ComplianceAlpha Solves for MNPI and Code of Ethics Deficiencies

On April 26, 2022, the United States Securities and Exchange Commission’s (SEC) Division of Examinations (Division) released a new Risk Alert highlighting notable deficiencies the SEC staff (Staff) uncovered in the areas of material non-public information (MNPI) pursuant to Section 204A (Section 204A) of the Investment Advisers Act of 1940 (the Advisers Act), and codes of ethics (COE) Rule 204A-1 (the Code of Ethics Rule).

The Risk Alert serves as a warning to advisers to apply further vigilance in these areas. ACA’s ComplianceAlpha^® platform provides integrated, streamlined solutions to analyze and resolve the deficiencies noted in the Risk Alert. ComplianceAlpha has released an enhanced offering for MNPI with the launch of the Control Room solution that tracks and manages the flow of MNPI across an entire organization.

The Staff’s MNPI observations

The Risk Alert called out advisers who use data from non-traditional sources (alternative data) and who did not appear to implement reasonably designed written policies and procedures to address the potential risk of receipt and use of MNPI through such data sources. The Risk Alert describes alternative data as many different types of information increasingly used in financial analysis, beyond traditional financial statements, company filings, and press releases, such as information gleaned from satellite and drone imagery of crop fields and retailers’ parking lots, analyses of aggregate credit card transactions, social media and internet search data, geolocation data from consumers’ mobile phones, and email data obtained from apps and tools that consumers may utilize.

The Staff observed alternative data policies and procedures which:

• Failed to adequately memorialize diligence processes or follow them consistently, and instead engaged in ad hoc and inconsistent diligence of alternative data service providers
• Failed to adopt an assessment of the terms, conditions, or legal obligations related to the collection or provision of the data, including when advisers became aware of red flags about the sources of such alternative data
• Were not consistently implement to all sources of alternative data; lacked a system for determining when due diligence needed to be re-performed based on passage of time or changes in data collection practices; and failed to include documented proof they had been implemented in the first place

Diligence of alternative data service providers has been a particular focus during private fund manager examinations.

• On January 27, 2022, the Division published a separate alert that detailed compliance issues observed in examinations of registered investment advisers that manage private funds. This alert also highlighted concerns surrounding adequate diligence of alternative data providers.
• The SEC cited an alternative data service provider in 2021 for alleged deceptive practices and material misrepresentations about how alternative data was derived.
• In addition, the Division has identified the use and diligence of alternative data among its 2022 examination priorities.

Please refer to our Q4 2021 Hedge Fund Update for tips to manage the use of alternative data.

Another point addressed in the Risk Alert is MNPI entering firms through value-add investors. Defined by the Risk Alert as client or fund investors who are corporate executives or financial professional investors who may have MNPI, the Staff observed advisers who did not have or did not appear to implement adequate policies and procedures regarding value-add investors (or in the case of institutional investors, key persons) who are more likely to possess MNPI, including officers or directors at a public company, principals or portfolio managers at asset management firms, and investment bankers.

Specifically, advisers’ policies and procedures did not cover the MNPI risks posed by their value-add investors, did not correctly identify all value-add investors, and did not correctly identify and track their relationships with potential sources of MNPI.

The Staff expressed similar concerns about MNPI coming to advisers vis a vis expert networks. Defined in the Risk Alert as a group of professionals who are paid for their specialized information and research services, the Risk Alert stated that Staff observed advisers who did not appear to have or implement adequate policies and procedures regarding discussions with expert network consultants who may be related to publicly traded companies or have access to MNPI. The Risk Alert specifically identified the need for following controls when using expert networks:

• Tracking and logging calls with expert network consultants
• Reviewing detailed notes from expert network calls
• Reviewing relevant trading activity of supervised persons in the securities of publicly traded companies that are in similar industries as those discussed during calls

The third bullet is a new form of procedure that we have not previously seen described by the Division and could be related to the SEC’s novel interpretation of “shadow trading” in a recent, pending enforcement action.

The SEC continues to expect more cross-checking of forms of data and persons that could influence trading with MNPI.

The Staff’s COE observations

The Staff also commented on COE deficiencies in the Risk Alert, which have been common deficiencies cited during adviser examinations.

Specifically, the Risk Alert identified certain areas for concern:

• Inaccurate and incomplete identification of access persons
• Failure to pre-clear access persons’ purchases of initial public offerings (IPOs) and limited offerings
• Multiple flaws in personal securities transactions and holdings pre-approvals
• Inability to demonstrate that supervised persons had acknowledged their firms’ COEs
• Failures to include securities on a restricted list when firms have MNPI
• Improper allocation of investment opportunities ahead of clients

How we help

Firms that use our ComplianceAlpha regulatory technology (RegTech) solution have an advantage when adhering to the Code of Ethics Rule. ComplianceAlpha organizes and monitors pre-approval for IPOs and limited offerings, electronically tracks written acknowledgements associated with operating a Code of Ethics’ program, identifies items of interest based on algorithmic searches across multiple liquid asset classes, including equities, derivatives, currencies, and fixed income, and analyzes fairness in dealing across account allocation and execution.

The Control Room feature of ComplianceAlpha manages multiple restricted lists, including historical records, as companies move across restricted and grey lists for a firm and uncover information including the type of conflicted activity, linked companies, and linked employees.

Our Market Abuse Surveillance Solution in ComplianceAlpha helps ACA clients identify potential misconduct and insider trading risk. It tests portfolios after meetings with expert networks or issuers and drills down into your firm’s trading activity when compared to corporate actions, significant price movements, and important events such as expert network meetings or issuers or political intelligence research. ComplianceAlpha has a specific tool to track and log expert network meetings to meet the SEC’s requirements.

Technology-based solutions for due diligence of alternative data providers are also available through ComplianceAlpha. The Control Room will offer a central repository for all public and private data, including data related to investment banking, private market deals, and MNPI including wall crossings.

Webcast: ComplianceAlpha Regulatory Technology – What’s New in 2022

Our technology team recently provided a sneak peak into the new features and solutions coming to our regulatory platform, including our new Control Room and Electronic Communications (eComms) solutions. These solution provide holistic surveillance capabilities to identify MNPI and conflicts of interest.

Watch on demand

For More Information

Schedule a demo to see how our regulatory technology solution can help your organization digitize and transform its compliance program.