March 2023 Newsletter

FinTech Law & Joot

FinTech Law is an innovative, technology-driven law firm that provides legal and consulting services to startups, crypto-related and other technology companies, investment advisers, broker-dealers, private funds, registered funds, and other financial services companies.

Joot is a technology-driven compliance company that provides services to registered investment advisers and registered investment companies, such as mutual funds, closed-end funds, and ETFs. Joot’s clients include retail advisers, institutional managers, private fund managers, and mutual fund advisers.

For more information, please visit us online at fintechlegal.io and joot.io or contact us at info@fintechlegal.io.

Highlights

The SEC’s focus on rulemaking and crypto enforcement was not distracted by the banking crisis this month. On March 15, 2023, the SEC proposed changes to Regulation S-P (Privacy) and amended its prior proposal regarding cybersecurity. At the annual Investment Management Conference sponsored by the Investment Company Institute (the “ICI”), experts noted the heavy rule making burden being placed on smaller investment advisers and fund families. In particular, these experts noted that investment advisers and companies are currently grappling with the following rule proposals, all of which could go into effect in the next few years.

• Amendments to the Fund Names Rule
• Amendments to Swing Pricing and Hard Close Rules
• Outsourced Service Provider Rule
• Amendments to the Custody Rule and additional safeguards for RIAs
• Cybersecurity Rule
• Amendments to Regulation S-P

All of this at a time when investment companies are moving to the newly formatted annual report, digesting the new valuation and derivatives rules, and dealing with a highly volatile market.

For the most part, the industry is concerned that these rule proposals, with the exception of the cybersecurity proposal and Regulation S-P amendments, do not enhance investor protection and the cost of compliance outweighs the benefits of the new regulations. While this is the standard industry position whenever the Commission issues new rules, for once it rings true. The ICI believes that the SEC’s proposal on swing pricing will be the most significant transformation that the industry has seen in decades. In its comments on the rules and subsequent announcements, the ICI argued that the rule should only be passed if there are compelling reasons to do so and there is sufficient time to comment and consider the rule. The ICI’s comment letter raised three primary concerns. First, the SEC did not adequately explain the problem it is attempting to resolve. Second, there are substantial compliance costs, which will be too much for small and middle-sized funds, leaving investors with fewer choices and less competition. Third, the concept of dilution ranges from minimal to non-existence daily, usually less than 1/100th or 1/10th of a basis point; as a result, industry data doesn’t support the proposal. The ICI also noted that the hard close for daily trading would disadvantage investors on the West Coast and in retirement accounts.

The SEC has received more than 3,000 comment letters on its swing price and hard close proposals, many of which criticize the rule. Thirty different boards of directors weighed in on the SEC rule, the first time this many boards commented on a non- governance rule. The comment letters focused on the industry’s desire to understand why this proposal is being presented and what data supports it. To date, the industry can’t identify what issue the Commission is trying to address with these proposals. Overall, the industry is focused on delivering lower cost products and more investment options to investors, but this rule would inhibit those efforts.

From the SEC’s perspective, there has been an exponential increase in the amount of data being produced by investors and the technology that is capturing it. The staff believes that protecting this data and investor privacy is paramount; hence, the cybersecurity, Reg S-P, and outsourced service provider rules. The staff highlighted the risk of unauthorized access to such information. He discussed the Commission’s recent amendments to Regulation S-P. He noted it’s important that investors are given immediate notice when their data is compromised so that they can protect themselves. According to the staff, the outsourced service provider rule is needed because many investors are not aware that a service provider is serving core advisory functions because the advisory agreement suggests the adviser will provide all the services. The staff believes the use of outsourced providers creates risks to the investor, which they need to know about. Further, data breaches at these service providers could have an impact on an adviser’s clients. If the adviser outsources functions that are necessary without appropriate oversight, especially if the service is highly technical or proprietary to the service provider, then the adviser could be placing investors at risk. The SEC is correct that many advisers are increasingly relying on third parties to provide essential parts of their business such as index providers, sub-advisers, compliance, trading, and more. The increased use of outsourced business models underscores the need for advisers to provide effective oversight of the service provider. The Commission expects advisers to conduct initial and ongoing due diligence on service providers and has previously issued deficiencies for advisers that don’t have policies and procedures addressing vendor management. Now, the SEC is seeking to codify its position in a rule.

