The Role & Responsibility of a Chief Compliance Officer :: The Compliance Authority - Insights, Perspectives, and Best Practices in Compliance Management for Business and Large Organizations

The Role and Responsibility of a Chief Compliance Officer
BY GUY F. TALARICO, J.D.,

Many compliance professionals anticipate a Securities and Exchange Commission (SEC) examination with trepidation. However, those who put in place a systematic process, applied diligently and consistently, with records that adequately document the review and corrective action, will be prepared. Even more importantly, the compliance team that evaluates the activities of the firm and identifies and corrects issues likely will limit the potential for something wrong to exist or to go undetected. A firm's chief compliance officer (CCO) is the executive responsible for this process.

An effective chief compliance officer possesses a number of key personal characteristics. Effective CCOs are strong-willed and capable of being truly independent, but they also have the ability to persuade managers. They are leaders and establish trust through candor and credibility. Most think like business people rather than people who strictly do things by-the-book. They recognize that investment managers and investors are in business to make money through attractive returns.

The CCO must have a thorough understanding of regulatory requirements and stand firm in the face of challenge, especially when what is "right" is the subject of debate and interpretation among the CCO and members of the advisory firm. What the rules mean in a given situation involves a fact-based analysis. Part of the compliance process involves the ability to interpret the facts correctly and then negotiate or present the points to management in a compelling manner.

While many CCOs epitomize the ideals described above, not all do. An SEC examiner recounted some of her most interesting stories about some of the CCOs she has seen. Once she telephoned a CCO three times before he realized she was an SEC examiner trying to schedule an appointment and not someone trying to sell him something. In another instance the SEC asked a manager for the name of the firm's CCO and after a long pause the manager exclaimed, "That must be me." These anecdotes, of course, do not illustrate a "culture of compliance."

The culture of compliance that the SEC is looking for carries some common characteristics, regardless of a firm's size or type. A clear commitment from senior management is an absolute must. The compliance program must be integrated into every level and function of the organization. Compliance must be the day-to-day business of the entire firm, not just the compliance team. The best compliance manuals reflect the activities of the firm and show how compliance is integrated into each critical function.

The Responsibility

Document Review
A CCO should carefully review all documents that communicate investment guidelines to investors. For registered funds, this review includes the prospectus and statement of additional information; for hedge funds it includes the offering memoranda and marketing presentations. Frequently hedge fund managers use marketing presentations that refer to portfolio characteristics such as ranges on the percent long, short, gross or net, position sizes, sector limits, and the like. While the offering memorandum may be very broad, the marketing group either knowingly or unknowingly may have created stricter limits than the portfolio manager or trader realizes. Hedge fund marketers and their portfolio managers have had strong internal debates about this, where the marketing group believes they need to distinguish their product by communicating these restrictions and the portfolio managers want the flexibility to invest as they see fit. The CCO needs to make sure the portfolio adheres to what is communicated.

For example, consider the case of a review of portfolio construction versus terms of the prospectus that led to recommended changes regarding futures and indexbased investment companies. The prospectus indicated that short futures and index-based securities were not principal investment strategies and that the investments primarily were in individual stocks, put options on individual stocks, or short sales of individual stocks. The word "primarily" is interpreted to mean 65 percent, which did not match the current proportions in the portfolio. The prospectus was updated with new language added to accurately reflect the current strategy of the fund.

Form ADV Part II describes a number of activities that must be observed, and the SEC will compare the descriptions with actual practices. The language for best execution, broker selection, soft-dollar practices, proxy voting, trade allocation, personal trading, initial public offering investments, and allocations all must be reviewed periodically to ensure that the firm is doing what it says it is doing. Consider the case where a certain hedge fund advisor's "related persons" are general partners in the fund. Because the general partners have a direct material partnership interest in the fund, they may be deemed as principals in trading on behalf of the fund. This creates a range of responsibilities described in the Form ADV Part II that must be observed.

Compliance manuals necessarily contain specific references to steps the compliance team will follow. (If the language is overly broad or generic, it may evidence a lack of customization to the firm's operations and be deemed inadequate by the SEC.) Some examples are the following: time periods for particular testing, form of reporting, capturing trade-log data in a particular manner, use of a checklist, and use of exception reporting. The compliance team periodically should review these particulars to ensure that the firm is operating in a manner consistent with the descriptions in its manual.

Firms should stay on top of SEC "hot buttons" with newsletters published by law firms, investment management organizations, accounting firms, and service providers; networking with other investments firms; attending seminars; and attending the SEC's CCO outreach programs. In conversations with SEC staff you may learn of current thinking about topics such as collusion among hedge funds, value-added investors in hedge funds, and the like. Use this information to constantly revise and update a compliance program.

Compliance Reviews
Adequate, documented evidence of compliance reviews helps to substantiate that a process is in place. The long-held belief that less documentation is better does not hold up anymore. Leverage existing electronic reports into the compliance process and use any daily information on areas such as trading and portfolio composition. Create folders, organize records by compliance procedure, and save everything electronically. It is a best practice to show the entire compliance "loop," which includes the risks identified, written policies and procedures designed to mitigate the risks, and testing or monitoring activities conducted as part of the implementation of the policies and procedures.

Quarterly Reports
Present written quarterly reports to the board for registered funds, use internal written certifications on critical issues, use monthly or quarterly checklists, and create a monthly compliance-document review binder (in both paper and electronic form). Some of the documents that should be included are the following: trade logs, including the discussion of issues such as trade allocation variances; reasons for use of a particular broker; volume-weighted adjusted price (VWAP) ranges; cross trades; trade errors; investment guideline comparison review; advertising and marketing materials; personal trading activity; proxy voting; risk-monitoring reports; investor-suitability reviews; valuations of the portfolio; fair-valued securities; results of forensic tests; and broker-dealer committee review minutes. CCOs for registered funds have a different reporting structure and more external support than CCOs for investment advisors. They both carry substantial responsibility. Protecting investors, protecting the reputation of the firm, and protecting their own futures and reputations are some of the similar responsibilities. But the board of directors and the use of service providers add greater structure to the process. Quarterly board meetings create a formal environment for discussing compliance activities and corrective actions. Board oversight also provides a higher authority to settle internal differences. Service providers add a front-line defense of SEC violations. Reports from the fund administrator, transfer agent, distributor, and fund accountant are critical to the oversight process. There generally are no service-provider reports for the registered advisor other than perhaps those provided by the custodian, so an advisor's CCO needs to take steps to create the needed reports. Exception reports programmed into the portfolio-management system are driven by an advisor's CCO. An advisor's CCO also needs to establish a formal review process with senior management.

Conclusion
Pressures from the U.S. Congress for greater oversight of hedge funds, public discussions of hedge fund troubles (e.g., the Bear Stearns High Grade Structured Credit Enhanced Leverage Fund), the demand for short selling in registered funds, the drive for greater returns in more complex structures such as swaps, and synthetic collateralized debt obligations mean greater demand for independent compliance oversight by a CCO. Chief compliance officers need to establish a process, stick to it, revise it, look for weaknesses, and revise it again. Vigilance, documentation, and—most importantly—an investment management team dedicated to doing the right thing all add up to a winning compliance process.

This article is reprinted with the permission of the Investment Management Consultants Association Inc. (www.imca.org). (Monitor 22, no. 4, July/August 2007).