Read full biography at www.orrick.com

Posts by: Edward Eisert

SEC Adopts Jobs Act Amendments

 

On April 5, the Securities and Exchange Commission (“SEC“) announced that it has adopted amendments to increase the amount of money companies can raise through crowdfunding to adjust for inflation. It also approved amendments that adjust for inflation a threshold used to determine eligibility for benefits offered to “emerging growth companies” (“EGCs“) under the Jumpstart Our Business Startups (JOBS) Act.

The SEC is required to make inflation adjustments to certain JOBS Act rules at least once every five years after it was enacted on April 5, 2012. In addition to the inflation adjustments, the SEC adopted technical amendments to conform several rules and forms to amendments made to the Securities Act of 1933 (“Securities Act“) and the Securities Exchange Act of 1934 (“Exchange Act“) by Title I of the JOBS Act. The Commission approved the new thresholds on March 31. They will become effective when they are published in the Federal Register.

The Commission provided a helpful chart that sets out the inflation-adjusted amounts for the maximum amount of offerings and investment limits, specifically: (i) the maximum aggregate amount an issuer can sell in a 12-month period; (ii) the threshold for assessing an investor’s annual income or net worth to determine investment limits; (iii) the lower threshold of Regulation Crowdfunding securities permitted to be sold to an investor if annual income or net worth is less than the adjusted thresholds; (iv) the maximum amount that can be sold to an investor under Regulation Crowdfunding in a 12-month period; and (v) the inflation-adjusted amounts for determining financial statement requirements.

Also, pursuant to sections of the Securities Act and the Exchange Act added by the JOBS Act, which define the term “emerging growth company,” every five years the Commission is directed to index the annual gross revenue amount used to determine EGC status to inflation. To carry out this statutory directive, the SEC has adopted amendments to Securities Act Rule 405 and Exchange Act Rule 12b-2 to include a definition for EGC that reflects an inflation-adjusted annual gross revenue threshold. Press Release.

SEC Division of Investment Management Issues Guidance on Holding Companies and the Transient Investment Company Rule Under the Investment Company Act

 

Earlier this month, the SEC Division of Investment Management issued guidance with respect to situations in which an operating company may find that, upon the occurrence of an extraordinary event, it meets the definition of an “investment company” under the Investment Company Act of 1940 (“Company Act“), even though it intends to remain in such status only temporarily. Absent an exclusion or exemption from this definition, the operating company may be required to register under the Company Act. Rule 3a-2 under the Company Act, however, provides a one-year safe harbor for such transient investment companies if certain conditions are satisfied.

The Staff of the Division of Investment Management has received inquiries regarding the commencement of the one-year safe harbor as it applies to holding companies that are engaged in various businesses operating through wholly owned and majority-owned subsidiaries where neither the holding companies nor their subsidiaries are regulated as investment companies (“Holding Companies“).

In response, the Staff has clarified that the one-year safe harbor period does not begin until the occurrence of an extraordinary event causes a Holding Company to have certain characteristics of an investment company. It is the staff’s view that when adopting Rule 3a-2, the Commission did not intend to limit the circumstances under which an issuer could rely on the rule in such a way that Holding Companies are treated differently than other issuers because of the Holding Companies’ organizational structures.

SEC Staff Issues Guidance Update and Investor Bulletin on Robo-Advisers

 

On February 23, 2017, the Securities and Exchange Commission (“SEC“) published information and guidance for investors and the financial services industry on the use of robo-advisers, described by the Staff as “registered investment advisers that use computer algorithms to provide investment advisory services online with often limited human interaction.” Press Release.

The guidance update (the “Update“) was issued by the SEC’s Division of Investment Management in order to address the unique issues raised by robo-advisers. It makes a number of specific suggestions on meeting disclosure, suitability and compliance obligations under the Investment Advisers Act of 1940 (the “Advisers Act“). The Update, however, is less prescriptive than the “Report on Digital Investment Advice” issued by the Financial Industry Regulatory Authority (“FINRA“) in March 2016 (the “FINRA Report“).

The FINRA Report generally addressed the issues faced by “financial services firms” (including both broker‑dealers and investment advisers) in the use of “digital investment advice tools.” As stated by FINRA, the effective practices discussed in the FINRA Report are “specifically intended for FINRA-registered firms, but may be valuable to financial professionals generally.” Accordingly, it is suggested that the Update be read carefully in conjunction with the FINRA Report, particularly by dually registered broker-dealers and investment advisers.

The Update notes that there may be a variety of means for a robo-adviser to meet its obligations to clients under the Advisers Act and that not all of the issues addressed in the Update will be applicable to every robo-adviser.

