Keynote Address: ACA Compliance Conference

New Kid in Town

Today I will try to bring together my experience in the Division of Investment Management and the Office of Compliance Inspections and Examinations to talk about what I will call the “Compliance Calculus” that every firm must do as it decides what resources it will devote to compliance.  Each of your firms must balance many factors in deciding how to staff and fund compliance:  your duty to your clients; the nature and complexity of your business; the ability of individuals or your firm to disadvantage clients or steal from clients whether intentionally or unintentionally; the likelihood of wrongful conduct being discovered; and the possible penalties for such conduct.  There is no one methodology or one solution to the Compliance Calculus.  Firms vary greatly in their structure and organization and each of your firms will have to find the right balance among these factors.  However, I hope you will find it helpful as I discuss how I evaluate the elements of the Calculus in light of my experience at the SEC.  In particular I think exploring some of the changes that SEC leadership made over the last five years will help you as you undertake this calculus to allocate your resources.

After discussing the Compliance Calculus in terms of the SEC, I will introduce a new factor that all of you must take into account as you balance compliance needs against all the other priorities in your firm.  The Dodd-Frank Act has ushered in a new era in the financial services industry, and, as the Eagles sing, there is a “New Kid in Town”.  This new kid is the Financial Stability Oversight Council composed of ten regulators, including the heads of the top US financial services regulatory agencies. The Council also has an international cousin, the Financial Stability Board, of which the US Treasury, the Federal Reserve and the SEC are also members. The Council spent much of 2014 considering the potential systemic risks of the asset management industry and in late 2014, the Council issued a series of questions about the asset management industry for public comment. If you work in a firm that is not in the asset management business you may view the Council’s interest in the asset management industry as an issue that does not concern you.  Today I commend to you that the Council’s interest in financial services in the United States is not a distant battle being fought between a few large asset managers and the federal government but is in fact important for everyone in the US financial service industry.  Much of the publicity around the Financial Stability Oversight Council has been centered around the designation of banks and insurance companies as systemically important financial institutions. Those of you in compliance in the nonbank portion of the financial services industry should also be paying attention to what the Council is doing and should understand that the question of designation of firms as systemically important has ramifications for the entire industry.

In May of last year the Council held a public roundtable on the risks that might be presented by the asset management industry.  As the Director of Investment Management at the SEC I delivered remarks that day on the size and breadth of the asset management industry, highlighting the regulation of the industry and its resilience. Here we are almost one year later with notices for public comment out from both FSOC and FSB on asset management and all other nonbank financial services activities.  My comments today will hopefully shed some light for you on the mindset of some of these regulators and explain how it impacts the Compliance Calculus that you must undertake.

My Experience at the SEC

I’d like to begin by discussing some of my experiences at the SEC and how they relate to the Compliance Calculus that each firm must make about how to allocate resources to compliance.  I started at the SEC in January 2010 supervising examinations of firms involved in the investment management industry in New York and New Jersey.  In the summer of 2010 I became the Deputy Director of the Office of Compliance Inspections and Examinations with responsibility for, among other things, supervising the National Exam Program for broker-dealers, investment advisers/investment companies, exchanges, clearing agencies and credit rating agencies and working on policy issues arising out of the passage of Dodd-Frank in July 2010.  While serving in these roles, I was involved in resolving issues arising from examinations of every type of SEC registrant.

The senior leadership of OCIE, the regional offices, OCIE Director Carlo di Florio and I worked to reorganize the SEC’s examination program after the revelations concerning Ponzi schemes run by Madoff and Stanford.  Among the steps we took were to bring in more industry experts to help examiners with examinations, automating the exam report process so that exam reports are available to all offices and structuring examinations to put more supervisors in the field.  OCIE leaders since have continued to improve the examination program with initiatives such as the Presence Exams and the “never before examined” program.

