The Impact of Private Fund Regulations on Finance, Tech and Compliance Managers
August 03, 2022
By Joseph Nguyen
With the U.S. Securities and Exchange Commission (“SEC”) settling significant enforcement actions and proposing enhanced transparency requirements for private fund managers, the onus is on chief financial officers (“CFOs”), chief technology officers (“CTOs”) and chief compliance officers (“CCOs”) to ensure firm compliance. An EisnerAmper webinar: “Impact of Private Fund Regulations on Finance, Tech & Compliance Managers,” addressed this topic. The webinar, the first of a series of EisnerAmper webinars that will provide an overview of the current regulatory environment and practical approaches to compliance, featured the following panelists:
- Louis Bruno, Partner, EisnerAmper Global Compliance and Regulatory Solutions
- Mike Sherman, Partner, Dechert
- Ray Soriano, Director, EisnerAmper Digital
- Jeff Stomski, Partner, EisnerAmper Financial Services Group
Topics of discussion included SEC activity and proposed regulations; the expanded role of compliance; and perspectives/best practices from the CFO, CTO and COO.
The SEC’s Investment Advisors Act of 1940 governs the activities conducted by investment advisers (e.g., money managers, fund managers and certain financial planners and investment consultants). The act also gives the SEC authority to issue rules and regulations, subject to notice and comment. The SEC recently has proposed some new key rules for adoption including amendments to regulatory reporting requirements, cybersecurity risk management, and climate-related disclosures. The SEC continues to establish new rules to protect investors; facilitate capital markets; and maintain fair, orderly and efficient markets.
Some of proposed rules address the following:
- Amending Form PF: quarterly statements to disclose fund fees, expenses and performance metrics to investors and more.
- Documenting annual compliance reviews.
- Enhancing cybersecurity risk management to address current reporting about material cybersecurity incidents, and periodic reporting to provide updates about previously reported cybersecurity incidents.
- Disclosing climate-related issues that would require a registrant to disclose information about the registrant’s governance of climate-related risks, relevant risk-management processes and more.
Expanded Role of Compliance
To expand the role of compliance, finance, technology and compliance managers will each have a role in developing new policies, controls and processes to help their firms comply with the new requirements. Ray relayed a few key takeaways from the new SEC cybersecurity requirements. First, develop written policies and procedures. Second, prepare an incident response approach that is tested periodically and prepares the organization for cyber incidents. Third, know the scope of information to be captured, aggregated and utilized for record keeping and reporting purposes. All the panelists agreed that a collaborative approach is required to achieve compliance and provide an expected level of transparency regarding the firm’s activities.
Role of CFO, CTO and CCO
Under the SEC requirements, the role of the CFO, CTO and CCO are all critical. “It’s a bit of a brave new world associated with the reporting, and it can't be just the CCO or CTO's responsibility,” Bruno said.
The respective areas of the C-suite are as follows:
CTOs – Technology managers who have a defined, risk-based cybersecurity program in place will find it easier to comply with the requirements.
CFOs – Firms that have defined policies, responsibilities, data sources and processes in place will find it easier to comply with the proposed quarterly investor reporting requirements including, but not limited to, the (1) assessing capabilities to deliver statements within 45 days of quarter end; 2) expanding the chart of accounts and detailed journal entries, and preparing additional schedules on both the private fund and management company side to capture detailed information required for compliance with the new SEC requirements; and (3) warehousing data, and tagging and mapping of all of data to quarterly statements.
CCOs – A well-defined compliance framework is required to monitor the firm’s business activities and maintain compliance.
Keeping track of SEC regulations can be daunting. Therefore, it’s important for firms to distinguish C-suite roles of CTOs, CFOs and CCOs to ensure compliance.