Also on February 23, 2017, the SEC’s Office of Investor Education and Advocacy (OIEA) published an Investor Bulletin that “provides individual investors with information they may need to make informed decisions if they consider using robo-advisers.”

The Investor Bulletin describes a number of issues investors should consider, including:

  • The level of human interaction important to the investor,
  • The information the robo-adviser uses in formulating recommendations,
  • The robo-adviser’s approach to investing,

The fees and charges involved.

New York Department of Financial Services Promulgates First-in-the-Nation State Cybersecurity Regulation

 

On February 16, 2017, the New York Department of Financial Institutions (“DFS“) promulgated a regulation that requires “Covered Entities” to establish and maintain a cybersecurity program designed to protect consumers and the financial services industry itself (the “Regulation“). Report.

A “Covered Entity” means any individual or any nongovernment entity that operates under or is required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the New York State Banking Law, Insurance Law or Financial Services Law. Accordingly, Covered Entities include, among others, New York branches and representative offices of foreign banks, but do not include “investment advisers” and “broker-dealers.”

The Regulation is risk-based and includes regulatory minimum standards and encourages Covered Entities to keep pace with technological advances. The Regulation specifically provides protections to prevent and avoid cyber breaches, including:

  • Controls relating to the governance framework for a cybersecurity program, including requirements for a program that is adequately funded and staffed, overseen by qualified management and reported on periodically to the most senior governing body of the organization;
  • Risk-based minimum standards for technology systems, including access controls, data protection including encryption and penetration testing;
  • Required minimum standards to help address any cyber breaches, including an incident response plan, preservation of data to respond to such breaches and notice to DFS of material events; and
  • Accountability by requiring identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance to DFS.

Of particular relevance to global, diversified financial institutions, (i) a Covered Entity may meet the requirements of the Regulation by adopting the relevant and applicable provisions of a cybersecurity program maintained by an affiliate, provided that such provisions satisfy the requirements of the Regulation, applicable to the Covered Entity; and (ii) each Covered Entity must implement written policies and procedures designed to ensure the security of information systems and nonpublic information that are accessible to, or held by, third-party service providers.

The Regulation will be become effective on March 1, 2017. Covered Entities will be required to annually prepare and submit to the Superintendent of Financial Services a “Certification of Compliance with New York State Department of Financial Services Cybersecurity Regulations” commencing February 15, 2018.

The Regulation provides that, generally, Covered Entities shall have 180 days from March 1, 2017 to  comply with the Regulation. However, certain provisions include additional transitional periods: (i) one year from March 1 to comply with the requirements that, among others, (x) the Chief Information Security Officer report in writing at least annually to the Covered Entity’s board of directors or equivalent governing body, (y) the Covered Entity conduct a risk assessment of its information systems and (z) the Covered Entity provide regular cybersecurity awareness training for all personnel; (ii) 18 months from March 1 to implement risk-based policies, procedures and controls designed to monitor the activity of authorized users of the Covered Entity’s information systems and data and to detect unauthorized access or use of, or tampering with, nonpublic information by such authorized users; and (iii) two years to comply with the requirement to implement written policies and procedures designed to ensure the security of the information systems and nonpublic information of the Covered Entity that is accessible to, or held by, third‑party service providers.

Office of Compliance Inspections and Examinations Issues Risk Alert on the Five Most Frequent Compliance Topics Identified in Examinations of Investment Advisers

 

On February 7, 2017, the Office of Compliance Inspections and Examinations of the Securities and Exchange Commission (OCIE) published a Risk Alert listing of the five compliance topics most frequently identified in deficiency letters that were sent to SEC‑registered investment advisers (“Advisers“) during the past two years. Within each of these topics, a few examples of typical deficiencies were discussed to highlight the risks and issues that examiners commonly identified.

The five compliance topics addressed in this Risk Alert are deficiencies or weaknesses involving: (i) Rule 206(4)-7 (the Compliance Rule) under the Investment Advisers Act of 1940 (the Advisers Act); (ii) required regulatory filings; (iii) Rule 206(4)-2 under the Advisers Act (the Custody Rule); (iv) Rule 204A-1 under the Advisers Act (the Code of Ethics Rule); and (v) Rule 204-2 under the Advisers Act (the Books and Records Rule). The Staff emphasized that: “Advisers should review their compliance programs and practices in light of the topics noted in this Risk Alert.”