There has been a lot of attention in recent years to the percentage of investment advisors examined each year by OCIE which has hovered at or below 10% of advisors annually.  This figure is well below the percentage of broker-dealers that FINRA examines each year and has received attention on Capitol Hill and in the press for being too low.  We could all probably agree that the percentage of firms examined each year should be higher.  However, the number of firms examined does not tell the whole story of OCIE’s efforts in this area.  As part of the reorganization of OCIE, we formed the Office of Risk Assessment and Surveillance to monitor data on financial services firms to help select firms for potential examinations. That Office reviews data on Form ADV and other Forms filed with the Commission to determine what registrants SEC examiners should visit.  OCIE’s review of this data means that information about far more than 10% of advisors is carefully reviewed and considered in the process of selecting candidates for examination.  In addition, the firms that are examined represent a far larger percentage of assets under management in the industry.

In July 2012 Chair Mary Schapiro appointed me the Director of the Division of Investment Management and I served in that position until the end of January of this year.  In the Division we developed the new Risk and Examination Office to better evaluate the risks presented by products and firms by analyzing data on the investment management industry.  We also reorganized the Division to increase communication across the Division and provide more opportunities for staff development. This reorganization included reducing the number of offices in the Division to make it easier to share information across the Division.  We completed significant policy projects such as the adoption of money market fund reforms and the approval of a new type of Exchange Traded Mutual Fund last year.

In my five years at the Commission I had the privilege of serving under three Chairs, Mary Schapiro, Elisse Walter and Mary Jo White, all of whom have made refocusing the SEC to be more effective a top priority.  Under their leadership the agency has become more data-driven to keep pace with developments in the industry.  One of the most powerful memories I have of seeing this new data-driven focus and mindset in action is of a meeting I participated in last fall on the agency’s data gathering project.  It almost startled me when I realized that we had about a dozen experienced PhD’s, risk managers and portfolio managers sitting around tables in New York and Washington linked by video and discussing with the rule writing staff what data points should be included in the data gathering proposal.  It dawned on me that none of those dozen people worked at the SEC when I arrived in January 2010. The infusion of this new expertise has made the agency much stronger and better equipped to carry out its mission.

My service in the agency on behalf of American investors and markets was an honor and a privilege.  It will always be the highlight of my career and I am grateful for the opportunity to have served at the SEC during a time when it faced significant challenges and changes. The needs and interests of investors were always on our minds, investors who are saving and investing for retirement, a child’s education and so many other real world goals.  I urge everyone here to think about how they can do their part to serve this great nation that has given us so much.

In addition to my SEC experience, I am the former General Counsel and Chief Compliance Officer of an investment advisor to hedge funds so I have sat in the seat that many of you occupy now.  I have both served as a Chief Compliance Officer and hired two Chief Compliance Officers.  In my time as a partner in an investment management business I had to undertake the analysis of what resources to devote to compliance and how to structure a compliance program.  In addition, as a Director at the Managed Funds Association I worked with many other General Counsels and CCOs to put together a set of private fund industry best practices for hedge fund managers.

At present I am a Visiting Scholar at Harvard Law School where I am conducting research and writing about some of the issues I found most interesting during my time at the SEC.  It has been interesting to pause and reflect on the more than six years that have passed since the crisis.  I’d like to acknowledge my research assistants at the law school, Jacqueline Trudeau, Amanda Liverzani and Cam Nunery, for their help with research, including on today’s speech.  They are, of course, only responsible for any good results, everything else is my fault.

The Compliance Calculus

As I think about compliance after my time at the SEC and as a CCO, it all comes back to resource allocation.  At one end of the spectrum a business registered with the SEC could devote all of its efforts to compliance and it would have no business.  At the other end of the spectrum a registered business could spend no resources on compliance in which case it would most likely be reported by a whistleblower or client and would find itself shut down by the SEC.  Between those admittedly farfetched extremes is a vast middle ground where firms must decide how much time, money and staff to allocate to compliance.  We clearly have fraudsters who are the ones that would be devoting no resources to compliance. But outside of that limited group, I believe the vast majority of people in the industry are trying to do the right thing and meet their compliance obligations with the resources they have.  But there is that word again “resources”.  How should a firm go about determining the right level of effort and resources to place on compliance?

