performance); Market Timing Systems, Inc., Gregory Meadors and Mark Shinnick, IA-2002, Adm. Proc. No. 3-10652 (December 14, 2001) (imposing sanctions for allegedly false and misleading advertisements containing hypothetical performance results) (case pending); Merrimac Advisors Company and Fredric J. French, IA-2009, IC-25356, Adm. Proc. No. 3-10594 (January 4, 2002) (imposing sanctions by default on an advisory firm and its principal for failing to contest charges that respondents used false track records and failed to keep records that could verify marketing claims); Cambridge Equity Advisors, Inc. and Michael E. Goldston, IA-2001, Adm. Proc. No. 3-10651 (December 12, 2001) (imposing sanctions for disseminating inaccurate information and failed to inform clients that some of the reported performance numbers came from models and not actual company performance; FXC Investors Corp., Adm. Proc. No. 3-10625, Release No. IA-1991 (October 18, 2001) (sanctioning respondent for distributing inaccurate performance results to clients and misleading rankings to the publishers of investment guides).

The duties of care and loyalty lie at the heart of the investment advisory relationship and were central to the passage of the Investment Advisers Act of 1940 and the Investment Company Act of 1940. After fraud and advertising abuses, fiduciary breaches constitute the next largest concentration of enforcement actions.

The ways in which advisers can breach their duties to clients are limitless, but most of the filed cases involve some form of conflict between the interests of the adviser and the client, or a departure from the accepted standard of care.

Several recent cases involving breach-of-fiduciary-duty have been brought by the Commission. In Zion Capital Management LLC and Ricky A. Lang, Initial Decision Rel. No. 220, Adm. Proc. No. 3-10659 (January 29, 2003), an administrative law judge found that an adviser and its principal violated the antifraud and books-and-records provisions of the federal securities laws by, among other things, failing to disclose their practice of allocating more profitable trades to an entity in which the principal had a financial interest and more unprofitable trades to the firm's sole advisory client. The case is still pending.

In Schwendiman Partners, LLC, Gary Schwendiman, and Todd G. Schwendiman, Rels. No. 33-8111, 34-46184, IA-2043, Adm. Proc. No. 3-10829 (July 11, 2002), a firm and two individuals settled charges that they breached their fiduciary duties to clients by favoring their own interests over those of the clients, giving preferential treatment to certain clients, and making untrue and misleading statements to clients. Finally, in Renberg Capital Management, Inc., and Daniel H. Renberg, Rels. No. IA-2064, Adm. Proc. No. 3-10906, (October 1, 2002), an adviser and its sole owner settled charges that they violated their fiduciary duty to clients by failing to seek or obtain best execution on trades.

For many years books-and-records violations were relegated to the dustbin of SEC enforcement -- but no more! In December 2002, the SEC wracked up fines of $8.25 million against five Wall Street brokerage firms for failing to preserve electronic mail communications and/or to maintain them in an accessible place.^[21] Record-keeping practices should remain high on the regulatory radar screen for several reasons.

First, proper record-keeping practices lie at the heart of our regulatory system. Firms, clients and regulators alike depend on a tangible paper trail to monitor and evaluate trading activity. The failure of firms to create and maintain such records - including the ability of registrants to produce such records on demand by regulators - is inimical to the entire system.

Second, broker-dealers will begin operating under new, expanded books-and-records obligations this May. While the brokerage community is coming up to speed on the new regulations, the SEC may use the opportunity to focus on record-keeping practices by advisers. By training its attention on advisers, the SEC can send the message to brokers that they should embrace their own new record-keeping obligations or undergo the same fate as advisers. In any event, advisers should focus appropriate attention on their record-keeping practices, if only because their regulator will do so during its examinations.

Finally, there is a perception by some that the fine imposed on the five Wall Street firms for failing to archive e-mails was a pittance compared to the $100 million fine imposed on Merrill Lynch in the April 2002 analyst conflict case. That case was made largely on the basis of e-mail messages that the firm had retained pursuant to its regulatory obligation. Regulators must be careful not to undermine the effectiveness of their own record-keeping rules by making the cost of maintaining such records far greater than the cost of destroying them. This should make record-keeping a priority in the coming year.

