Compliance Program Rule, Rule 206(4)-7 | Compliance Programs | Conflicts of Interest | Examinations and Audits | Investment Advisers Act

Just in time for Halloween: Compliance Rule Horror Stories (Part 3 of a 3-part series)

Compliance Rule Violations

October 30, 2014

Jaqueline M. Hummel

Managing Director, Hardin Compliance Consulting, LLC

In this final installment of a three-part series, the most recent cases involving violations of the Compliance Program are discussed, with the most hair-raising results yet. The SEC has been very busy, entering at least nine settlement orders alleging violations of the Compliance Program Rule in 2014.[1]  Whereas in the past the Commission usually reserved its most significant sanctions for cases of fraud, now the SEC seems willing to punish advisers simply for being negligent in establishing what the Commission views as appropriate controls and procedures. The more terrifying implication of this trend is that the SEC does not have to prove intent by the adviser, or, in legal terms, “scienter”[2] for a Rule 206(4)-7 violation. Even more frightening, the SEC seems to have abandoned the “reasonableness” standard under the compliance program rule.

To be fair, there are some cases where the facts indicate that a firm had insufficient controls in place to manage certain risks, or failed to follow up on red flags, where the SEC’s actions seem justified.[3] A few examples include Comprehensive Capital Management, Inc. and WestEnd Capital Management, LLC.  In these cases, it appears that some fairly simple procedures could have helped the adviser detect ongoing fraud. For example, in WestEnd, Sean C. Cooper, one of the firm’s managing members, was responsible for the firm’s compliance functions, its back office, and managing an investment portfolio. Having control over these areas of the firm, without any supervision, allowed him to withdraw client funds for his personal use without risk of discovery.

But there are other cases where the SEC seems to have overinflated expectations about what a compliance program can actually accomplish, and disregarded actions taken to address violations.

Nightmare in Pasadena

 For example, in January 2014, the SEC and the Department of Labor (DOL) slammed Western Asset Management Company (“Western”), a wholly owned subsidiary of Legg Mason, Inc., with a $21 million fine for two violations arising from an ongoing investigation regarding two separate incidents: 1) prohibited cross trading of securities, and 2) purchase of a security that was not eligible for investment in ERISAs account and the subsequent handling of the matter.

Cross Trading

Approximately half the fine was related to cross-trading between 2007 and 2010 of securities in a manner that violated the Investment Company Act, ERISA and the adviser’s own internal policies.  Behind this simple conclusion, there is a more complex story.  Western managed fixed income securities.  During the credit crisis of 2008, Western’s clients requested that certain down-graded securities be sold, while at the same time, the market for the securities was sharply declining. Western believed that some of these securities were still good investments, and so it sought to repurchase these securities for other client accounts. In most situations, the sale and repurchase were at arms’ length.

However, in the approximately 109 transactions during a three-year period, the SEC found that Western prearranged with dealers to execute the sell side of the cross trade at the highest current independent bid available for the securities, and execute the buy side at the sale price plus a small prearranged markup designed to compensate the dealers for administrative and other costs incurred. The SEC noted that Western saved its clients market costs of approximately $12.4 million by executed the trades this way. However, because the firm used the highest bid price, rather than the average between the bid and ask, only the buying clients got the benefit of these savings. The selling clients were deprived of their share of the savings, representing approximately $6.2 million in losses. Among the client accounts involved in these cross trades were registered investment companies (the “Funds”) and ERISA clients.

Compliance and control systems did not identify the cross trading activity, despite the SEC’s contention that the pre-arranged sales should have been obvious because the trades were effected at the exact same mark up, to compensate the dealers for administrative and other costs incurred for managing the transactions.  The non-compliance with trading rules was largely blamed on lack of supervision of a single trader. The SEC’s noted that several attempts were made by Western to educate the trading staff about cross-trading rules. Nonetheless, the bad trading practices continued until April 2011.