Although the list of deficiencies and weaknesses was based upon examinations of SEC‑registered investment advisers, these findings also should be considered as regulatory guidance by “exempt reporting advisers,” particularly those whose business is anticipated to grow beyond the scope of the exemption on which they are relying; for example, the failure to adopt and maintain a Code of Ethics (an obligation applicable to all investment advisers, whether or not registered), the failure to adopt compliance manuals that are reasonably tailored to the Adviser’s business practices, the failure of Advisers to follow their compliance manual policies and procedures, and the failure of Advisers to maintain accurate books and records with regard to their investment adviser business, including typical accounting and other business records. Press Release.

New York Department of Financial Services Issues Updated Proposed Cybersecurity Regulation

 

On December 28, 2016, the New York State Department of Financial Services (“DFS“) announced that it has updated its proposed first‑in‑the‑nation cybersecurity regulation. The proposed regulation, which will be effective March 1, 2017, will require banks, insurance companies and other financial services institutions regulated by DFS to adopt a cybersecurity program by assessing its specific risk profile and designing a program to address these risks accordingly.

According to the DFS, “This updated proposal allows an appropriate period of time for regulated entities to review the rule before it becomes final and make certain that their systems can effectively and efficiently meet the risks associated with cyber threats.”

Among the changes made, the definition of “Exemptions” has been expanded to provide:

  • that “Covered Entities” that have less than the specified number of employees, gross annual revenue or year‑end total assets shall be exempt from the requirements of enumerated sections;
  • an exemption for an employee, agent, representative or designee of a Covered Entity, who is itself a Covered Entity;
  • an exemption from enumerated sections for a Covered Entity that does not directly or indirectly operate, maintain, utilize or control any “Information Systems” and that does not, and is not required to, directly or indirectly control, own, access, generate, receive or possess “Nonpublic Information“;
  • a requirement that Covered Entities that qualify for an exemption file a “Notice of Exemption”; and that a Covered Entity that ceases to qualify for an exemption must comply with all applicable requirements of the proposed rule.

The updated proposed regulation will be finalized following a 30-day notice and public comment period. Press Release. DFS Assessment of Public Comments. DFS Summary. Proposed Regulation (As Revised).

Federal Reserve Board Provides New Details on Volcker Rule’s Illiquid Funds Requirements

On December 12, 2016, the Federal Reserve Board announced additional details regarding how banking entities may seek an extension to conform their investments in a narrow class of funds that qualify as “illiquid funds” to the requirements of Section 619 of the Dodd-Frank Wall Street Reform and Consumer Protection Act, commonly known as the Volcker Rule. An illiquid fund is defined by the statute as a fund that is “principally invested” in illiquid assets and holds itself out as employing a strategy to invest principally in illiquid assets.

The Volcker Rule generally prohibits insured depository institutions and any company affiliated with an insured depository institution from engaging in proprietary trading and from acquiring or retaining ownership interests in, sponsoring or having certain relationships with a hedge fund or private equity fund. These prohibitions are subject to a number of statutory exemptions, restrictions and definitions.

The Dodd-Frank Act permits the Board, upon an application by a banking entity, to provide up to an additional five years to conform investments in certain legacy illiquid funds where the banking entity had a contractual commitment to invest in the fund as of May 1, 2010. The five-year extension for certain legacy illiquid funds is the last conformance period extension that the Board is authorized to provide banking entities under the statute.

According to the guidelines adopted by the Board, firms seeking an extension should submit information, including details about the funds for which an extension is requested, a certification that each fund meets the definition of illiquid fund, a description of the specific efforts made to divest or conform the illiquid funds, and the length of the requested extension and the plan to divest or conform each illiquid fund within the requested extension period.

The Board expects that the illiquid funds of banking entities will generally qualify for extensions, though extensions may not be granted in certain cases – for example, where the banking entity has not demonstrated meaningful progress to conform or divest its illiquid funds, has a deficient compliance program under the Volcker Rule or where the Board has concerns about evasion.

The Board consulted with staffs of the other agencies charged with enforcing the requirements of the Volcker Rule, and the agencies plan to administer their oversight of banking entities under their respective jurisdictions in accordance with the Board’s conformance rule and the attached guidance.

SEC Issues No-Action Letter Regarding Relief from Registration under Advisers Act for Adviser to Affiliated Foundation

On December 8, 2016, the Chief Counsel’s Office of the Division of Investment Management of the Securities and Exchange Commission (“Commission“) provided “no‑action letter” assurance to CenturyLink Investment Management Company, an investment adviser registered as such under the Investment Advisers Act of 1940 (“Adviser“), that it would not recommend enforcement action to the Commission if it were to withdraw its registration. Adviser is an indirect wholly owned subsidiary of CenturyLink, Inc., a telecommunications firm (“Parent“), that was established, and has been operated, for the sole purpose of providing investment advisory services to (i) the employee benefit plans sponsored by the Parent (the “Plans“), which were established solely for the benefit of current and previous employees of the Parent, its predecessors and affiliates, and comprise retirement and health and welfare employee benefit plans, including both qualified and nonqualified plans governed by the Employee Retirement Income Security Act of 1974 (“ERISA“); and (ii) the CenturyLink – Clarke M. Williams Foundation (the “Foundation“), a charitable foundation organized as a Colorado nonprofit corporation by a predecessor company of the Parent for charitable and educational purposes.