What Is Your goal?

First and foremost, you must decide what your goal is for your compliance program. Now the obvious answer is that the goal of your compliance program is to comply with the federal securities laws or whatever other laws you are subject to in your business.  However, it is just not that simple. We are in an environment where more and more regulation is being added to the books everyday —  more on that later when I discuss the Financial Stability Oversight Council. For a large organization, 100% compliance with every single law or regulation applicable to it with no lapses ever simply may not be a realistic goal given the breadth of its operations in the US and abroad.  The same might be true for a very small organization that has not invested in the legal and compliance advice necessary to comply with all aspects of the laws or regulations applicable to the business.  I suggest that each business set a realistic and attainable goal for its compliance program.

What should the goal of your program be?  Let us first consider this in light of the SEC’s potential examination of a firm. There are three possible outcomes of an OCIE exam: a no deficiency letter, a deficiency letter or a referral to Enforcement. I think we can all agree that the third outcome is to be avoided if possible.  The largest firms in the securities industry can withstand settlements with Enforcement and continue on but for the average registrant, Enforcement investigations are time consuming, distracting, expensive and detrimental to their business reputation.  In the case of smaller firms that rely on the trust of a small number of clients, the mere fact of an Enforcement investigation can be fatal to the business as those clients may flee the firm. As a client relations matter, whether you are a broker-dealer or an investment advisor, an Enforcement investigation or settlement that indicates that you harmed clients is difficult to overcome.  SEC Enforcement actions are of course civil actions and have all of the extensive discovery, depositions and other activities that are inherent in such actions.  High profile cases recently have included criminal actions for securities law violations, particularly insider trading cases. These cases have included wiretaps and other investigative tools that make civil litigation discovery look tame. The consequences of criminal charges against individuals have included jail for the individuals and generally the collapse of their firms.

While avoiding an SEC Enforcement civil action, or worse, a criminal action from the Department of Justice, may be an non-controversial goal for your compliance program, should your goal be to obtain a letter after the exam indicating that you have no deficiencies? When I wore my regulatory hat I certainly hoped that you would have that goal of no deficiencies. And in fact I still think all those involved in compliance should aspire to have no deficiencies.  But the reality is that it is difficult to achieve a no deficiency result for a variety of reasons.  Financial services firms will need to balance the benefits associated with a no deficiency letter with the potentially significant costs and resources that must be used to obtain such an outcome.

The reality of the situation is that OCIE statistics show that generally fewer than 20% of the firms that are examined receive a no deficiency letter. The reasons for this are many but you should understand the approach of OCIE examiners as they examine your compliance program.  The examiners are public servants who take their jobs very seriously.  The surveys of SEC employees show a high level of commitment to the SEC’s mission.  Examiners support the SEC’s mission and they have a responsibility to protect investors by looking closely at your operation.  You should try to educate examiners about your business as you know your business better than anyone else.  Make sure that you outline to the examiners the steps you have taken with your compliance program.  In particular, make sure you articulate how you are protecting your client’s interests as that will go a long way to reassure the examiners that you are trying to do the right thing.  Communication is an easy and often overlooked opportunity to build stronger relationships with your examiners and will help them understand your business and compliance objectives more clearly.  As I have often remarked, a culture of compliance is what regulators are endeavoring to foster, and transparency and communication are easy ways to help cultivate an authentic culture of compliance.

Particularly now that OCIE takes a risk-based approach to select examination candidates, the examiners spend most of their time in firms that have been identified as risky in some measure by OCIE’s Office of Risk Assessment and Surveillance.   In fact, one exam supervisor once suggested to me that OCIE pick some firms we considered less risky for examination so that the new examiners would see what a good shop was like.  To some degree, the “never before examined” program was designed to take a look at firms that had been viewed as less risky and always slipped to the bottom of the priority list for examinations.

How Do You Get to Your Goal?

