Go to the profile of Dave Nash
Dave Nash
I’ve worn many hats at a SaaS Fintech Co., but what I enjoy most is building connections and improving compliance. Hope you enjoy my stories.

CCO Liability: Three Keys to Prevent Anxiety Attacks

Why you should thank a compliance officer today

Wednesday, the CCO role made Wall Street headlines as it was the subject of an article: The Most Thankless Job on Wall Street Gets a New Worry in the Wall Street Journal. Here is the free version of the article.

In short, the article combined recent SEC enforcement actions against CCOs with a New York Department of Financial Services proposal to require senior compliance officers to sign off on Anti-Money Laundering controls. These two items do not have to be combined and the situation is not as desperate as it may sound.

More articles featuring CCO’s in the cross hairs of regulatory enforcement actions have followed. Here is a good article about FINRA’s crackdown. Regulators feel that going after gate-keepers at firms is the best approach to ensuring compliance. Read this article that adds the threat of director liability to CCO liability.

Unequivocally, CCO liability is a high priority topic. In the past year, I’ve done a successful webinar, blog, and user conference panel on it. To be sure, compliance officers must protect themselves from liability and understand this topic. However, to the extent that “compliance officers are shaking in their boots”, I couldn’t say because none of the CCOs I meet are shaking.

Just the facts

First, out the of more than 8,000 enforcement actions since 2003, only five were against individuals with CCO-only titles at money manager firms, absent other issues. See the SEC Director of Enforcement, Andrew Ceresney’s full remarks at NSCP. These remarks throw cold water on the “CCO in the crosshairs” fire and have some great action points for compliance officers.

Second, the total number CCO enforcement actions are low:

• 2009–8 out of 76 cases (11%)

• 2010–7 out of 112 cases (6%)

• 2011–14 out of 146 cases (10%)

• 2012–16 out of 147 cases (11%)

• 2013–27 out of 140 cases (19%)

• 2014–8 out of 130 cases (6%)

See former commissioner Aguilar’s remarks here.

Most of these cases involved dual hatted CCOs and many of their activities went outside the traditional work of CCOs. These CCOs were also founders, sole owners, CEOs, CFOs, GCs, CIOs, PMs and board members.

Third, the facts in those cases demonstrate egregious misconduct that included the following:

· Failure to implement policies and procedures to prevent an employee from misappropriating client accounts

· Failure to conduct an annual review

· Making a material misstatement in Form ADV

· Failure to design written policies and procedures for outside business activities

· Failure to report a conflict of interest

· Aiding and abetting an investment adviser’s failure to adopt and implement written compliance policies and procedures

Also from Aguilar’s response.

What about those proposed sign-off rules?

A proposed New York Department of Financial Services rule would require senior compliance officers to certify bank systems for monitoring suspicious transactions that violate US economic sanctions and other rules. Senior officers who file incorrect or false annual certifications could be criminally prosecuted. This is analogous to Sarbanes-Oxley requiring auditors, CFOs, and CEOs to sign off on financial statements. More on the NYDFS proposal here.

Of course, the difference is that the CCO is not on the same level as CEOs and compliance is a staff not a line function. If the NYDFS wants to improve compliance, it would be better to hold corporate boards and CEO’s accountable. Read more on true accountability here.

However, this proposal only covers banks chartered in New York. The list includes some major names such as Barclays, Credit Suisse, Deutsche Bank in addition to a lot small traditional commercial banks. For a list of banks chartered in New York see here. It doesn’t apply to RIAs.

To summarize

The CCOs subject to enforcement actions have other jobs than CCO. Dual-hatting occurs at smaller shops with smaller budgets, but dual-hatting is not ideal for three main reasons:

· There is an inherent conflict of interest between the hats

· There is not enough time to adequately wear both hats

· The dual hatter may be well qualified and skilled in the other hat, but not the CCO hat

Where there is an enforcement action, it’s egregious. These CCOs should be prosecuted. They give a bad name to the role and the financial industry.

The senior compliance officers that may be asked to sign-off on AML controls work for banks chartered in New York and much of the compliance structure for those systems is already in place.

Why everyone should thank a compliance officer

Compliance officers wear the white hats. In our regulatory model, compliance officers are the essential partners with government to ensure compliance with securities laws. They are the key link to investor protection and market integrity. Compliance officers are often on an island in their firm. Compliance supports the business by ensuring the firm and its employees do not violate a complex array of laws and regulations that range from accounting for fees and expenses, trading for best execution, and cybersecurity. It’s not easy or stress free to wear the white hat. Compliance officers have to be versed in a variety of areas and courageous enough stand up for following the rules.

Actionable Advice

Automate: is what I’ve done for eight years and here’s my post on compliance automation. Automation has four main benefits: eliminates human error, decreases time spent on rote tasks, clearly demonstrates there is a true system in place, and shows that firm values compliance — tone at the top.

Outsource: you can’t outsource the compliance responsibility, but you can get help. I’ve had the good fortune to work with a number of well qualified compliance consultants.

Say Thanks: it’s free and it will make two people feel better.

5 Recommended Links for Further Reading

The thankless Wall Street Journal article at WSJ.com:

http://www.wsj.com/articles/now-in-regulators-cross-hairs-bank-compliance-officers-1454495400

The Andrew Ceresney NCSP Keynote — a must read:

https://www.sec.gov/news/speech/keynote-address-2015-national-society-compliance-prof-cereseney.html

Another gem from former SEC Commissioner Luis Aguilar:

https://www.sec.gov/news/statement/supporting-role-of-chief-compliance-officers.html

Prosecuting CCOs vs Holding CCO Accountable:

http://blog.volkovlaw.com/2016/01/prosecuting-ccos-v-holding-ccos-accountable/

Outsourcing the CCO Responsibility:

http://www.thinkadvisor.com/2015/12/28/advisors-own-your-compliance#.Vpkquy6g7R4.twitter