Finally, representatives of the Division of Examination provided some helpful information and reminders at the ICI conference. First, the staff noted that 70% of RIA exams end in a deficiency letter, 20% end with no comment, and 10% are referred to the Division of Enforcement. The examination staff is busy handling the impact of the new marketing rule for investment advisers, which is still grappling with the application of the rule. Additionally, this year’s exams will also focus on the implementation of the new Valuation Rule (Rule 2a-5), including how registrants are meeting the recordkeeping requirements and if they are making any adjustments to valuation methodologies. Other areas of focus include governance practices, oversight of third-party service providers, and recordkeeping.

From a trustee and director perspective, the Division of Examinations is looking more closely at board consideration of advisory agreement renewals when the Fund’s performance is poor. The staff reminded registrants that committee and board minutes need to be meaningful, and shouldn’t be cut and paste exercises. Additionally, Board should not be a rubber stamp for adviser proposals; rather, advisers should be transparent with the board, especially with issues related to service providers.

The staff also noted that there is no formula for when an examination issue is referred to the Division of Enforcement, but some of the factors considered by the examination staff include the following items.

• Fraud
• Investor harm
• Recidivist conduct / failure to correct prior issues • The seriousness of the violations
• Whether the firm already correct the issue
• Frequency of the violation
• Intentionality and recklessness.
• Deception during the examination
• Refusal to cooperate during an examination

In summary, the Commission does not appear to be taking its foot off the rulemaking gas pedal, and while its full speed ahead with regulatory updates, the staff will continue to conduct the basic blocking and tackling of examinations.

Bo J. Howell

FinTech Law/Joot, Managing Director

SEC Regulatory Activity

SEC Publishes Short-Term and Long-Term Agendas for 2023

The SEC’s short and long-term agendas were published on January 4, 2023. Topics that could affect investment adviser and investment companies include:

Short-Term Agenda:

Matters Identified in the Proposed Rule Stage

• Digital engagement practices for investment advisers and broker-dealers
• Outsourcing by investment advisers and rules related to advisers’ oversight of third-party service providers (i.e., vendor management)
• Registered investment companies’ fees and fee disclosure (since 2022)
• Open-end fund liquidity and dilution management
• Custody rules for investment advisers
• Reg. D and Form D amendments, including updates to the accredited investor definition

Matters Identified in the Final Rule Stage

• Form PF and reporting requirements for investment advisers to private funds
• Investment adviser disclosures and governance relating to cybersecurity risks
• Rules relating to transparency, conflicts of interest, and certain other matters involving private fund advisers, and documentation of adviser compliance reviews
• Enhanced disclosures by investment advisers and funds about ESG practices
• Investment company names rule
• Money market fund reforms
• Tailored shareholder reports, treatment of annual prospectus updates for existing investors and improved fee and risk disclosure for mutual funds and ETFs, and fee information in investment company advertisements
• Enhanced reporting of proxy votes by funds and reporting on executive compensation votes by institutional investment managers

Long-Term Agenda:

• The role of certain third-party service providers and the implications for the asset management industry
• The regulatory regime for transfer agents

(1/4/23)

SEC Issues Bulletin on Differential Advisory Fee Waivers

On February 2, 2023, the staff of the SEC’s Division of Investment Management issued a bulletin that cautioned investment company and their boards about the risk of cross-subsidization of differential advisory fee waivers. These arrangements permit fee waivers and expense reimbursements that cause different advisory fees to be charged to different share classes of the same fund, a practice that the staff views as prohibited cross-subsidization between classes. (2/2/23)