So if you set your goal such that you are willing to receive some deficiencies but nothing so serious as to result in a referral to Enforcement, how do you walk that line and not fall in to Enforcement?

Watch Out for Your Clients

First and foremost keep your eye on your client’s best interest.  I say this whether you are an investment advisor obligated to put the client’s interest first or a broker dealer subject to the suitability standard, at least for now.  Chair White recently gave a speech indicating that she is in favor of extending that duty to broker-dealers as well. Make sure that you design your compliance policies and procedures to protect your clients.  If you get caught taking advantage of your clients, in my view you have a much higher chance of ending up in Enforcement. I know from my own experience of working with my colleagues at the SEC that facts that demonstrate that clients have been harmed are more likely to result in referrals to the Enforcement Division.  If you are an investment advisor, you have a fiduciary duty to act in your client’s best interest.  All across the Commission violations of that duty are taken seriously.  For the industry, you have to understand that financial services is a trust business.  Clients and investors are giving you their money because they trust you to do the right thing.  If you want to avoid a referral to Enforcement and damage to your reputation, take care to earn your clients’ trust.  Later I will suggest that you not only disclose all material facts to your clients but that you seek to educate them as well.

Stay Current with the SEC

Second, make sure you stay informed and updated about the issues that are of concern to the SEC. Significant changes in OCIE and the Division of Investment Management over the last five years have made this much easier.  Many of the efforts we made in Investment Management and OCIE were to increase transparency both inside the Commission and outside the Commission.   In the Division of Investment Management as we assessed the state of the Division in 2012 we asked all of our stakeholders what we were doing well and where we could improve.  While the consensus was that IM did great legal work on rule proposals, there was also considerable feedback that IM was not transparent in what it was working on and what it was concerned with in the IM area.  One of our responses to that concern was the creation of IM Guidance Updates where IM could speak directly to industry participants.  If you look at the IM portion of you will now find IM Guidance Updates that provide transparency into IM staff’s views on a variety of issues.  OCIE now publishes a series of risk alerts and annual exam priorities.  Particularly this year the list of exam priorities was shorter than it had been in prior years. The IM Guidance Updates, Risk Alerts and Exam Priorities are a free window into the topics that are on the minds of SEC staff.  Do not miss the chance to learn from these communications and adjust your compliance program to reflect these priorities.

I would like to extend this point to ask that you help the Commission staff by providing input on rule proposals that come from the Commission.  On December 11th, Chair White gave a speech outlining five rule projects being worked on by the Division of Investment Management: data gathering, derivatives, liquidity management, transition plans and stress testing. I urge you to work with Commission staff in the Division to provide your views on these topics.  In your organization you may have expertise on one or more of these rule making projects.  Commission rule making staff is incredibly talented and does its best to craft rule proposals that can present many options for public comment.  However, Commission staff may not have the expertise you have in the proposed rulemaking topic. Your input is extremely valuable to the staff as they frame out rulemaking proposals.  The Commission takes the input it receives from registrants, industry, and other stakeholders very seriously in the development of policy proposals.  Whether you reach out directly to the staff to request a meeting, send a letter or other information and analysis, or provide a formal comment letter in response to a proposed rulemaking, all of your input is read and seriously considered.  Don’t underestimate how important your expertise and data is and how much you can affect policy outcomes.  I strongly encourage you to engage with the agency, both at the staff and Commission levels, as much as possible.

Your input on possible policies makes sense from the perspective of making your Compliance Calculus as well.  I can’t tell you how many times stakeholders came in to the SEC and pointed out possible issues with a policy that we had not thought of before they raised the issue.  On the other hand, I recall several times when stakeholders came in to complain about a rule after it was adopted.  When I asked them if they had commented on the proposed rule before it was adopted, they often said they had not.  It is your precious resources that are going to be devoted to complying with an SEC rule.  It makes sense to spend some of your resources up front to try to make the rule as tailored as possible to address the problem it is intended to solve and minimize the unintended consequences.