The response of the staff is consistent with other no-action letters issued to wholly owned subsidiaries of a parent that satisfy comparable conditions, except with respect to the Foundation. The significance of this letter is that it extends the application of these principles to advisory services provided to a charitable foundation under the circumstances presented.

In providing its response, the staff stated that its position is based particularly on representations that:

  • Adviser is an indirect wholly owned subsidiary of the Parent and has been established, and has been operated, for the sole purpose of providing investment advisory services to the Plans and the Foundation;
  • Adviser does not hold itself out to the public as an investment adviser, provides investment advice only to the Plans and the Foundation, and will not in the future provide investment advisory services to any third party;
  • The Plans are established solely for the benefit of current and previous employees of the Parent, its predecessors and affiliates, and comprise employee benefit plans governed by ERISA;
  • The Foundation is a charitable foundation organized as a Colorado nonprofit corporation by the Parent for charitable and educational purposes, and its beneficiaries are charitable and educational organizations; the Parent is the sole voting member of the Foundation, has rights with respect to the management of the Foundation and, since 2012, is its sole contributor;
  • The only amounts received by the Parent in connection with the Plans are reimbursements that are subject to the restrictions imposed by ERISA;
  • The only amounts received in connection with Adviser’s advisory services to the Foundation are reimbursements to the Parent from the Foundation for Adviser’s expenses associated with such advisory services; and
  • Neither the Plans nor the Foundation is required to register as an investment company under the Investment Company Act of 1940.

OCC Issues Responsible Innovation Framework

 

On October 26, the Office of the Comptroller of the Currency (“OCC“) announced that it will establish an office “dedicated to responsible innovation and implement a formal framework to improve the agency’s ability to identify, understand, and respond to financial innovation affecting the federal banking system [and stated that by] establishing an Office of Innovation, we are ensuring that institutions with federal charters have a regulatory framework that is receptive to responsible innovation and the supervision that supports it.”

The Office of Innovation will be headed by a Chief Innovation Officer assigned to OCC Headquarters. The office will be the central point of contact and clearinghouse for requests and information related to innovation and it will also implement other aspects of the OCC’s framework for responsible innovation, which include:

  • establishing an outreach and technical assistance program for banks and nonbanks,
  • conducting awareness and training activities for OCC staff,
  • encouraging coordination and facilitation,
  • establishing an innovation research function, and
  • promoting interagency collaboration.

The OCC expects the office to begin operations in first quarter 2017.

The OCC emphasized that its assessment of granting a special purpose national bank charter to nonbank financial technology companies, and under what conditions, continues.

See “Recommendations and Decisions for Implementing a Responsible Innovation Framework.”  Press Release.

SEC Office of Compliance Inspections and Examinations Issues Risk Alert on Whistleblower Rule Compliance

 

On October 24, Staff in the Office of Compliance Inspections and Examinations (the “Staff”) issued a National Exam Program Risk Alert announcing that it is examining registered investment advisers and registered broker-dealers compliance with key whistleblower provisions arising out of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”). The Commission recently has brought several enforcement actions charging violations of Rule 21F-17 of the Commission’s whistleblower regulations.

 

The Staff now is routinely reviewing, among other things, compliance manuals, codes of ethics, employment agreements, and severance agreements to determine whether provisions in those documents pertaining to confidentiality of information and reporting of possible securities law violations may raise concerns under Rule 21F-17.
Section 21F of the Securities Exchange Act of 1934 was added by the Dodd-Frank Act.  To implement Section 21F, among other things, the Commission adopted Rule 21F-173 thereunder which provides that “no person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.”

 

The Staff highlighted that “Recent enforcement actions have identified certain provisions of confidentiality or other agreements required by employers as contributing to violations of Rule 21F-17 because they contained language that, by itself or under the circumstances in which the agreements were used, impeded employees and former employees from communicating with the Commission concerning possible securities law violations. This potential chilling effect can be especially pronounced when such documents (e.g., severance agreements) provide that an employee may forfeit all benefits if he or she violates any terms of the agreement.” Alert.