Stay up to date on the latest compliance and regulatory news and insights with Fairview Flash Reports
Enter your information below to start receiving Flash Reports:
Our team of regulatory experts provides timely updates and analyses of all SEC and regulatory news affecting compliance professionals. Our Flash Reports are delivered right to your inbox, helping to ensure you remain informed on all of the latest SEC-related news and trends. Whether you’re looking for updates on the Private Fund Reform Rules, the Cybersecurity Risk Management Rule, or SEC Exam trends, we’ve got you covered.
Below are a few examples of our Flash Reports.
After a ransomware gang broke into the systems of fintech platform MeredianLink, the gang did something quite unprecedented: they called the regulators, according to a Wall Street Journal article.
Hackers AlphV and Blackcat broke into MeridianLink’s systems, and to pressure the company into meeting ransomware demands, the hackers disclosed the incident to the SEC. After the SEC was notified, MeridianLink acknowledged the hack. The company said that the incident caused minimal business disruption.
This move, which demonstrates cyber criminals’ acute awareness of the regulatory landscape, comes following the SEC’s adoption of rules that will require various enhancements to cybersecurity programs of public companies, including disclosure of materially important cybersecurity incidents to investors within four days of discovering them. The SEC also recently announced that it was doubling the size of its unit responsible for crypto cases and cybercrime, and is expected to finalize the proposed Cybersecurity Risk Management rule for registered investment advisors in the near future.
The SEC continues to increase its focus on cybersecurity, and this is a trend we expect to remain constant, if not heightened, in 2024.
Artificial intelligence (“AI”) sweep exams may be on the horizon for 2024. An examination document reviewed by Ignites stated that the SEC asked at least one firm to provide information regarding its AI policies and procedures. The letter included requests for descriptions of “all algorithmic trading signals generated by AI models” that the firm uses, as well as data sources and their vendors.
Below are additional requests from the SEC regarding artificial intelligence.
These requests could potentially be the first of an AI-related sweep by the SEC. They are in line with the goal of the proposed rules by the SEC on July 26th, 2023, regarding the use of predictive data analytics by broker-dealers and investment advisors. The proposed rules would require a firm to eliminate or neutralize conflicts of interest associated with the firm’s use of covered technologies in investor interactions that place the firm’s interest ahead of the investor’s interest. Additionally, it would require firms to maintain written policies and procedures if covered technology is used to prevent violations of the proposed rules.
What does this mean for me?
AI is becoming another key focus area for the SEC. Firms should review the proposed rules by the SEC regarding predictive data analytics as well as the sample requests listed above to ensure they can comply with the proposed rules, and provide adequate documentation to the SEC if requested. Firms should also be proactive to ensure they remain up to date with regulatory expectations and best practices.
On September 1, 2023, six private equity and hedge fund trade groups sued the SEC to block new private fund reforms adopted in August. The suit was filed in the Fifth Circuit Court of Appeals and argued that the SEC overstepped its statutory authority by adopting sweeping changes with these new rules for private funds. For more on the private fund reforms see the SEC press release and our prior coverage.
These reforms faced headwinds from the beginning. It was a divided SEC that voted to adopt them: two dissenting commissioners pointed to the harm these reforms would cause to investors, competition, and the ability to contractually negotiate terms. Bryan Corbett, CEO of the Managed Funds Association (MFA) pointed to the increased costs for investors, undermining of competition, and reduction of investment opportunities as well.
The new rules for registered private fund advisers include providing quarterly statements to fund investors; completing annual audit requirements for each private fund; a requirement for adviser-led secondary transactions to obtain a fairness opinion or valuation opinion in connection with the transaction; and strict disclosure and consent requirements for a number of activities. Though the proposed prohibitions were softened in the final rules to “restricted activities” which could still be done with proper disclosure and meeting strict requirements, this softening was not enough to avoid a suit. The suit seeks to vacate the rules because they “exceed the Commission’s statutory authority, were adopted without compliance with notice-and-comment requirements, and are otherwise arbitrary, capricious, an abuse of discretion, and contrary to law, all in violation of the Administrative Procedure Act.”
SEC Chair Gary Gensler cited the rapid growth and increased influence of the private fund industry as the need for reforms that bring more transparency and competition. In response to the suit, an agency spokesperson said the Commission “undertakes rulemaking consistent with its authorities and laws governing the administrative process, and we will vigorously defend the challenged rule in court.”
What does this mean for me?
These reforms are in keeping with the SEC’s trend of increased regulatory attention to private funds, and the SEC’s quick pace of new rulemaking. The Fifth Circuit has been a friendly judicial venue for the industry. While the suit may or may not succeed in vacating all or a portion of these new rules, given the record of prior rulemakings, regulatory attention to private funds is not likely slow down.
An 18-month transition gives plenty of time to prepare and react to any changes that the outcome of this suit may bring. Compliance programs should start preparing now to be ready when the compliance date arrives.
On February 13, 2024, the Financial Crimes Enforcement Network (FinCEN) proposed a new rule to combat the investment of illicit funds in the U.S. financial system. The proposed rule would require certain investment advisers to apply Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) requirements pursuant to the Bank Secrecy Act (BSA).
On February 9, 2024, the SEC announced charges against five broker-dealers, seven dual registrants, and four advisers for recordkeeping violations related to electronic communications.
An active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, according to researchers from Proofpoint, a company that provides cybersecurity products and software.