I’d like to highlight two other efforts by the Division of Investment Management to stay connected with the industry. In 2012 the Division of Investment Management created its Risk and Examinations Office pursuant to a Dodd-Frank mandate that the Division hire examiners to work alongside professional staff in the Division. Since we knew that we did not want to try to replicate the examination program conducted by OCIE, the Division hired staff for REO that had strong quantitative backgrounds as well as lawyers, accountants and examiners.  REO works with data that is provided to the Commission by asset management firms and also uses data from third-party service providers.  Using this data, REO can look for emerging risks and trends in the investment management industry and of particular firms.  REO can analyze new products to help the IM staff understand their risks and characteristics.  While REO can conduct exams where needed on policy issues, generally it has been able to do so by partnering with OCIE on existing examinations that OCIE has open. REO gives the Division of Investment Management capability with industry, firm and product data that informs the SEC staff’s efforts to provide guidance, make rules and promote full and fair disclosure.

The other significant way that the Division of Investment Management promotes communication with the industry is through its Senior Level Engagement program where senior members of IM leadership and senior members of OCIE leadership meet with the boards and senior managements of significant asset management firms. The SLE program was established as a collaboration between OCIE and IM as an opportunity to increase our understanding of developments in the asset management industry and a mechanism for establishing a more robust and ongoing dialogue with the leadership of larger asset management firms.  When there are significant market events, Commission leadership looks to the staff to have a firm understanding of what is happening in the registrants within our regulatory purview.  Soon after arriving at the agency, my colleagues and I soon realized that if called upon to given an accurate assessment of how the asset management industry might be responding to a particular market event, we needed to establish stronger relationships with key registrants and be able to both garner information from them as well as share our concerns and priorities.

In determining the firms to participate in the Senior Level Engagement Program, the Division selected a cross-section of investment management firms in the United States for the program based on their size, activity mix, product mix and geography. OCIE also has selected a mix of large broker-dealers and IM leadership accompanies OCIE leadership on those visits as well.  These conversations between SEC leadership and firm leadership provide an opportunity for the SEC staff to better understand the industry they regulate and gives industry leaders a chance to discuss risks that they see.   As the Senior Level Engagement Program developed, we saw firms reach out and contact the Division to initiate discussions with the staff.

Whether Division staff contacts you or you choose to reach out to Division staff, I urge you to engage in dialogue with the staff about what you are seeing.  I often likened being at the SEC as similar to those terrariums we had when we were kids.  When I was in the investment management business there were always outsiders around whether they were sell side personnel, consultants, lawyers or accountants.  At the SEC staff works in guarded offices and indeed, in DC, the elevators don’t even work unless you have an ID card. There are no outsiders ever unless you are warned they are there.   That kind of isolation is dangerous and I applaud the SEC’s efforts to reach out for industry knowledge and data. I urge you to support those efforts because a better informed SEC staff is much more likely to craft policies that address issues without being overly burdensome.

Make a Plan

My third recommendation is that you use the information you have about SEC concerns, particularly with regard to fair treatment of clients, and the nature of your business to come up with a plan about how to allocate your resources.   You are in the best position to know your firm.  The SEC collects quite a lot of data on firms but you know your firm best.  For instance, if you are managing a fund that trades liquid public securities with widely available end-of-day quotes, then valuation is not the issue for you that it is for a hedge fund that invests in hard-to- value distressed debt.  As the CCO or a member of the compliance department identifies the instances where your firm can favor itself over the clients or favor one client over the other, put your resources towards policies and procedures that manage those conflicts.  Hire the right people and buy the right systems but make sure you as CCO are on top of the issues.

As my colleagues in OCIE and I met with boards of directors and senior managements at investment management firms around the country, I would summarize CCO issues down to two topics — standing and resources.   We always wanted to see what standing the CCO had within the senior management of the company. We were interested in whether the CCO had a relationship with other members of senior management such that the CCO had access to the information needed to understand where to allocate compliance resources. The most encouraging for us was to see CCOs that were well-integrated with management and understood both current business issues that might result in compliance questions but also understood where the business was going so that they could anticipate future compliance needs.  On the other hand, interfacing with CCOs who seemed out of the loop or not connected to senior management and the Board was a concern.