With the installment of William Donaldson as the SEC's new chairman, it is unclear what course the Commission will pursue regarding the regulation of hedge funds. The topic of hedge fund regulation was a top priority for Harvey Pitt, Donaldson's predecessor. In the past year the SEC has brought actions against several hedge fund managers.^[22] The NASD recently reminded its members of their obligations when selling hedge funds.^[23]

Exactly what approach will be adopted by regulators in the hedge fund area is still unclear, but the sheer popularity of these vehicles suggests that SEC scrutiny will continue. Advisers to both hedge- and non-hedge fund clients are cautioned to carefully review their policies and procedures to ensure that one group of clients is not being favored over another.

The SEC has emerged from an unprecedented period of enforcement activity and turmoil. With a new, experienced chairman and a greatly expanded fiscal budget, the Commission is poised to become the major force that critics of Wall Street and corporate America have been calling for. Investment advisers and broker-dealers (including their compliance staff) can protect themselves by adhering to a modified version of the biblical injunction: "Securities firm: heal thyself."

Richard A. Levan & Associates, PC provides legal and compliance services to the financial services industry. A comprehensive chart summarizing all of the SEC's enforcement actions against advisers over the past four years is available on the firm's website, www.rlevan.com.

READERS' NOTE: All settlements are without admitting or denying liability on the part of the respondents unless otherwise noted.

Richard A. Levan, Esquire
Richard A. Levan & Associates, PC
One Logan Square, 27^th Floor
18^th & Cherry Streets
Philadelphia, PA 19103-6933
Telephone: 215.636.9882
Facsimile: 215.636.9895
rlevan@rlevan.com
www.rlevan.com

[1]"Remarks at the University of Michigan Law School," Stephen M. Cutler, Director, Division of Enforcement, U.S. Securities and Exchange Commission, November 1, 2002 (hereinafter, "Cutler").

[2]"New SEC Chairman Faces Host of Immediate Challenges,"Judith Burns, Dow Jones Newswires, February 14, 2003; "Bush Seeks More Funding for SEC; Proposed 53% increase comes as the agency faces demands from Congress to tighten its review of corporations," Los Angeles Times, February 4, 2003.

[3] This article focuses on the activities of the U.S. Securities and Exchange Commission. The author notes, however, that state securities regulators, state attorneys general and the National Association of Securities Dealers have all been active in pursuing securities firms for violations of their laws. This trend is expected to continue, and the implications of such a trend should be factored into any compliance program.

[4]SEC Proposed Rule: Compliance Programs of Investment Companies and Investment Advisers, 17 CFR Parts 270 and 275 [Release Nos. IC-25925, IA-2107; File No. S7-03-03] (hereinafter, "Proposing Release")

[5] Fortunately for the securities industry, SEC Commissioners and top staff have for years now been publicly expressing their views on what they see as the important issues facing the securities industry. Sometimes the speakers even provide specifics as to what they expect from firms. While the SEC top brass maddeningly deny they are speaking "for [their] colleagues or the Commission as a whole," their speeches and papers are generally informative, and offer a road map for compliance officers embarking on the route to good compliance. The speeches of the SEC Commissioners and senior staff for the past several years can be found at http://www.sec.gov/news/speech.shtml.

[6] Proposing Release, supra.

[7] Proposing Release at 5.

[8] Ibid.

[9] Ibid.

[10] "SEC Risk Management and Compliance Examinations," Mary Ann Gadziala, Associate Director, Office of Compliance Inspections and Examinations, U.S. Securities & Exchange Commission, 2003 Fiduciary and Investment Risk Management Association, Fiduciary and Risk Management Seminar, February 26, 2003; "The Evolution of the SEC's Inspection Program for Advisers and Funds: Keeping Apace of a Changing Industry," Lori A. Richards, Director, Office of Compliance Inspections and Examinations, U.S. Securities and Exchange Commission, "Compliance and Inspection Issues for Investment Advisers and Investment Companies," Glasser Legal Works, October 30, 2002 (hereinafter, "Richards"); S. Cutler Speech, supra.

[11] See NASD Rulemaking: Supervisory Control Amendments, Exchange Act Release No. 46859 (Nov. 20, 2002) [67 FR 70990 (Nov. 27, 2002)] and NYSE Rulemaking: Amendments to Exchange Rule 342 ("Offices - Approval, Supervision and Control") and its Interpretation, Rule 401 ("Business Conduct"), Rule 408 ("Discretionary Power in Customers' Accounts"), and Rule 410 ("Records of Orders"), Exchange Act Release No. 46858 (Nov. 20, 2002) [67 FR 70994 (Nov. 27, 2002)].

