Compliance pitfalls to avoid amid coronavirus upheaval
The abrupt market crash caused by the coronavirus pandemic is a novel occurrence, but dealing with the compliance and regulatory implications of a rapidly declining stock market are not.
The dot-com bubble, the 9/11 attacks, the 2008 financial crisis and Hurricane Sandy (perhaps most applicable to our current situation) and several other less-dramatic market events have caused stocks to tumble yet have also yielded valuable lessons regarding key compliance concerns.
Off-site employee supervision, business continuity and data privacy
Many key compliance considerations pertain to the 2008 financial crisis. Hurricane Sandy, however, particularly demonstrates the value of an increased focus on employee supervision, business continuity and data privacy.
Supervisory responsibilities should be reviewed to ensure that they are both adequate and diligently performed. Particularly now, with many employees working remotely and outside the watchful eye of day-to-day supervision as the COVID-19 pandemic plays out, ensure your policies and procedures include monitoring procedures using a combination of technology and on-site reviews. As you may see an uptick in remote access in the coming weeks, test or employ your business continuity plan and flag any issues, particularly with regard to remote access, and work out any kinks such as IP address recognition or the number of VPN licenses.
Ensuring accuracy in disclosure to investors
This one is critical: Make sure that your disclosures to investors and clients are continuing, fulsome and transparent.
As a cautionary tale, consider that when the Reserve Fund broke the buck in 2008, the SEC charged it with failing to provide key material information to the Primary Fund's investors, board of trustees and ratings agencies after Lehman Brothers filed for bankruptcy protection. Indeed, failure to keep investors informed resulted in vast numbers of enforcement actions during the 2008 financial crisis. In particular, the SEC has pounced on numerous firms that failed to provide disclosure on their deteriorating financial conditions.
Investment advisors should also review their Form ADV Item 18 to ensure that their disclosures remain accurate.
Effective liquidity risk management
This emerged as a critical protective factor for firms that successfully navigated the 2008 financial crisis. Stress testing can help to help detect risks to your firm associated with large market moves, evaporation of liquidity, prolonged periods of market distress, or structural changes in markets. Both FINRA and the SEC have highlighted the importance of managing liquidity during times of market volatility.
Ensuring adherence to valuation and reconciliation policies
In addition to liquidity risk management, ensuring adherence to valuation and reconciliation policies should be a top operational focus during severe market stress. Valuations should continue to comply with your valuation policy and reflect fair valuations based on available inputs.
Many of the cases that arose from the 2008 financial crisis charged that firms overvalued securities as a result of inadequate valuation procedures and oversight. Reconciliation deficiencies also emerged as a material compliance matter during this time. Prior to the financial crisis, many transactions were not documented in a timely fashion, and trade portfolios with counterparties were not regularly reconciled, leading to mismatched trading books. Disputes between portfolio and trade valuations presented a major challenge in the close-out of trading books with defaulted counterparties.
Insider trading policies
A laser focus on adherence to policies is also critical with respect to your insider trading policy during market disruptions. Increased volatility makes the markets and individual securities more vulnerable to market-moving morsels of information that might not be considered material in more ordinary times. Firms should assess their insider trading policies to ensure compliance with them as written and that they are enforced.
Keep boards fully informed
Ultimately, boards should be provided with sufficient information so that they can serve as a backstop to ensure that policies are adhered to. The SEC has highlighted the importance of the board’s role in risk oversight. In order to fulfil their responsibilities, fund service providers must provide board members with accurate, relevant and timely information.
Firms must be cognizant of the added risk to data privacy if personnel are using personal devices to access sensitive information on the firm’s network, such as client’s personally identifiable information. Make sure to remind your personnel about your firm’s policies and procedures with regard to privacy safeguards, especially as they pertain to mobile devices, removable devices (i.e. flash drives) and secure email.
Investment advisors should spend some time reviewing the increased risks associated with these compliance areas during times of severe market disruptions such as the coronavirus pandemic. Increasing the level of focus on these items will help to facilitate smooth operations and sidestep potential regulatory issues in the long term.