Now I’m sure that the CCOs among you would be happy if I said that increased funding for compliance resources was one of the SEC’s priorities.  That would be something you could take back to your CEO and use to increase your budget!  However, it is more a case of adequate funding to provide the staff and technology resources to accomplish your compliance program.   While I was at the Commission we saw compliance programs that were lavishly funded but they did not appear to be sufficiently integrated into the business to be able to detect issues of mistreatment of clients.  Conversely, a smaller compliance program staffed by knowledgeable individuals who are seamlessly integrated into the business and supported by technology that can make them even more effective can be entirely appropriate.  As we so often said when we wore our Commission hats there truly is no “one size fits all” approach to compliance.  Programs must be the right size to detect and prevent compliance violations in the business.

When I was at the Commission we also looked at other support for the compliance function that could indicate how effective compliance is at a particular firm.   These other supports for compliance can include departments such as internal audit, risk management and the business units themselves. The degree of support the compliance function receives from these other departments within the firm can be an indicator of how likely it is the firm will identify problems that may impact clients and put in place policies and procedures to mitigate those conflicts. I have seen instances where risk management would program into its risk reports  regulatory requirements that are important from a compliance perspective such as threshold reporting in US and non-US jurisdictions. This kind of support by a quantitative part of the firm can be quite reassuring that legal and compliance personnel are not carrying out tasks that are better suited to departments and staff that routinely analyze the firm’s data for risk or other purposes.

Test, Test, Test

My fourth and final recommendation is that you devote a part of your resources to testing and reevaluating your compliance program as often as necessary.  You will often hear SEC personnel say that a stale compliance manual is worse than no compliance manual at all.  Keep your compliance program fresh and subject to constant review.  If you enter a new business or expand to a different country, make sure that your program adjusts to the new facts. See if your program is producing exception reports.  Compliance is a human endeavor.  By definition, human endeavors make mistakes.  The SEC is not going to believe it if your program uncovers no mistakes.  For your own comfort with your program, make sure your program is robust enough to find mistakes and errors and go ahead and correct your program to head off those problems next time.  Show the SEC that you have a culture of compliance that is constantly improving and adjusting and you will come through an exam or other inquiries well.

I hope that this outline of what I have called the “Compliance Calculus” is helpful as you design your own programs to protect your clients and obey the federal securities laws.  This calculus was what we went through when I was a CCO and I have tried to reflect on it based on  my five years at the SEC and the attitudes and outcomes that I saw inside the building.  Now I would like to turn to a new factor that those of you who are in the financial services business need to consider as you carry out your own “Compliance Calculus.”

New Kid in Town

There is a new factor to your “Compliance Calculus” that was not there a few years ago.  I am of course referring to the Financial Stability Oversight Council created by the Dodd-Frank Act of 2010 and made up of the top financial services regulators. The Compliance Calculus that we just ran through was focused on the view that the SEC would take on your compliance activities in light of the statutes that it is charged with administering.  The new reality of federal financial services regulation is that the SEC is no longer the only regulator of broker-dealers, investment advisors and investment companies registered with the SEC under the Securities Exchange Act of 1934, the Investment Company Act of 1940 and the Investment Advisors Act of 1940.  Many of you may be aware of the report that the Council’s Office of Financial Research issued in late 2013 about the asset management industry in the United States. The Federal Reserve and other regulators on the Council are looking at all aspects of the financial service industry for systemic risk and that examination is not limited by what statutes traditionally governed portions of the industry such as broker-dealers or asset managers.  As you make your Compliance Calculus, understand that everything the nonbank financial service industry is doing is being watched by federal regulators beyond the SEC.