[12]Further evidence of the SEC's concern over the adequacy of compliance systems can be gleaned from the comments of the SEC examination staff in their reports rendered at the conclusion of their inspections. Although far from a scientific approach, the author has observed an upswing in the number of SEC examination reports commenting on the adequacy of internal controls, and colleagues report the same experience. Clearly, the SEC's proposed compliance rules represent an extension of its ongoing effort to address this concern.

[13]What the figures don't reflect is the agency's increased use of third parties to ensure that firms sanctioned by the SEC in enforcement proceedings are making the changes they've agreed to (or, in the case of contested enforcement proceedings, the changes they've been ordered to make). Known as "undertakings," these provisions typically require a sanctioned firm to hire, at its own expense, a neutral, outside party to monitor and confirm to the SEC that the ordered changes have in fact been made. This oversight can run for months or years. It is nothing a firm wants to experience given the choice.

[14] See, e.g., Millennium Capital Advisors, Investment Advisers Act Release No. 2092 (Dec. 13, 2002) (unauthorized trading in client account and concealment of this trading were facilitated by adviser's vague and insufficient compliance procedures and absence of independent monitoring of portfolio manager); Gintel Asset Management, Investment Advisers Act Release No. 2079 (Nov. 8, 2002) (repeated improper cross trades, principal transactions, and personal trading resulted in part from inadequate procedures to prevent violation of the adviser's code of ethics); Back Bay Advisors, Investment Advisers Act Release No. 2070 (Oct. 25, 2002) (excessive reliance on self-reporting and self-monitoring by portfolio managers to determine whether the firm was in compliance with the federal securities laws resulted in improper cross-trades); Western Asset Management, Investment Advisers Act Release No. 1980 (Sept. 28, 2001) (subadviser had not established adequate procedures to detect portfolio manager's fraudulent activities with respect to the purchase and pricing of private placement securities); Scudder Kemper Investments, Investment Advisers Act Release No. 1848 (Dec. 22, 1999) (adviser did not have in place procedures that could have prevented and detected trader's unauthorized trading for investment company accounts); Rhumbline Advisers, Investment Advisers Act Release No. 1765 (Sept. 29, 1998) (absence of procedures enabled chief investment officer to engage in unauthorized trading and to misrepresent resultant losses); Kemper Financial Services, Investment Advisers Act Release No. 1494 (June 6, 1995) (adviser had no guidelines or procedures in place to address conflicts of interest and funds' portfolio manager misappropriated funds' investment opportunity on behalf of private profit-sharing plan he also managed).

[15] See footnote 10, supra.

[16] Richards at 5-7.

[17] Millennium Capital Advisors of Pennsylvania, Inc. and Louis J. Sozio, Rels. No. IA-2092, Adm. Proc. No. 3-10971 (December 13, 2002).

[18] Sozio was fined $10,000 and was suspended from association with any investment adviser for a period of three months, and, thereafter, was suspended from acting in any supervisory capacity with any investment adviser for a period of nine months.

[19] Sozio served as both the direct supervisor of the portfolio manager and the firm's chief compliance officer. He also was the person responsible for conducting the internal investigation once wrongdoing was uncovered.

[21] In the Matter of Deutsche Bank Securities, Inc., Goldman Sachs & Co., Morgan Stanley & Co. Inc., Salomon Smith Barney Inc., and U.S. Bancorp Piper Jaffray Inc., Rels. No. 34-46937, Adm. Proc. No. 3-10957, (December 3, 2002).

[22] See, e.g., In the Matter of Paul J. House and Brandon R. Moore, Rel. No. IA-2108, Adm. Proc. No. 3-10921, February 6, 2003; Zion Capital Management, supra.

[23]NASD NTM 03-07, "NASD Reminds Members of Obligations When Selling Hedge Funds," February 2003.

[24] Source: SEC Annual Reports, 1999, 2000, 2001 and 2002. (N.B., The numbers above represent the total number of actions filed by the SEC, not the total number of defendants or respondents named in each action.)

NRS SPRING COMPLIANCE CONFERENCE COURSE BOOK

The SEC's New Push on Internal Controls and Risk Assessment

What Every Compliance Officer Needs to Know Now