Advertising and Marketing | Broker Dealer Regulation | Conflicts of Interest | cybersecurity | FINRA Rule Changes | Investment Adviser Regulation | Mutual Fund Regulation | Private Funds | Regulatory Deadlines | SEC News | Seniors and Vulnerable Investors

Ransomware Attacks! SEC Creates New Hoops for Advisers with Automated Proxy Voting; and Private Fund Conflicts Still Under the Microscope: Regulatory Update for August 2020

For Investment Advisers and Broker Dealers

RANSOMWARE ATTACKS! Is Your Firm Ready?  OCIE issued a risk alert warning investment advisers, broker dealers, and investment companies that increasingly sophisticated ransomware attacks are being carried out on many financial services market participants. The perpetrators of these attacks use phishing e-mails to gain access to a firm’s computer systems by tricking the recipient into opening an attachment.  The attachment unleashes malware that provides the perpetrator with access to a firm’s systems and denies access to the firm until a ransom is paid.  OCIE told registrants “to monitor the cybersecurity alerts published by the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), including the updated alert published on June 30, 2020 relating to recent ransomware attacks.”

OCIE also included a list of industry best practices for cyber breaches, encouraging firms to focus on ways to operate critical applications if the primary system is unavailable.  OCIE also encourages firms to ensure “geographic separation of back-up data and writing back-up data to an immutable storage system in the event primary data sources are unavailable.”  This risk alert is a MUST READ for investment advisers, broker-dealers and investment companies given the aggressiveness of these attacks in this work-from-home environment.  Contributed by Jaqueline M. Hummel, Partner and Managing Director.

SEC Examination Initiative: LIBOR Transition Preparedness. The transition away from LIBOR as a global reference rate stands to impact brokers, advisers, public and private funds, transfer agents, and other SEC registrants in varying degrees.  Unlike other OCIE risk alerts that summarize recent examination deficiencies, OCIE’s latest risk alert is preemptive.  OCIE intends to use the exam process to assess firm readiness for the transition, and registrants should be prepared to demonstrate their impact analysis of the LIBOR transition on its: “(i) business activities; (ii) operations; (iii) services; and (iv) customers, clients, and/or investors.”

More specifically, firms should have identified their exposure to any LIBOR-linked contracts that extend beyond the expected discontinuation date, and be ready to demonstrate thoughtful consideration of its operational plans, disclosures and client reporting about how the firm is handling the transition.  Registrants are encouraged to monitor the Alternative Reference Rates Committee (ARRC) website for updates and best practices related to the transition.

Firms with any commercial or financial contracts that use LIBOR as the reference rate should ensure that their analysis and planning efforts are well organized and documented.  And, for firms that haven’t yet completed an impact analysis, there is no time like the present.  Contributed by Cari A. Hopfensperger, Senior Compliance Consultant.

Florida Adopts “Senior Safe” Legislation. Florida, the sunshine seniors’ capital of the U.S., has become the 30th state to enact a Senior Safe-based statute.  The Protection of Specified Adults’ Act took effect on July 1, 2020.  This is a significant development as approximately 4.9 million senior citizens reside in Florida, and one in five Florida residents is 65 years or older, according to the U.S. 2018 Census.  Florida also updated its adult protective services’ law requiring state-registered investment advisers and broker-dealers to immediately report suspected abuse of seniors and vulnerable persons.  Additional highlights of Florida’s law include:

  • Protected investors under the Act are least 65 years old and “a[ny] person 18 years of age or older whose ability to perform the normal activities of daily living or to provide for his or her own care or protection is impaired due to a mental, emotional, sensory, long-term physical, or developmental disability or dysfunction, or brain damage, or the infirmities of aging.”
  • The Act permits broker-dealers and investment advisers to place holds on disbursements and transactions for fifteen-days (extendable for an additional ten days) in accounts where abuse or exploitation is reasonably suspected, provided that the firm:
  • Conducts an internal investigation pertaining to the suspected fraud;
  • Notifies the Florida Office of Financial Regulation and all accountholders and trusted persons (who are not suspected of fraudulent activities) within 72 hours of commencing the hold; and
  • Provide personnel with appropriate training and establish policies and procedures pertaining to seniors’ fraud.