To get a feel for the attention being directed to the nonbank sector by the Financial Stability Oversight Council, consider a recent speech by the Vice Chairman of the Federal Reserve Board Stanley Fischer. In the speech Vice Chairman Fischer outlines the risks he sees with broker-dealers that rely on short term financing or mutual funds that promise daily liquidity to their shareholders.  He then outlines his principles for the prudential regulation of “Nonbank Intermediaries and Activities.”  These principles include two main features: solvency and liquidity; as well as close monitoring of the nonbank system as it inevitably evolves.  Vice Chairman Fischer notes that to promote solvency at nonbanks, regulators could impose capital requirements or require stress tests.  It is not clear from the speech exactly how these rules would be imposed on nonbanks but Vice Chairman Fischer does discuss the power of the Council to designate institutions as systemically important, including the four nonbanks already designated — GE Capital, Prudential, AIG and MetLife.  He also discusses reforms in the securitization and derivatives areas.  Vice Chairman Fischer then notes the changes that the SEC adopted last year for money market funds and the improved collection of data on money market fund holdings on Form N-MFP.  As Dr. Fischer notes in his speech, and as I mentioned earlier, the Council recently asked for comment on a set of questions about the asset management industry.

At the same time that US regulators are asking about activities in the asset management industry, the Financial Stability Board released a Consultative Paper in March about the risks of Non-Bank Non-Insurer Global Systemically Important Financial Institutions. Such entities are known by the awkward acronym “NB NI G-SIFIS.”  The FSB paper is not confined to asset management but, like Vice Chairman Fischer’s speech, encompasses all aspects of nonbank financial services.  While the Consultative Paper discusses its methodologies for nonbank activities like asset managers and investment funds, it also spends a great deal of time analyzing the risks of finance companies in the consumer, mortgage, transport and business sectors.  And broker-dealers have a section devoted to their risks a well.  Not content with these sectors, the Consultative Paper concludes with a Section number 8 that discusses how the FSB may look at other types of entities.

I am not here today to discuss the merits of Dr. Fischer’s speech or of the FSB’s Consultative Paper.  Rather, I want to call your attention to all of this activity by the New Kid in Town.  In that Eagles song Glenn Frey sang “Great expectations, everybody’s watching you.”  It is fair to say that both of the New Kids, FSOC and FSB are watching nonbank financial services activity with great interest.  Each has committed significant resources in issuing the asset management request for comment and the Consultative Paper.  It is important to remember that the FSOC and the FSB are primarily made up of banking regulators.  At the FSOC, there are only two markets regulators, the SEC and the Commodities Futures Trading Commission.  Only the SEC is a member of the FSB.  Most of what you are seeing is bank regulators asking for comment on nonbank activities or entities.  This may not be natural space for these regulators but they are very interested in it.

As you go about making your own Compliance Calculus, you need to add the FSOC and FSB to your list of factors to consider.  These entities are showing intense interest in the nonbank area of financial services.  If we were to talk to those in the room from entities regulated by the bank regulators, I think they would tell us that such regulation has changed their business models to a great degree.  As recent commentators have noted, the expanded Basel capital standards coupled with sustained low interest rates are causing some banks to give back deposits. Headlines last week explained that GE plans to separate itself from GE Capital which is one of the entities that the FSOC has declared a SIFI.  An interest in increased regulation of nonbank financial services by FSOC or FSB may have emerged from well meaning attempts to protect the financial system but such regulations will have unintended consequences.  They always do.

For those of you in nonbank financial services, I urge you to think about your compliance program from the additional perspective of the New Kid in Town.  The New Kid does not understand your business that well but he knows it is really big and in aggregate has a lot of assets.  Those facts alone make your business extremely interesting and may invite additional regulation.  A serious compliance issue or risk management failure that weakens or damages your firm and receives significant media attention will only cause more focus by FSOC and FSB on the nonbank financial sector and may become a reason to extend the regulatory “perimeter” as Vice Chairman Fischer calls it. In particular, a failure that appears to have impacts far behind the firm involved would undoubtedly be of interest to the FSOC.  It is hard to anticipate how far such regulation will go.  However, as Milton Friedman famously said, “if you put the federal government in charge of the Sahara Desert, in five years there’d be a shortage of sand.” Rather than find out what such additional regulation of nonbank activity might be and what impact it might have, I urge you to take care in your businesses to avoid compliance failures.  This additional factor in the Compliance Calculus goes above and beyond what the SEC might do to punish you and must take in to account what the FSOC and FSB might do in response to an incident at a firm.