Without having been involved in this case, it is impossible to know exactly what happened. Reading between the lines, this may have been a case where some trading personnel did not understand the definition of a cross trade. The fact that a dealer was involved in the transactions at issue indicates that the traders may have thought having simply having a dealer involved meant the trade was not a “cross trade.” This theory is supported by the fact that compliance training provided to traders in October 2009 included a slide warning that “Running a trade through a broker does not eliminate a cross trade unless the broker actually takes risk on the position (does not know we are interested in repurchasing the bond),” and cautioned that “Code words (‘this is a compliance sale’) should not be used.”

Based on the information in the settlement order the firm had policies and procedures in place to address improper cross trading. During the period in question, Western adopted a more robust policy and provided training to trading personnel on cross trading. Additionally, the compliance group had controls in place to monitor trading activity. Western even retained a compliance consultant to review the cross trading process to help fix the problem. These are reasonable steps to prevent and detect violations, which, in my view, meet the standard of the Compliance Program Rule.

What is missing from this picture is a finding that the trading staff was responsible for the inappropriate cross trading. The traders are in the best position to know and monitor this type of activity, and yet the SEC placed the onus on the compliance group to find it and stop it. The SEC seems to be using circular reasoning; this activity was not detected, therefore the compliance program must be inadequate.

Breach of Fiduciary Duty

 The second settlement order involving Western is even scarier, and hinges on the definition of “trading error.” This case involved a purchase of a private placement which was ineligible for purchase by ERISA plans. Western purchased the security on January 31, 2007. The security was coded into its compliance system as an asset-backed security that was non-ERISA eligible. The next day, a compliance officer was following up on an exception report and directed the operations staff to change the security type from “asset-backed security” to “corporate debt,” which is how market data identified the security.

Unbeknownst to anyone, this change resulted in the compliance system automatically changing the security’s classification from “non-ERISA eligible” to “ERISA eligible,” although the first page of the preliminary offering memorandum warned that the securities were to be sold only to “eligible purchasers,” defined to exclude ERISA-compliant funds. The trader, and others who might have known that the securities were not ERISA-eligible, were alerted to the change in classification, but raised no objections.

In the following months Western purchased the security for its clients, including 99 ERISA client accounts. The error was not discovered until October 2008, when a former client notified Western that the private placement was not ERISA eligible. After notification, the compliance staff immediately changed the security’s classification and ran a report identifying the ERISA accounts holding the security.

Western also launched an investigation of the matter, which focused on whether there had been a violation of ERISA or any client investment guidelines. If either of these had occurred, the purchase would be considered a trading error, requiring notification of clients, an immediate sale of the position, and reimbursement of any losses to affected accounts. As part of the investigation, compliance staff searched its investment contract database to determine whether the purchase breached the investment guidelines of any of the affected accounts. Unfortunately, this search failed to uncover a few accounts that did forbid the purchase, and the compliance staff determined that the purchase was not a “trading error” within the meaning of the firm’s trade error policy, since it was caused by a coding error and did not violate any investment guidelines.  Western also engaged outside counsel for advice on the matter.

In December 2008, Western had a committee meeting to discuss the issue, and considered the results of the investigation, legal analysis of inside and outside counsel. The committee concluded that there had been no investment guidelines breaches or any prohibited transactions under ERISA, but that the firm may be subject to liability for breaching the terms of the offering.

Western decided to sell out of the private placement in any event. Initially the effort to sell met with little success, given market conditions and the deterioration of the price. Western waited a few months for conditions to improve, and ultimately sold its entire position in the security by June 2009, albeit at a loss.

The SEC discounted Western’s investigation and analysis of the issue, and concluded that Western had intentionally defrauded its clients. With the benefit of hindsight, the SEC determined that the purchase of the private placement was a trade error, which Western should have corrected upon discovery, notified the affected clients, sold the position, and reimbursed the clients for any losses.

