Category Archives: Enforcement

Unfinished Business: IAs Are Potentially Back on the Hook for AML and Counterterrorism Reporting Requirements

In its latest attempt, the U.S. Department of Treasury, Financial Crimes Enforcement Network (“FinCEN”), will require certain investment advisers to implement compliance measures to detect and report suspected money laundering and the financing of terrorism. The newly proposed rule brings investment advisers under the purview of the Bank Secrecy Act (“BSA”), which requires financial institutions to implement risk-based anti-money-laundering and counterterrorism programs to protect the national security of the United States and aid law enforcement in the fight against money laundering. If the proposed rule is finalized, FinCEN could require investment advisers to collect records, such as those related to fund transfers, and file suspicious activity reports with FinCEN. The proposed rule would also allow information sharing between FinCEN and the SEC, who will be delegated with examination authority over investment advisers for compliance with the new rule.

Read more here.

Are CCOs Really In The SEC’s Crosshairs?

Last month, SEC Enforcement Director Gurbir Grewal gave a speech at the New York City Bar Association’s Compliance Institute addressing chief compliance officer liability. While the speech likely provided some comfort to CCOs, unfortunately, it raised more questions than answers, such as:

  • Are compliance officers on the front line?
  • Are compliance officers responsible for implementing and executing policies and procedures, or is their function to provide advice?
  • Do compliance officers need to become experts of “everything everywhere all at once” at their firms?
  • What is a “wholesale failure” to carry out compliance responsibilities?

Eversheds Sutherland Partners Brian Rubin and Adam Pollet share their thoughts here on these questions, as well as information about what the SEC and FINRA could use in future cases brought against CCOs  .

Cyber Siege and Artificial Intelligence: These Aren’t Your Parents’ Cyber Threats

From Brian Rubin, Michael Bahar and Soroosh Faegh in NSCP Currents:

Everyone has been talking about Artificial Intelligence or AI. Broker-Dealers (BDs) and Investment Advisers (IAs) need to be particularly vigilant in addressing AI cybersecurity threats. The SEC has recognized these threats through a slew of recent pronouncements and proposed rules.

AI presents enormous opportunities, but it is also rapidly evolving the cyber threat, so BDs/AIs would do well to strongly consider re-assessing their policies, procedures, and plans to reasonably ensure they are incorporating the latest AI threats into their incident response, information security, and business continuity plans, their cybersecurity disclosures and board agendas, as well as their approach to consistent and coordinated communications.  Indeed, AI’s threats may not be your parents’ cyber threats.

Read more here.

Costly 13F Filing Violations, ChatGPT Policy Considerations, Insight Into New Fiduciary Rule Proposal: Lessons Learned & Worth Reading for March 2023

ACA Group’s Lessons Learned and thought leadership:

Additional thought leadership and Insights can be found here.

Shortened Settlement Cycles, Form ADV Amendments and Hackers Impact Derivatives Market: Regulatory Update for March 2023

March Regulatory Updates from Cari Hopfensperger at ACA Group:

Plus, To Do Checklists for March and April 2023, and more here.