What to expect in 2018

Technology is set to eat up a larger proportion of the compliance budget, with cybersecurity a key focus, says Venkat Rao of EisnerAmper

Despite initial expectations of a US regulatory rollback in the wake of the 2016 election, the status quo appears poised to continue well into 2018. One area of focus for the US Securities and Exchange Commission is valuations, says Venkat Rao, director in EisnerAmper’s Global Compliance & Regulatory Solutions group. Technology has also become an increasingly part of the compliance function, with the SEC becoming more outspoken about cybersecurity, he says.

Looking back on 2017, how would you describe the current regulatory climate for private equity GPs in the US?

Venkat Rao: With many fund advisors registered with the SEC as investment advisors and beholden to that set of regulations, I think there was some feeling that certain rules would be relaxed in the wake of a new Administration. But the fact is, it’s very much business as usual for the SEC, with the examination and enforcement policies largely unchanged. Hindsight might suggest that’s to be expected, since the SEC has institutional processes that won’t be quick to dismantle, but I think there was a certain expectation of at least some changes.
That said, we don’t see any significant additional regulations on the way, and given the current difficulty in passing legislation through Congress, there may not be any substantial changes to current legislation either. So, we’re devoting our time to helping clients meet the existing obligations, which requires real resources and expertise.

What are some key regulatory areas that GPs should make a priority?

VR: The SEC has not been shy about its interest in the valuations of the portfolio and fund assets. I think well managed firms are devoting the time and effort to ensure they have the policies and procedures in place should regulators come knocking.

I do think best practices in this area essentially revolve around a proper governance framework, with valuation committees or something similar, where there are clear roles and responsibilities, with oversight from senior members of the firm. The right process will have a built-in rigor to ensure all key, relevant and material factors are considered when valuing a portfolio.

When looking at the enforcement cases that have come down, the missteps have been when there aren’t written policies or procedures, or if they were, they aren’t being followed. This may seem like common sense, but the failures are when the fundamentals aren’t executed as they should be. And honestly, I think that an advisor for any asset class should be making sure they’re getting those fundamentals right.

Is this an argument for more third party reviews? There are plenty of firms that would argue that no one knows better how to value their portfolio than they do.

VR: I’ve seen advisors use third party reviewers and it’s a fair point that the fund managers overseeing the portfolio tend to know their asset classes better than an outsider. Where I’ve seen these reviews prove valuable is when the third party specializes in an asset class or has a deep expertise in a particular industry where they can offer meaningful oversight into the portfolio because they know the industry or asset class so well. That’s where the value of these reviews are. Otherwise, a generalist may not see how certain details or inputs are relevant or what assumptions are important in developing that valuation.

Given the high priority regulators place on the valuation framework, how important is outside expertise to vet, or even draft, those policies and procedures?

VR: Our clients will often task us with the writing of valuation policies and procedures, and we see it as a core element in our compliance and regulatory practice. Legal counsel may be tapped to examine the process and procedures and determine if they meet legal and regulatory requirements. That said, we’ve found that while there’s value in tapping outside expertise, the internal team is uniquely suited to understand the process and what key players should play a role in valuations. As such, these policies are best launched as an in-house endeavor.

If the status quo is here to stay, does that mean the SEC will continue taking a closer look at how fees and expenses are allocated?

VR: I’d expect the SEC to stay focused on the proper allocation of fees and expenses, but that largely requires that GPs have proper disclosure documentation with LPs. In most cases, best practice involves following what’s detailed in the fund documents with a reasonable allocation of expenses. Disclosure is key, particularly with regards to this issue.
But to be clear, there are certain fees and expenses that shouldn’t be allocated to the investor. Sometimes, fund managers simply don’t have a familiarity of the rules and expectations of regulators when it comes to these issues. They may need to be educated, although there are cases of truly unethical conduct which some enforcement cases have brought to light.

Like a lot of regulatory issues, it comes down to educating the firm. What are some best practices to help ensure compliance training is effective?

VR: I’ve found it helpful to give them real life examples of enforcement cases where firms have been sanctioned for certain kinds of actions. They offer tangible examples of behaviors that run afoul of regulators’ expectations, and can help staff understand what’s expected. Compliance training is usually done on an annual basis, but communicating these cases on a regular basis, as they happen, can be a great opportunity to remind staff of policies and procedures throughout the year. Of course, the proper monitoring of employee behavior is also key in evaluating if a training program is working or not. Again, it’s a matter of paying attention to the program.

If the regulations aren’t changing, does that mean the role of compliance staff or the chief compliance officer won’t be changing either?

VR: On the contrary, we’ve seen the compliance function change dramatically over the last few years due to the increasing role of technology and that’s set to continue or even speed up. Today’s CCOs must be fluent in technology issues, because whether they’re employing a third-party or proprietary solution, technology is used to monitor activities. This doesn’t mean that it’s now essentially a “tech role” but it’s a necessity that CCOs understand how controls around technology are implemented, especially given the need for cybersecurity programs. Now compliance professionals must work closely with directors of program technology, to make sure the right cybersecurity protocols are in place. The SEC has been consistently outspoken about this topic and expects proper controls to be part of a firm’s infrastructure.

As a result, is technology eating up a larger share of the compliance budget?

VR: Certainly, and if one were to read the tea leaves, the advent of blockchain and some of these distributed ledger technologies, there’s going to be a call for more investment in technology, not just in private equity, but across the entire financial services sector. That doesn’t mean that the budget is only going to be software. There will always be legal expenses and a certain investment in third party expertise, only from the perspective that firms want to ensure they aren’t missing anything. It’s hard for anyone to know what they don’t know. Do employees know their regulatory obligations and understand what’s expected of them? Do staff understand what that valuation framework is, and how that fee should be allocated? Outside advisors grant some outside perspective and an objective assessment of the compliance program.

For GPs registered with the SEC, they’re required to do an internal compliance review annually. How often should they hire an outside advisor to conduct a more ‘objective’ review?

VR: There’s a cost issue. We see outside compliance reviews vary in frequency, with some occurring roughly every three years or so, but if there are specific regulatory concerns, it might be more frequent than that. However, if sufficient time and effort is spent in crafting and implementing policies and procedures and there is real discipline in monitoring behavior, GPs should feel more confident that they’re ready when the SEC shows up at their door.

Venkat Rao is a director in EisnerAmper’s Global Compliance & Regulatory Solutions group. He has more than 15 years of experience working with hedge funds, private equity funds, commodity pool operators, registered investment advisors, insurers, broker-dealers and investment banks.