Other states like California, Texas, Ohio, and New Jersey have already adopted similar laws.  Contributed by Carolyn W. Mendelson, Senior Compliance Consultant. 

For Investment Advisers

SEC Issues Supplemental Guidance Concerning Proxy Voting Responsibilities of Investment Advisers. The SEC recently adopted new rules applicable to proxy advisory firms.  These rules contain exemptions from certain requirements associated with proxy solicitations that can be leveraged by proxy advisors, subject to various conditions.  These conditions require proxy advisors to: (1) share its vote recommendations with an issuer before or at the same time they are provided to the proxy advisors’ clients, and (2) notify clients in a timely manner if or when an issuer releases additional information in response to the recommendation before the meeting.

How do these new requirements impact RIAs that engage proxy advisors?  Given that issuers will have an opportunity under the new rules to release new information after a proxy advisor’s vote recommendation is released, the SEC is next turning its attention to automated ballot submission services.

Many RIAs use automated voting in an effort to streamline their ballot voting process on standard agenda items.  In a typical workflow, the voting service is configured to automatically submit ballots in accordance with standard proxy voting guidelines, unless overridden by the RIA.  To address the potential that RIAs do not consider the issuer’s new information if their automated ballots have already been submitted in accordance with the proxy advisor’s recommendation, the SEC issued guidance on voting responsibilities of RIAs, supplementing its prior thoughts on this topic.  The guidance recommends that advisers consider additional information provided by issuers in response to a proxy advisor’ recommendations, and provide “full and fair” disclosure regarding the automated voting process.

More specifically, RIAs should take action on the suggestions in the supplemental guidance, including:

  • RIAs using automated voting should consider implementing additional workflows, policies and procedures to evaluate the pre-populated votes queued on the proxy advisor’s electronic voting platform, and to consider additional information from the issuer that becomes available before votes are cast.
  • As a guidepost for when RIAs should consider the additional information when deciding how to vote, the SEC expects firms to do so when the additional information “is filed sufficiently in advance of the submission deadline and such information would reasonably be expected to affect the investment adviser’s voting determination”.
  • Proxy advisors receiving automated vote submissions from their clients before meeting cut-off dates also have non-public information about how its clients plan to vote. In recognition of this risk, RIAs should review their agreement with their proxy advisor to ensure it contains restrictions on the proxy advisor’s ability to use that non-public information in a manner that is contrary to the best interest of the RIA’s client.
  • Finally, RIAs using automated vote submission should consider disclosures describing those activities. Specifically, the guidance states that “an investment adviser should carefully review its disclosures with respect to these matters in order to ascertain whether it has provided its clients with the disclosure necessary for the clients to provide informed consent with respect to the use of automated voting as a means of exercising voting authority and for the adviser to satisfy its obligations under rule 206(4)-6 and Form ADV.”

While the new rules and supplemental guidance passed in a 3 to 1 vote, there are disapproving voices on the Commission and in the industry that are concerned that these actions will not improve transparency, and will only make life more complicated for RIAs seeking to leverage proxy services for the benefit of their clients.  Notwithstanding, there is also hope that in adapting to these new rules, proxy advisors will develop new reports and tools to assist RIAs in complying with the new guidance.  Contributed by Cari A. Hopfensperger, Senior Compliance Consultant.

For Private Funds

SEC Finds Private Fund Advisers Lax in Disclosing Conflicts, Allocating Fees and Expenses, and Monitoring Inside Information.  OCIE published a Risk Alert on Observations from Examinations of Investment Advisers Managing Private Funds.  The big takeaways for private funds mangers are that OCIE is digging deep into private funds and aggressively pursuing conflicts of interest that “appear to be inadequately disclosed”, like allocating investments to certain clients but not others, the adviser and its principals having pre-existing ownership interests in portfolio companies, and only selectively offering co-investment opportunities.  OCIE also found fund managers guilty of failing to disclose the conflicts among clients investing in the same portfolio company but at different capital levels, and providing preferential liquidity rights to “seed” investors pursuant to side letters.  The bottom line is that OCIE is targeting fund managers for (i) providing preferential treatment to certain investors without adequately disclosing its practices to other investors, and (ii) not following disclosed procedures that resulted in investors overpaying fees and expenses.   OCIE also faulted fund managers for sloppy management of material non-public information (MNPI).