SEC Division of ExamsAnnounces 2023 Priorities

The SEC Division of Examinations announced their 2023 examination priorities. Here are a few highlights:

• New Investment Adviser and Investment Company Rules: The SEC will focus investment adviser exams on the new Marketing Rule place and for investment companies, the focus will be on the new Derivatives and Fair Valuations Rules.
• RIAs and Private Funds: The SEC will continue to focus on key areas such as the compliance program, fees and expenses, custody, conflicts of interest and the use of alternative data. For private fund advisers, they will focus on portfolio strategies, risks management and investment recommendations and allocations, conflicts and proper disclosures.
• Retail Investors and Working Families: The SEC will continue to focus on broker-dealers and RIAs are satisfying their obligations under Regulation Best Interest and the Advisers Act fiduciary standard to act in the best interests of retail investors.
• Environmental, Social and Governance (ESG): Exams will continue to focus on ESG-related advisory services and fund offerings.
• Information Security and Operational Resiliency: Exams will focus on practices to prevent interruptions to mission-critical services and protecting investor information, records and assets.
• Emerging Technologies and Crypto-Assets: The SEC plans on conducting exams of broker-dealers and RIAs that are using emerging technologies or emerging practices, including the offer, sale or recommendation of crypto-related assets.

(2/7/23)

SEC Proposes Revision to Privacy Act Rule

The SEC has proposed revisions to the Privacy Act to help clarify, update, and streamline the current rule. The revisions would codify current practices for processing requests, provider greater clarity for how individuals can access personal data and would allow for electronic methods to verify one’s identity. The proposed rule, if approved would replace the current Privacy Act regulations. (2/14/23)

SEC Proposes Enhanced Safeguarding Rules for Registered Investment Advisers

The SEC has proposed changes to the Custody Rule. The proposal includes broadening the application of the current investment adviser custody rule beyond client funds and securities but would include any client assets in an adviser’s possession or authority to obtain possession of client assets, including digital assets real estate and bank loans. These assets would be required to be kept at a qualified custodian, like a bank or broker-dealer, and the adviser must obtain written assurances from a client’s custodian that it will offer specific custodial protections. (2/15/23)

SEC Proposes Changes to Custody Rule

The SEC has announced new proposed rule changes to improve and enhance protections of investor assets managed by U.S. registered investment advisors. The proposed rules would expand the current RIA custody rule to include any investor assets in the RIA’s possession or when an RIA has authority to obtain possession of investor assets. The proposed rule would continue to entrust the safekeeping of assets to qualified custodians. These changes are intended to ensure that qualified custodians provide a certain standard and level of custodial protection when maintaining an advisory client’s assets. (3/1/23)

SEC Proposes Changes to Reg S-P to Enhance Protection of Customer Information

The SEC has proposed new amendments to Regulation S-P that would enhance the protection of customer information by requiring broker-dealers, investment companies, registered investment advisers, and transfer agents (collectively, “covered institutions”) to provide notice to individuals affected by certain types of data breaches that might put these investors and clients at risk of identity theft or other harm. (3/16/23)

SEC Proposes New Requirements to Address Cybersecurity Risks to the U.S. Securities Markets

The SEC had proposed new requirements for broker-dealers, clearing agencies, major security-based swap participants, the Municipal Securities Rulemaking Board, national securities exchanges, security-based swap data repositories, security- based swap dealers, and transfer agents (all collectively, “Market Entities”) to address their cybersecurity risks – whether latent or realized. (3/16/23)

SEC Proposes to Expand and Update Regulation SCI

The SEC has proposed amendments to expand and update Regulation Systems Compliance and Integrity (“SCI”) – the set of rules adopted in 2014 to help address technological vulnerabilities in the U.S. securities markets and improve Commission oversight of the core technology of key U.S. securities market entities. These amendments would expand the scope of SCI entities to include registered security-based swap data repositories; all clearing agencies that are exempt from registration; and certain large broker-dealers, in particular, those that exceed a total assets threshold or a transaction activity threshold in national market system stocks, exchange-listed options contracts, U.S. Treasury securities, or Agency securities, among other strengthened requirements of Regulation SCI. (3/16/23)

