The Compliance and Regulatory Consulting practice outlines the SEC’s and the SEC’s Office of Compliance Inspections and Examinations’ (OCIE) recent updates, announcements, proposed amendments, observations and examination priorities from the third quarter of 2020.
SEC Adopts Amendments to Exemptive Applications Procedures
The SEC voted on July 6, 2020 to adopt rule amendments to rule 0-5 to establish an expedited review procedure for exemptive and other applications under the Investment Company Act that are substantially identical to recent precedent, as well as new informal internal procedure for applications that would not qualify for the new expedited process. These rule amendments are intended to create a more streamlined application process that provides additional certainty and transparency.
SEC Chairman Jay Clayton stated, “The process provides economic benefits to fund shareholders, expands investor choice, and facilitates innovation in the asset management industry, all with a steadfast commitment to transparency and investor protection,” and that “The changes approved today will modernize and streamline this process, resulting in improved transparency, reduced costs, and a more efficient use of our staff’s resources.”
Expedited Review Procedure for Routine Applications
- Expedited review will be available if the application is substantially identical to two other applications for which an order granting the relief has been issued within three years of the date of the application’s initial filing.
- Notice for an application filed under expedited review will be issued no later than 45 days from the date of filing unless the application is not eligible under the rules or additional time is necessary for appropriate staff consideration.
- An application for expedited review will be deemed withdrawn if the applicant does not respond to comments from SEC staff within 30 days.
Procedure for Other Applications
- The amendments to rule 0-5 under the Act will deem an application outside of expedited review withdrawn when the applicant does not respond to comments from SEC staff within 120 days.
- New rule 17 CFR 202.13 establishes an internal timeframe for staff to take action on applications outside of expedited review within 90 days of the initial filing and each of the first three amendments thereto, and within 60 days of any subsequent amendment.
Read more here.
SEC Proposes Amendments to Update Form 13F for Institutional Investment Managers; Amend Reporting Threshold to Reflect Today’s Equities Markets
On July 10, the SEC announced a proposal to amend Form 13F regarding its reporting threshold, which has not been adjusted since adoption by the SEC over 40 years ago. SEC chairman Jay Clayton stated the changes would “update the 13F reporting threshold to a level that furthers the statutory goal of enabling the SEC to monitor holdings of larger investment managers while reducing unnecessary burdens on smaller managers.”
The proposal would amend the reporting threshold from $100 million to $3.5 billion—an increase proportionate to the overall market value of U.S. public corporate equities since 1978, when Form 13F was adopted.
Read more here.
Risk Alert: Cybersecurity – Ransomware
The OCIE published a risk alert on July 10, 2020 to share its observations for improving operational resiliency and effectiveness in responding to cyber threats. The OCIE observed an apparent increase in sophistication of ransomware attacks on SEC registrants, including broker-dealers, investment advisers and investment companies, as well as service providers to registrants.
The OCIE encourages registrants and other financial services market participants to monitor cyber security alerts published by the Department of Homeland Security Cybersecurity and Infrastructure Agency (CISA), including the June 30, 2020 alert published regarding recent ransomware attacks.
Acknowledging that all policies, procedures and plans may not be appropriate for every organization, the OCIE has outlined measures it has observed registrants utilizing, which can be found here.
SEC Adopts Rule Amendments to Provide Investors Using Proxy Voting Advice More Transparent, Accurate and Complete Information
On July 22, 2020, the SEC voted to adopt amendments to its rules governing proxy solicitations designed to ensure that clients of proxy voting advice businesses have reasonable and timely access to more transparent, accurate and complete information on which to make a voting decision. SEC Chairman Jay Clayton stated that, “Today’s actions ensure that those who take on the responsibility of investing and voting on behalf of our Main Street investors have the accurate and decision useful information necessary to make an informed voting decision for the benefit of those investors.”
