Navigating new rules and their associated implications has become the new norm for many compliance teams. With such active regulators, being adaptable to new requirements has become a must for successfully protecting a firm and maintaining the highest standard of compliance.
In this blog, which features excerpts from the recently published 2024 U.S. CCO Playbook, we highlight some of those upcoming rules, digging into the expected impact they may have on the market. Plus, we (virtually) sit down with COMPLY’s Chief Regulatory Officer John Gebuaer to discuss how firms can navigate this regulatory evolution.
Proposed Rules and Their Implications for the Market
SEC: Outsourcing by Investment Advisers
SUMMARY: “The Securities and Exchange Commission is proposing a new rule under the Investment Advisers Act of 1940 to prohibit registered investment advisers from outsourcing certain services or functions without first meeting minimum requirements. The proposed rule would require advisers to conduct due diligence prior to engaging a service provider to perform certain services or functions. It would further require advisers to periodically monitor the performance and reassess the retention of the service provider in accordance with due diligence requirements to reasonably determine that it is appropriate to continue to outsource those services or functions to that service provider.”
IMPACT: This rule would require advisers to more thoroughly vet and supervise vendors used by the firm for any function to be outsourced. It also contains requirements for certain contract provisions, which could lead to renegotiation of terms for many vendors used by advisers.
Financial Crimes Enforcement Network: Anti-Money Laundering/Countering the Financing of Terrorism Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers and Exempt Reporting Advisers
SUMMARY: “FinCEN, a bureau of the U.S. Department of the Treasury (Treasury), is issuing this notice of proposed rulemaking (NPRM) to include certain investment advisers in the definition of “financial institution’’ under the Bank Secrecy Act (BSA), prescribe minimum standards for anti-money laundering/ countering the financing of terrorism (AML/ CFT) programs to be established by covered investment advisers, require covered investment advisers to report suspicious activity to FinCEN pursuant to the BSA, and make several other related changes to FinCEN regulations. FinCEN is proposing this action to address gaps in the existing AML/ CFT regulatory framework in this sector. The proposed regulations will apply to investment advisers that may be at risk for misuse by money launderers, terrorist financers, or other actors who seek access to the U.S. financial system for illicit purposes via investment advisers and threaten U.S. national security.”
IMPACT: The Bank Secrecy Act has not historically covered Investment Advisers, which as a result means that unless an Investment Adviser has chosen to incorporate an AML program of their own volition or was a dual registrant, no rules have existed requiring IAs to implement AML programs.
Should this rule come to pass, IAs would be required to amend their Policies and Procedures to incorporate all aspects of the AML rule requirements as detailed above. The new rule would impact both the structure of compliance programs and day-to-day tasks, including updated Annual Review requirements, increased employee monitoring, and more.
SEC: Safeguarding Advisory Client Assets
SUMMARY: “The Securities and Exchange Commission is proposing a new rule under the Investment Advisers Act of 1940 to address how investment advisers safeguard client assets. To effect our redesignation of the current custody rule for the proposed new safeguarding rule, we are proposing to renumber the current rule. In addition, we are proposing to amend certain provisions of the current custody rule for enhanced investor protections. We also are proposing corresponding amendments to the recordkeeping rule under the Advisers Act and to Form ADV for investment adviser registration under the Advisers Act.”
IMPACT: This proposed rule represents a major shift in the definition and application of custody. The definition will be broadened to include discretion as well as expanded beyond funds and securities to “assets,” which includes digital assets and cryptocurrencies. COMPLY estimates that if this rule is adopted as proposed, more than five thousand additional investment advisers will be deemed to have custody and subject to the additional obligations that entails.
SEC: Cybersecurity Risk Management for Investment Advisers, Registered Investment Companies, and Business Development Companies
SUMMARY: “The Securities and Exchange Commission is proposing new rules under the Investment Advisers Act of 1940 and the Investment Company Act of 1940 to require registered investment advisers and investment companies to adopt and implement written cybersecurity policies and procedures reasonably designed to address cybersecurity risks. The Commission also is proposing a new rule and form under the Advisers Act to require advisers to report significant cybersecurity incidents affecting the adviser, or its fund or private fund clients, to the Commission. With respect to disclosure, the Commission is proposing amendments to various forms regarding the disclosure related to significant cybersecurity risks and cybersecurity incidents that affect advisers and funds and their clients and shareholders. Finally, we are proposing new recordkeeping requirements under the Advisers Act and Investment Company Act.”
IMPACT: Cybersecurity has been a top priority for regulators for many years and those priorities are now being codified into rules. While firms will likely already have a basic understanding of the risk they face, the new rules would require resilience plans to be in place for when (not if) a cyber event occurs. Requirements would include reporting, disclosure, and recordkeeping specifications which create additional burdens for compliance teams.
Navigating Regulatory Change: Insights from COMPLY Chief Regulatory Officer John Gebauer
WHAT KIND OF IMPACT WILL THESE RULES HAVE ON FIRMS, BOTH LARGE AND SMALL? SHOULD THEY EXPECT A “GRACE PERIOD” FOR ENFORCEMENT, OR WILL REGULATORY BODIES ACT QUICKLY TO SET STANDARDS?
While we are sometimes critical of rulemaking, we do recognize that the regulators carefully and thoroughly consider any comments submitted regarding proposed rules. They often adjust final compliance dates to allow for a reasonable implementation schedule. Unfortunately, though, this is often done without consideration of the overall regulatory environment and in times like now, when there are multiple new rules to implement, what seemed reasonable in isolation, can quickly become untenable. We would expect any rules approved in H1 2024 to have compliance dates no earlier than December 31, 2024 and no later than December 31, 2025.
HOW HAS THE ACTIVE REGULATORY PERIOD, WHICH WE’VE BEEN IN THE LAST 24 MONTHS, SHAPED THE INDUSTRY? FROM YOUR PERSPECTIVE, HAS IT CREATED A BARRIER TO ENTRY?
No, not yet, although it may eventually. Despite the regulations, there is a growing demand for financial services. More individuals of all types and sizes participate in the financial markets each year, and there is a steady flow of new providers needed to serve this market. As regulations increase, it may be harder for small providers to compete on price, but they will likely continue to differentiate themselves with personalized and/or local service and trust. COMPLY is the largest provider of registration services for new Investment Advisory firms and we have not seen any signs that the pace of new firms entering the market has slowed. These new firms can more easily overcome regulatory barriers by partnering with a firm like ours.
HOW DO YOU THINK THE UPCOMING ELECTION WILL IMPACT REGULATORY ACTIVITY IN 2025 AND BEYOND? OR WILL IT?
This is likely to be a very unique election where both Presidential candidates have been President previously. We don’t need to guess how they’ll govern – we’ve already experienced it over the past eight years. If the Republican candidate is elected, there is likely to be widespread efforts to rollback regulations. If the Democratic candidate is elected, the current path of increasing regulation is likely to continue. Either candidate will need to deal with some thorny issues including persistently high inflation, an unsustainable budget imbalance, historically high national debt, and an uncertain social safety net. The U.S. financial markets are the strongest in the world and can weather whomever controls the next presidency and congress, but it becomes more difficult to manage if we continue to whipsaw back and forth every four years between two completely different visions of the structure and operations of our capital markets.
For more insights, best practices, and compliance plays download the 2024 U.S. CCO Playbook.