None of these findings should surprise private fund managers.  The SEC has been targeting the lack of disclosures and perceived preferential treatment given to some investors since the passage of the Section 402 of the Dodd-Frank Act, which required many private fund advisers to register with the SEC.  Private fund managers should scrutinize their disclosures, compare their policies and procedures to actual practices, and re-consider their treatment of MNPI.  Finally, examiners continue to look for, and find, undisclosed conflicts of interest.  Fund managers should review this risk alert carefully, comparing OCIE’s findings to their current disclosures to ensure they have covered all their bases.  Contributed by Jaqueline M. Hummel, Partner and Managing Director.

For Broker Dealers

FINRA’s New Gateway and Changes to Form U4 User Interface.  With anticipated completion in July, FINRA has been rolling out its replacement for its Firm Gateway with a new system called the FINRA Gateway.  This may be confusing for some because many in the industry referred to the Firm Gateway as the FINRA Gateway already, but regardless the new platform has a completely different look and feel.  Note that the FINRA Gateway is not currently supported in Internet Explorer.  The new Gateway, which is being implemented in stages, initially provides compliance functions, such as research, reporting and responding to requests.  As a lifeline, FINRA is still providing users with quick links back to their ‘classic’ applications and features, as well as resources for using the new FINRA Gateway, including a FAQ and several upcoming webinars.

In Information Notice – 6/25/20: FINRA Gateway – Changes to Form U4 User Interface and Access to Continuing Education, FINRA highlights changes to the manner in which firms and their personnel access FINRA’s registration and continuing education applications.  FINRA also provides dates for when these changes are anticipated to occur. Primarily, registered persons or those seeking registration will be required to use FINRA’s Financial Professional Gateway (FinPro) for managing registration information and completing Regulatory Element Continuing Education.  These changes are scheduled to start October 5, with the Regulatory Element Continuing Education changes scheduled for November 9.  Contributed by Doug MacKinnon, Senior Compliance Consultant.

How FINRA’s Amended Membership Application Program Rules Impact You NOW.  Often, when you read about changes to the Membership Application Program rules, you might keep scrolling with the thought that you will read them if and when they ever apply to your firm’s situation.  The amendments going into effect on September 14, 2020, will apply to your firm!

Specifically, FINRA will require mandatory materiality consultations for business expansions involving a single “Covered Pending Arbitration Claim,” unpaid arbitration award, or unpaid arbitration settlement.  A “Covered Pending Arbitration Claim” is defined by new FINRA Rule 1011(c)(1) as “[a]n investment-related, consumer initiated claim filed against the Associated Person in any arbitration forum that is unresolved; and whose claim amount (individually or, if there is more than one claim, in the aggregate) exceeds the hiring member’s excess net capital.”  That means, it is now FINRA member firms’ responsibility to seek a Materiality Consultation BEFORE hiring even one associated person with a Covered Pending Arbitration Claim or unpaid arbitration awards/settlements to be involved in sales.  FINRA’s Business Expansion Safe Harbor provided by IM-1011-1 cannot be relied on in cases where these situations exist.   To comply with the amended rule, FINRA members need to identify Covered Pending Arbitration Claims and outstanding arbitration awards/settlements before extending an offer of employment and before registering such individuals with their firm.

We recommend working with your firm’s HR department to develop procedures to identify these events (e.g., amend pre-hire questionnaires/attestations, review FINRA’s Web CRD Background Check prior to extending an offer of employment) and seek a Materiality Consultation, when necessary.   The remaining amendments…well, you can read if you plan to file a continuing membership application.  Contributed by Rochelle A. Truzzi, Managing Director.