SEC Reopens Comment Period for Proposed Cybersecurity Risk Management Rules and Amendments for Registered Investment Advisers and Funds

The SEC has reopened the comment period on proposed rules and amendments related to cybersecurity risk management and cybersecurity-related disclosure for registered investment advisers, registered investment companies, and business development companies originally proposed by the Commission in February of 2022. This comment period will allow interested persons more time to analyze the issues and prepare comments considering other regulatory developments over the last year. (3/16/23)

Federal Actions

New Exemptions for Small Business M&A Brokers

On December 29, 2022, President Biden signed into law the Consolidated Appropriations Act of 2023 (H.R. 2617) that includes an exemption from registration with the Securities and Exchange Commission for small business mergers and acquisitions brokers (“M&A brokers”), which is designed to benefit broker-dealers handling smaller deals in local communities, and to reduce initial and ongoing costs. (2/15/23)

SEC Enforcement Actions

Kraken to Discontinue Unregistered Offer and Sale of Crypto Asset Staking-As-A-Service Program and Pay $30 Million to Settle SEC Charges

The Securities and Exchange Commission today charged Payward Ventures, Inc. and Payward Trading Ltd., both commonly known as Kraken, with failing to register the offer and sale of their crypto asset staking-as-a-service program, whereby investors transfer crypto assets to Kraken for staking in exchange for advertised annual investment returns of as much as 21 percent. (2/9/22)

Joot/FinTech Law Blog Updates

Raising Capital in Early-Stage Startups

Startup culture is by nature difficult and there are many hoops to jump through to achieve success. One of the most difficult aspects, especially in the early stages, is raising capital. Luckily, there are strategic steps that startups can take to properly navigate the compliance landscape of raising capital. (2/10/23)

This Week in FinTech & Compliance #3: The FTX Saga Continues

In this installment of “This Week in FinTech & Compliance”, we take a look at the SEC’s formal charges against FTX Co-Founder and former Co-Lead Engineer Nishad Singh and the implications these recent charges may have on the crypto community and DeFi landscape. (3/3/22)

Industry News

Investment Company Institute President’s Address

During the Investment Company Institute’s 2023 Investment Management Conference, ICI President and CEO, Eric J. Pan, addressed the attendees and members. Mr. Pan’s theme of discussion and address was “Celebrating the Mutual Fund and the Appropriate Role of Regulation.” Read Mr. Pan’s full address here. (3/20/23)

ICI Releases 2022 Annual Report

Following the Investment Company Institute’s 2023 Investment Management Conference, the ICI has released it’s 2022 annual report for members. This report includes topics such as “Advocating for Regulated Fund” and discussions of “Expanding Reach”. Read and download the report here. (3/22/23)

SEC Exam Priority Crossover: 2020 - 2023

The Joot team reviewed the SEC’s examination priorities from 2020 to 2023 and found some significant crossover in priorities of the previous years. There are four key exam priorities the SEC has focused on since 2020 and, through 2022’s groundbreaking year of enforcement actions, the 2023 priorities suggest the SEC will continue to focus on these areas with extreme precision.

1. Emerging Technologies, FinTech, & Crypto Assets
2. RIAs to Private Funds
3. Retail Investor Protections, including Seniors & Individuals Saving for Retirement
4. Information Security and Operational Resilience

With cryptocurrency and DeFi events flooding the news and issues with investors losing large portions of their investments highlight front pages, it is easy to understand why these four priorities are on the SEC’s mind. Emerging technologies go hand-in-hand with retail investor protection issues and information security mishaps. As these priorities continue to be a main focus, we encourage our clients and readers to revisit their compliance programs and requirements to make sure their investors are securely protected and actions are in place to alleviate and potential compliance gaps.