Why did the SEC decide that Western’s negligence was so egregious that it rose to the level of fraud?  Based on the facts at hand, Western took reasonable steps to deal with the situation.

First, it was using a state-of-the-art pre-trade compliance system (Charles River) to prevent purchases of ineligible securities. When Western became aware of the failure of that system, it promptly identified the accounts affected, launched an investigation, consulted in-house and outside counsel, and determined that there was no trading error. The firm ultimately decided to exit the position as soon as it was reasonable to do so. The SEC, however, completely discounted Western’s efforts to address the issue, perhaps because the result was self-serving on the adviser’s part.

So how should the SEC have handled these situations? At a minimum, the Commission should have addressed why the policies and procedures in place were unreasonable. The Compliance Program Rule requires advisers to adopt policies and procedures “reasonably designed to prevent violations of the Advisers Act by the adviser or any of its supervised persons.” Where did these advisers go wrong?  What was unreasonable about their policies and procedures?

Every firm is going to make mistakes and, unfortunately, sometimes these mistakes are going to harm clients. When the SEC finds a mistake that causes harm, it should determine first, whether there were policies and procedures in place that could have prevented such harm. The next step is to determine whether the policies and procedures were reasonably designed to prevent the harm.  Without this type of analysis, these settlements act simply as a scare tactic.

As disconcerting as these results may be, compliance officers may still be able to take some comfort from a speech given by Andrew Ceresney, SEC’s Director of Enforcement in May 2014.  Ceresney emphasized that the SEC will take action against compliance officers if:

  • they actively participated in misconduct,
  • they helped mislead regulators, or
  • they have clear responsibility to implement compliance programs or policies and wholly failed to carry out that responsibility.  

The Compliance Program Rule cases, for the most part, support Mr. Ceresney’s statements. The compliance officer generally received fines and tougher sanctions in cases where he or she appeared to be at fault.

The Way Forward

 The SEC’s aggressive posture is undeniably a cause for concern for advisers, and it is impossible to accurately predict how the SEC staff will react in specific situations. Nonetheless, there is much to be gleaned from the past 10 years.

The Mood in the Middle is as important as the Tone at the Top

The selection of a Chief Compliance Officer is an important decision for any advisory firm, and careful consideration should be given to any candidate’s level of experience, education, and overall knowledge of the Advisers Act. This does not mean that a firm has to hire an expert, but an adviser must provide sufficient resources for the CCO to be successful. This includes allowing the CCO to get training, the ability to consult with outside experts, and help within the firm. Senior management must provide an unwavering commitment to the CCO and to a strong culture of compliance within the firm. Knowing the compliance team’s efforts are supported and appreciated helps shape the mood in the middle, that is, the section of the firm tasked with dotting the I’s and crossing the T’s, and verifying such. Anything less will result in just that, less.

Acknowledge the importance of a robust and well-planned Compliance Program

Compliance with Rule 206(4)-7 should be a priority within an advisory firm, not an The business card definition of a CCO’s role could be:

  • Confirm the Firm’s key compliance documents (Compliance Manual, Code of Ethics, Form ADV Part 1, 2A and 2B) are current, appropriately consider the rules applicable to your business, reflect your actual practices, and are consistent across one another;
  • The Firm’s risk assessment appropriately considers the Firm’s practices, contemplates potential conflicts of interest, and is continually updated as the Firm evolves and regulatory changes occur; and
  • The Firm’s review, testing and surveillance activities are scheduled and documented, and when the results dictate, will impact the elements of compliance outlined above.

Reviewing a compliance manual can be a daunting task, but the settlement orders discussed in this article show that just putting the firm’s name on an off-the-shelf manual is a recipe for disaster. And a cursory review of the manual without analysis of the effectiveness of the compliance program is not going to cut it with the SEC. Establishing and maintaining a compliance program is the responsibility of the entire firm, not just the compliance officer. Engage all areas of the firm in:

  • The development and review of the compliance manual;
  • The development and review of the Firm’s inventory of risks and potential conflicts of interest; and
  • The annual review of the compliance program.