FINRA Amends Rules to Address Reg BI.  FINRA amended its Suitability Rule 2111, CAB Suitability Rule 211, and Non-Cash Compensation Rules 2310 and 2320 to “provide clarity on which standard applies and to address potential inconsistencies with […] Reg BI.”  The amendments to these rules:

    • Clarify that Rule 2111 does not apply to recommendations that are subject to Reg BI, as Reg BI covers and goes beyond what is required by the suitability standard.
    • Remove the element of control from the quantitative suitability obligation under Rule 2111, to be consistent with the requirements of Reg BI.
    • Identify and eliminate any sales contests, sales quotas, bonuses, and non-cash compensation that are based on the sales of specific securities or specific types of securities within a limited time period under Rules 2310 and 2320.

Please be sure to amend your written policies and procedures to address FINRA’s changes to the Suitability and Non-cash Contribution rules.  Contributed by Rochelle A. Truzzi, Managing Director.

Do your Communications on Private Placement Offerings Pass the Test?  If your firm creates, reviews, approves, distributes, or uses retail communications concerning private placements, FINRA’s Regulatory Notice 20-21 is a must-read.  First, FINRA reminds us that private placements sold by member firms generally must be filed with FINRA in accordance with Rules 5122 and 5123.

The majority of private placement offering documents meet the definition of retail communication, as provided under FINRA Rule 2210.  Paragraph (d)(1) of the Rule requires that all member communications be fair, balanced, and not misleading.  FINRA reminds its members that “[…] communications that promote the potential rewards of an investment also must also disclose the associated risks in a balanced manner.”

FINRA has identified common deficiencies associate with these retail communications and cautions its members about the: (1) use of third-party prepared materials; (2) presentation of benefits and associated risks; (3) proper forecasting of issuer operating metrics; (4)  misrepresentation of distribution rates; and (5) use of unwarranted forecasts or projections of investment performance prohibited by Rule 2210(d)(1).  Offering documents and sales materials prepared by a third party and distributed by a FINRA member become communications with the public, whether or not the FINRA member assisted in the preparation of the documents; and, therefore, must comply with Rule 2210.  FINRA notes that providing risk disclosure in a separate document or a different section of a website does not substitute for disclosure contained in, or integrated with, a specific retail communication.

Member firms are prohibited from projecting or predicting returns to investors such as yields, income, dividends, capital appreciation percentages, or any other future investment performance.  However, a member may include, “[…] reasonable forecasts of issuer operating metrics (e.g., forecasted sales, revenues, or customer acquisition numbers) provided the communication also includes clear explanations of the key assumptions underlying the metrics presented along with the key risks that may prevent the achievement of the forecasted metrics.”  FINRA provides its members with items for consideration when using forecasts of issuer operating metrics.

When a retail communication contains a discussion of distribution rates, member firms should be sure not to state or imply that a distribution rate is a “Yield” or “Current Yield” or that the investment in the program is comparable to a fixed-income investment, such as a bond or note.  The member must clearly identify the composition of all distributions (e.g., return of principal, cash flows from operations, loan proceeds).  FINRA goes on to provide necessary disclosures regarding distribution rates to comply with Rule 2210.

FINRA warns members that the use of internal rates of return (IRR) in communications concerning privately placed new investment programs with no operations or that operate as a blind pool would be, “inconsistent with the prohibition on unwarranted forecasts or projections in Rule 2210(d)(1)(f).  This would not preclude the discussion of internal rates of return for investment programs where the holding matured or all holdings in the pool have been sold.  FINRA provides additional guidance about the disclosure of internal rates of return calculated following the Global Investment Performance Standards (GIPS).

Throughout the notice, FINRA references previously issued notices that dive into each topic further.  I encourage you to re-read the referenced notices along with Notice 20-21.  Finally, FINRA members may want to enhance their existing written procedures regarding retail communication or private placements to address and reduce the risk of stumbling over one or more of the common deficiencies noted by FINRA.  Advisers to private funds that use a FINRA-member firm as a placement agent should also review this FINRA notice.  Contributed by Rochelle A. Truzzi, Managing Director.