The amendments aim to allow those who utilize proxy voting advice to make informed voting decisions without imposing undue costs or delays that negatively affect the timely provision of proxy voting advice. In addition, these amendments collectively echo the SEC’s longstanding view that proxy voting advice generally constitutes a solicitation under the proxy rules. Failure to disclose this type of material information regarding proxy voting advice could bring a possible violation of the antifraud provision of the proxy rules.
The amendments will be effective 60 days after publication in the Federal Register but affected proxy voting advice businesses subject to the final rules are not required to comply with the Rule 14a-2(b)(9) amendments until December 1, 2021.
Read more here.
SEC and FDIC Adopt Final Rule on the Orderly Liquidation of Covered Broker-Dealers under Title II of the Dodd-Frank Act
On July 24, 2020, the SEC and the Federal Deposit Insurance Corporation (FDIC) adopted a final rule required by the Dodd-Frank act to clarify and implement provisions relating to the orderly liquidation of certain brokers or dealers in the event the FDIC is appointed receiver under Title II of the Dodd-Frank Act. The final rule was developed in with the help of the Securities Investor Protection Corporation.
The rule states that the liquidation of a covered broker-dealer must be executed in a way that ensures customers of the covered broker-dealer receive payments or property at least as beneficial to them should the covered broker-dealer had been liquidated under the Securities Investor Protection Act of 1970.
Additionally, the final rule explains the claims process relevant to customers and other creditors of a covered broker-dealer and clarifies the FDIC’s powers as receiver with respect to the transfer of assets of a covered broker-dealer to a bridge broker-dealer.
Read more here.
SEC Enforcement Division and the Department of Justice Publish a Second Edition “Resource Guide to the U.S. Foreign Corrupt Practices Act”
The resource guide provides thorough insights and information on criminal statute including new cases, law and policies. The updated guide assists companies, practitioners and the public with preventing corruption.
The resource guide can be accessed here.
SEC Announces Creation of the Event and Emerging Risk Examination Team in the Office of Compliance Inspections and Examinations and the Appointment of Adam D. Storch as Associate Director
The SEC announced on July 28, 2020 the creation of the Event and Emerging Risks Examination Team (EERT) in the OCIE which will work collaboratively with OCIE exam staff in the regional offices, focus on implementing OCIE exam priorities, help ensure that firms are better prepared to address exigent threats, incidents and emerging risks and work with OCIE staff to provide expertise and support in response to significant market events that could have a systemic impact or that place investors assets at risk.
Read the press release here.
Risk Alert: Select COVID-19 Compliance Risks and Considerations for Broker-Dealers and Investment Advisers
On August 12, 2020, the OCIE published a risk alert to share observations regarding several COVID-19-related issues, risks and practices relevant to SEC-registered investment advisers and broker-dealers and identified heightened risks of misconduct in various areas.
The OCIE’s observations and recommendations fall broadly into the following six categories:
- protection of investors’ assets;
- supervision of personnel;
- practices relating to fees, expenses, and financial transactions;
- investment fraud;
- business continuity; and
- the protection of investor and other sensitive information.
Duff & Phelps published a summary of the alert that can be found here.
Read the alert here.
SEC Proposes New Rule Under Regulation S-T
On August 21, 2020 the SEC proposed a new rule under Regulation S-T in its administration of the Electronic Data Gathering, Analysis and Retrieval system (EDGAR). The SEC has seen an increased amount of administrative issues that directly impact the reliability and integrity of EDGAR submissions.
The proposed Rule 15 outlines new actions the SEC may take resolve the issues:
- Redact submissions containing personally identifiable information that could cause financial or personal harm to an individual
- Prevent any submission to EDGAR that poses a cybersecurity threat
- Correct and/or prevent issues stemming from EDGAR system outages or incorrect processing of submissions, avoiding unduly burdening filers
- Remove and/or prevent public dissemination of a submission made under an incorrect EDGAR unique identifying number
- Affirm the SEC’s ability to make sure that only persons authorized to make submissions on behalf of the filer may do so
- Reduce risk of potential manipulation but exercising the authority to prevent acceptance or dissemination of a submission if the submission is believed to be misleading or manipulative
- Prevent the used of EDGAR access codes if there is reason to believe an unauthorized submission has been made
Read more here.