Finally, management should show a willingness to enforce the compliance policies and procedures (i.e. tone at the top). Managers should be given some ownership for the compliance program by being held responsible for his or her employee’s failure to comply with firm policies and procedures (i.e. mood in the middle).

I slept, and dreamed that life was Beauty; I woke, and found that life was Duty, by Ellen Sturgis Hooper

Investment advisers are fiduciaries, so any breach of a fiduciary duty that harms or could potentially harm clients should be addressed quickly and thoroughly. If there is any doubt about who is responsible for the breach, assume the adviser is responsible. The SEC deals harshly with firms that appear to act in their own self-interest by failing to quickly address red flags or correct issues.

Seek perspective.

Sometimes the only cost is simply admitting you could use some perspective. Subscribe to as many compliance publications as you think you have time for, make time to listen to industry webinars, and find opportunities to meet your peers. For example, a CCO Roundtable that is organized within your geographical area is a great way to network with other individuals doing what you do. Reaching out to a service provider may also be warranted, given the benefit they have of looking broadly across several advisory firms to consider themes of the examination staff, and/or different applications of compliance. 

In closing, I wish you the best. It’s a challenging yet personally and professionally rewarding, segment of the financial services industry we serve. Stay diligent and true to your ethical compass, and thank you for taking the time for some additional perspective!

[1] Transamerica Financial Advisors, Inc. IA Release 3808, April 3, 2014, (adviser failed to apply breakpoint fee discounts for retail advisory clients.); UASNM, Inc., IA Release 3846, June 9, 2014, 3846.pdf,  (Adviser failed to disclose secret commission arrangement, material conflicts of interest; made misleading claims on website; best execution violations; failed to adopt and implement reasonable policies & procedures; failed to supervise); Thomas E. Meade, IA Release 3855, June 11, 2014,,  (CCO failed to follow firm’s Insider Trading Policy, failed to review personal transaction reports, failed address insider trading risk); Lakeside Capital Management, LLC, and Dennis J. Daugs, Jr., IA Release 3877, July 17, 2014,, (Adviser breached fiduciary duty through his undisclosed use of assets; Adviser fraudulently liquidated securities and invested client’s money in undisclosed loans to himself, used over $5 Million from clients in undisclosed self- dealing, and violated compliance and custody rules.); Dominick & Dominick LLC and Robert X. Reilly, IA Release 3881, July 28, 2014,, (Adviser engaged in principal transactions without disclosure and client consent, omitted disclosing certain conflicts of interest, and made inaccurate statement in Form ADV on best execution and principal transactions); Structured Portfolio Management, L.L.C., SPM Jr., L.L.C., and SPM IV, L.L.C, IA Release 3906, August 28, 2014,, (Adviser found to have failed to have policies and  procedures to address improper trade allocations and inaccurate disclosures to investors) WestEnd Capital Management, LLC, IA Release 3919, September 17, 2014, . (Adviser failed to adequately supervise managing member of firm, who misappropriated investor funds for his own use.); Sean C. Cooper, IA Release 3920, September 17, 2014, (SEC found managing member of adviser misappropriated fund assets); Barclays Capital Inc., IA Release 3929, September 23, 2014,,  (Adviser failed to maintain an adequate internal compliance system, engaged in principal transactions without disclosure or client consent, violated custody rule); Lincolnshire Management, Inc., IA Release 3927. Sept. 22, 2014;, (Adviser found to have breached fiduciary duty, misallocated expenses, and failed to adopt policies and procedures to prevent violations).

[2] Ernst & Ernst v. Hochfelder . 425 U.S. 185 (1976)

[3] E.g., Barclays Capital Inc., IA Release No. 3929, September 23, 2014, .  Thomas E. Meade, IA Release 3855, June 11, 2014,