Do You or Your Associates Dabble in Digital Assets?  FINRA continues to encourage firms to keep their Risk Monitoring Analyst (i.e., Regulatory Coordinator) informed if the firm or any of its associated persons or affiliates engage in activities related to digital assets, even if those assets are non-securities.  Notice 20-23 includes a list of the types of activities of interest to FINRA.  We recommend updating your annual compliance questionnaire or Code of Ethics questionnaire to include an inquiry into such activities.  It is up to each firm whether to inform FINRA since notification is not required.  However, to demonstrate the execution of your supervisory duties, you should know and document your associated persons’ outside business activities and private investments, including those involving digital assets.  Contributed by Rochelle A. Truzzi, Managing Director.

SEC Updates Filing Threshold to Rule 17h Reporting Requirements for Broker-Dealers.  The SEC issued an order on June 29 to update the filing threshold for broker-dealers’ Form 17-H filings.  The thresholds, which had not been updated in 30 years, increases from $20 million to $50 million, provided the broker-dealer maintains less than $1 billion in total assets and meets certain other conditions (including that it does not hold funds, does not carry customer accounts, etc.).  The changes are intended to increase the overall efficiency of the 17-H process and reduce reporting burdens on smaller broker-dealers.  Contributed by Doug MacKinnon, Senior Compliance Consultant.

Lessons Learned 

Franklin Advisers / Franklin Templeton.  A July proceeding against Franklin Advisers, Inc. (“FAV”) and Franklin Templeton Investments Corp. (“FTIC”) (together, “Franklin”) serves as a reminder to mutual fund advisers that even low-risk violations can come back to haunt them when chronically ignored.  Section 12(d)(1) of the Investment Company Act (the “Fund of Funds Rule”) prohibits investment companies from  (1) acquiring more than 3% of the outstanding voting stock of another registered investment company (“RIC” or “mutual fund”); (2) putting more than 5% of total assets into a single RIC; and (3) putting more than 10% of their total assets into RICs generally.  Section 12(d)(1)(F) allows a fund company to exceed these limits with the caveat that the company and its affiliates do not own, in the aggregate, more than 3% of the outstanding shares of the acquired company.

During 2014 and 2015, certain Franklin funds acquired shares of three unaffiliated ETFs, with each fund exceeding its own 10% limit on RIC holdings.  While the SEC noted that the funds had written policies and procedures designed to ensure Section 12(d)(1) compliance, FAV failed to implement a pre-trade screening process to prevent breaches.  Compliance eventually discovered the breaches, and FAV reduced its ETF positions to correct them, realizing a loss in one of the three correcting trades.  Because the other two sales resulted in gains that more than offset the loss, FAV concluded that the losses need not be reimbursed, creating a conflict of interest that FAV failed to disclose.  FAV also failed to share its decision not to reimburse the funds for their losses with the fund board, only doing so after the commencement of the SEC’s investigation in February of 2018.

The SEC charged both Franklin entities for breaching the limits of Section 12(d)(1).  FTIC was charged a penalty of $75,000.  FAV was also charged with failing to implement policies and procedures as required under Investment Advisers Act Section 206(4), and Rule 206-4(7), the Compliance Program Rule), and hit with a $250,000 fine.

The takeaway here is that mutual fund advisers should maintain robust pre-trade and post-trade compliance procedures to monitor compliance with portfolio guidelines, whether they are driven by the Investment Company Act, IRS rules, or the mutual fund’s prospectus.  If and when errors occur, fund advisers should be transparent in their reporting to the board.  Finally, netting gains from one trade error against a loss from another to avoid reimbursing a client account for the loss on the error is problematic.  Contributed by Mark L. Silvester, Compliance Associate. 

Worth Reading

Filing Deadlines and To-Do List for August 2020


  • Form 13F: Form 13F Quarterly Filing for Q2 2020 is due for advisers within 45 days after the end of the calendar quarter.  Due date is August 14, 2020.