SEC Modernizes the Accredited Investor Definition
The SEC adopted amendments to the definition of an “accredited investor,” which is intended to update and improve the definition to more effectively identify institutional and individual investors that have the knowledge and expertise to participate in those markets on August 26, 2020.
The amendments revise Rule 501(a), Rule 215 and Rule 144A and are designed to continue the SEC’s initiative to simplify, harmonize and import the exempt offering framework, and aim to expand investment opportunities while simultaneously maintaining adequate investor protections and promoting capital formation.
The amendments will make the following changes to Rule 501(a):
- Add a new category to the definition of an accredited investor that permits natural persons to qualify as accredited investors based on certain professional certifications, designations or credentials issues by an accredited educational institution.
- Holders, in good standing, of the Series 7, Series 65 and Series 82 licenses would be designated as natural persons.
- Include natural persons who are “knowledgeable employees” of the fund
- Clarify that limited liability companies (LLCs) with $5 million in assets may be accredited investors
- Add SEC and state-registered investment advisers, exempt reporting advisers and rural business investment companies (RBICs) to the list that may qualify as accredited investors
- Add a new category that included any entity, including Indian tribes, governmental bodies, funds, and entities organized under laws of foreign countries that own “investments” in excess of $5 million and that was not formed strictly for investing in the securities offered
- Add “family offices” with at least $5 million in AUM, in addition to their “family clients”
- Add the term “spousal equivalent” to the definition, so that spousal equivalents may pool their finances for the purpose of qualifying as accredited investors
The amendments will make the following changes to Rule 215:
- Replace the existing definition with a cross reference to the definition in Rule 501(a)
The amendments will make the following changes to Rule 144A:
- Expand the definition of “qualified institutional buyer” to included LLCs and RBICs if they meet the $100 million in securities owned and invested threshold
- Add any institutional investors included in the accredited investor definition that aren’t outlined in the “qualified institutional buyer,” provided they meet the $100 million threshold
Read more here.
SEC Adopts Rule Amendments to Modernize Disclosures of Business, Legal Proceedings and Risk Factors Under Regulation S-K
On August 26, 2020, the SEC adopted amendments to modernize the description of business, legal proceedings and risk factor disclosures that registrants are required to make pursuant to Regulation S-K. SEC Chairman, Jay Clayton explained that the rules are “rooted in materiality and seek to elicit information that will allow today's investors to make more informed investment decisions.”
The disclosure requirements pursuant in the adopted amendments are aimed to create a more transparent understanding of registrant’s business, financial condition and prospects. Additionally, the SEC believes these amendments will improve readability of disclosure documents. Some of the material changes include:
- A description of the registrant's human capital resources to the extent such disclosures would be material to an understanding of the registrant’s business
- Implementing a modified disclosure threshold for certain governmental environmental proceedings resulting in monetary sanctions that increases the existing quantitative threshold for disclosure of those proceedings from $100,000 to $300,000
- Requiring a summary risk factor disclosure
Read more here.
Risk Alert – Cybersecurity Safeguarding Client Accounts against Credential Compromise
On September 15, 2020, the OCIE published a Risk Alert outlining an increase in the number of cyber-attacks seen while conducting examinations of SEC-registered investment advisers and broker-dealers using credential stuffing. These attacks utilize lists of usernames, email addresses and passwords that are run through automated scripts to attempt to log in and gain unauthorized access to customer accounts. If an attack turns out to be successful, the attackers obtain and sell assets, confidential information and login credentials on the dark web.
The OCIE has outlined best practices to combat these attacks:
- Implementing policies and procedures that focus on updating passwords, requiring strength, length and type
- Utilizing multi-Factor authentication (MFA)
- Deploying CAPTCHA, which combat scripts or bots
- Implementing controls to detect and prevent credential stuffing attacks (i.e. large number of fail logins in a given time period)
- Utilizing a web application firewall (WAF)
- Monitoring of the dark web for web lists of leak user IDs and passwords
Read more here.