Legal Risk Management Tips

On December 29, 2016, the United States Tax Court handed down a decision in the case of Fleischer v. Commissioner of Internal Revenue[1] which focused on the tax issue of whether Mr. Fleischer or his wholly-owned S-Corporation(“S-Corp”)[2] had to report the earned income that was at issue in the case.  In addition to the tax issues, the decision provides additional guidance relating to some often misunderstood issues regarding entity formation, structure and operations that relate directly to small businesses, including a large number of financial industry advisers. 

Each year, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) publishes an examinations priorities letter so that its registrants will know of those areas that are of particular focus and are deemed potentially higher risk.  On January 12, 2017, the SEC released its priorities,[1] which continue to focus on protection of retail investors, servicing retirement and elderly investors and assessment of market-wide risks. 

As part of its “Fiscal Year 2016 Agency Financial Report” released by the U.S. Securities and Exchange Commission (“SEC”) last month, the SEC discussed enforcement cases for its fiscal year of 2016 (which concluded on September 30th).  According to the Report, the SEC once again set a new record for the number of enforcement actions filed in a fiscal year, having filed a record 868 enforcement actions in 2016, representing an increase of about seven percent (7%) from the number of actions brought in 2015.  Of the 868 enforcement actions, a record 160 were cases involving investment advisers or investment companies.[1]

If asked what violation is one of the most popular for FINRA to either settle or charge in a hearing, what you would guess?  Could it be AML?  FCPA?  Or another? One of the most frequently cited violations is failure to follow the firm’s Written Supervisory Procedures (“WSPs”) or having deficient WSPs.

In his May 2014 speech titled “Spreading Sunshine in Private Equity,” Andrew Bowden, the Director of the Office of Compliance, Inspections and Examination (“OCIE”) of the U.S. Securities and Exchange Commission (“SEC”) publicly announced that the private equity sector had become a focus for OCIE.[1]  Over the next two years, the financial services industry has seen a continued and increasing focus by OCIE, and by the SEC’s Division of Enforcement, on the private equity space.  Recent comments by Jane Jarcho, the new Deputy Director of OCIE, indicate that private equity advisers and their funds will remain as a high priority for the SEC in 2017.[2]

You’re walking down the street one day when it suddenly hits you – the perfect idea for a mobile application (“app”).  This is the app that’s going to change everything.  This app is straightforward, user-friendly and something that everyone wants and needs.  After frantically searching every corner of the internet to check if something like this is already in the market, and finding nothing, you decide it’s time for you to start a business around this great idea.  Having never owned or operated a business before, you start wondering what you should be thinking about when getting your business off the ground.  This article will help summarize some of the more immediate items you should consider when setting up your business.

So often we hear about regulatory compliance considerations governing cybersecurity.  But what about considerations from a legal perspective?  How do your vendors, who may not be subject to Regulation S-P and Regulation S-ID, help ensure they have adequate safeguards when servicing your firm? This month’s legal tip will focus on areas that we find are often overlooked within financial organizations’ cybersecurity program.  This includes contractual provisions to look for and request from vendors, due diligence questions to pose to service providers who have access to non-public information and information needed by counsel to respond to a cyber incident.

There are a variety of reasons why financial firms choose to partner with external third-party service providers (“TPSPs”) for the performance of essential tasks, rather than performing such tasks internally.  Such reasons often include, but are not limited to, the financial firm’s experience in performing certain tasks, cost/time restrictions and common industry practice.  Regardless as to the impetus for these relationships, regulators require financial firms to conduct initial and ongoing due diligence on TPSPs. This article will discuss the legal requirements of financial institutions to perform due diligence on TPSPs, examine recent enforcement cases where financial firms failed to properly perform such diligence and offer guidance on what financial institutions should consider when performing due diligence on service providers.

Over the past few years (and perhaps most notably starting with the much publicized Ted Urban Case,)[1] the issue of Chief Compliance Officer (“CCO”) liability has continued to cause anxiety amongst those who hold that title.  Effective February 5, 2004, the U.S. Securities and Exchange Commission (“SEC”) required that registered investment advisers (pursuant to Rule 206(4)-7 of the Investment Advisers Act of 1940, 15 U.S.C. § 80b) and investment companies (pursuant to Rule 38a-1 of the Investment Company Act of 1940, 15 U.S.C. § 80a) designate a CCO. The Financial Industry Regulatory Authority (“FINRA”) followed suit and required its member firms to designate a CCO.  Both regulators expect the CCO to be responsible for administering the firm’s policies and procedures that are reasonably designed to detect and prevent violations of securities laws and regulations.  It’s the ownership and implementation of those procedures that causes potential liability problems for those CCOs.

As our older population in the United States (i.e., persons 65 years of age of older) continues to increase, so does the servicing opportunities of the financial industry.  According to the U.S. Department of Health and Human Services, in 2013 one in seven Americans (or 14.1% of the U.S. Population) was over age 65.[1] By 2040, that number is forecasted to grow to 21.7%.[2]