  • Blue Sky Filings (Form D): Advisers to private funds should review fund blue sky filings and determine whether any amended or new filings are necessary.  Generally, most states require a notice filing (“blue sky filing”) within 15 days of the first sale of interests in a fund, but state laws vary.  Did you know that Hardin Compliance Consulting offers a convenient and economical blue-sky filing service to help firms manage this complicated monthly task?  Learn more here and give us a call to discuss your needs further.  Due August 15, 2020.
  • Form PF for Large Hedge Fund Advisers: Large hedge fund advisers must file Form PF within 60 days of each quarter-end on the IARD system.  Due date is August 29, 2020.


  • Rule 17a-5 Monthly and Fifth FOCUS Part II/IIA Filings: For the period ending July 31, 2020. For firms required to submit monthly FOCUS filings and those firms whose fiscal year-end is a date other than a calendar quarter.  Due August 25, 2020.
  • Supplemental Inventory Schedule (“SIS”): For the month ending July 31, 2019. The SIS must be filed by a firm that is required to file FOCUS Report Part II, FOCUS Report Part IIA or FOGS Report Part I, with inventory positions as of the end of the FOCUS or FOGS reporting period, unless the firm has (1) a minimum dollar net capital or liquid capital requirement of less than $100,000; or (2) inventory positions consisting only of money market mutual funds. A firm with inventory positions consisting only of money market mutual funds must affirmatively indicate through the eFOCUS system that no SIS filing is required for the reporting period.  Due August 28, 2020.
  • Annual Audit Reports for Fiscal Year-End June 30, 2020: FINRA requires that member firms submit their annual audit reports in electronic form. Firms must also file the report at the regional office of the SEC in which the firm has its principal place of business and the SEC’s principal office in Washington, DC. Firms registered in Arizona, Hawaii, Louisiana, or New Hampshire may have additional filing requirements.  Due August 31, 2020.
  • SIPC-7 Assessment: For firms with a Fiscal Year-End of June 30.  SIPC members are required to file the SIPC-7 General Assessment Reconciliation Form together with the assessment owed (less any assessment paid with the SIPC-6) within 60 days after the Fiscal Year-End.  Due August 29, 2020.
  • SIPC-3 Certification of Exclusion from Membership: For firms with a Fiscal Year-End of July 31 AND claiming an exclusion from SIPC Membership under Section 78ccc(a)(2)(A) of the Securities Investor Protection Act of 1970. This annual filing is due within 30 days of the beginning of each fiscal year.  Due August 30, 2020.
  • SIPC-6 Assessment: For firms with a Fiscal Year-End of January 31, 2019. SIPC members are required to file for the first half of the fiscal year a SIPC-6 General Assessment Payment Form together with the assessment owed within 30 days after the period covered. Due August 30, 2020.


  • Form N-MFP:  Form N-MFP (Monthly Schedule of Portfolio Holdings of Money Market Funds) reports information about the fund’s holdings as of the last business day of the prior calendar month and must be filed no later than the fifth business day of each calendar month.  Due date is August 7, 2020.
  • Form N-PX:  Registered investment companies (other than small business investment companies) are required to annually file Form N-PX, containing the fund’s proxy voting record for the most recent twelve-month period ended June 30.  Due date is August 31, 2020.


  • Form CPO-PQR: (June 30 Quarter End): Small, Mid-Sized and Large Commodity Pool Operators are required to file Form CPO-PQR quarterly with the NFA.  Due date is August 31, 2020.
  • Form CTA-PR (June 30 Quarter End): Commodity Trading Advisors are required to file Form CTA- PR quarterly with the NFA.  Due date is August 14, 2020.



Partner with Hardin Compliance

Have a compliance question or want an independent review of your compliance program?  Hardin Compliance can help!  Call us today at 1.724.935.6770, or visit our website at for more information.


Hardin Compliance Consulting provides links to other publicly-available legal and compliance websites for your convenience. These links have been selected because we believe they provide valuable information and guidance.  The information in this e-newsletter is for general guidance only.  It does not constitute the provision of legal advice, tax advice, accounting services, or professional consulting of any kind.

Photo by timJ on Unsplash.