As you make sure your compliance program is right-sized for your business, keep in mind that it is not only the SEC that is concerned.  Both US and non-US regulators are watching the activities of nonbank financial services companies.  I always felt that at the Commission we asked more and more from compliance professionals.  Think of issues that have gotten press in the last year like the possibility of cyber attacks and other calamities.  Thus, I hesitate to add the FSOC and FSB to your list but you need to be realistic.  These regulators are interested already and must be part of your thinking as you make your Compliance Calculus.

Fair Treatment of Your Clients Will Benefit Everyone

So now that you have made your Compliance Calculus and factored in the New Kid in Town, I would like to say a few words about the role you can play in fulfilling the SEC’s mission to protect investors, facilitate capital formation and ensure fair and orderly markets.  Why should you help the SEC accomplish that mission?  Because the closer we get to the fulfillment of that mission the better our markets will be.  To protect investors the SEC focuses on full and fair disclosure, a rule set to promote investor protection and on enforcement against wrongdoers.  The full and fair disclosure is a critical element of the equation and is the part where you can all play a role.  The better your disclosure to investors, the more information that is available in the market.  Our markets benefit from that information in a number of ways.  With the right information, investors understand the risks they are taking and can properly allocate their investments.  Equally important, the better the investors we have in the markets, the better our markets will operate.  Fully informed investors making decisions to buy or sell securities in our markets strengthen price discovery and liquidity in our markets.

I urge all of you to make sure that you are disclosing the material facts of your business relationship to your clients and customers.  It is not just a matter of avoiding enforcement but of improving the capital markets for all involved.  Particularly now that most Americans rely on tax free accounts such as 401(k)s and IRAs for their retirement savings we need American investors to be savvy and well-informed.  To the extent your business includes American investors who are saving for retirement in these accounts, think about ways to better inform those investors of strategies they can pursue.  The success or failure of these retirement accounts is much more focused on individual decisionmaking.  It would be beneficial for all of us to think about ways to help investors make the right decisions in this area.

Unfortunately surveys by my former colleagues in the SEC’s Office of Investor Education and Advocacy consistently show low levels of understanding in the US regarding financial matters.  The SEC’s personnel do what they can to improve financial literacy but we do not have a concerted national effort to improve investor education.  In the absence of such an effort, it is up to industry members to do more to educate clients and customers.  I urge each of you to work to improve your firm’s disclosure to customers.

For those of you who submit registration statements to the Division of Investment Management for the sale of mutual fund shares to the public, you have a built in review system right at the Commission.  The dedicated reviewers in the Disclosure Review Office see countless numbers of disclosure documents as part of reviewing such registration statements.  I urge you to heed their advice as you frame your disclosure to customers.  These reviewers are experienced and they are only there to protect investors.  One of my priorities while in the Division, was to make comments from the Disclosure staff more consistent and more standardized.  I hope those of you who file such registration statements with the Commission are seeing improvement on those comments.


I hope my discussion of the Compliance Calculus has been helpful to you as you think about how to allocate your compliance resources at your firm.  I hope you will keep in mind the four elements of the calculus: (i) treating your clients fairly, (ii) staying on top of developments at the SEC through all means available, (iii) making a plan of how to allocate your resources and (iv) testing that plan to make sure that it is working for your firm and your clients.  I have also tried to highlight the role of the New Kid in Town and the implications that may have for your Compliance Calculus.  If you succeed in treating your clients fairly you will have done a service to the markets as investors make better decisions.  Thank you again for your time today and I wish you the best with your conference.