SEC Investment Adviser Enforcement Actions: “May” Might Be Materially Misleading & Insider Trading Policies

Two topics from recent SEC investment adviser enforcement cases, disclosure language and insider trading policies.

Adviser Disclosures: What does “may” mean?

In grammar school we all learned that the words “may” and “are” mean different things.  The SEC recently reminded advisers that the difference can be material when it comes to disclosures.

In a settled administrative action filed in April, the SEC found that Monomoy Capital Management, a private equity adviser, had certain employees who spent time working with portfolio companies on “operational and financial restructuring” matters (link to case here).  This practice began in 2007 and Monomoy charged the portfolio companies an hourly rate to recoup most of the costs of the employees’ work on the portfolio companies.  The adviser had previously disclosed that portfolio companies were responsible for certain fees, but did not specifically disclose that the adviser could receive compensation-related fees from portfolio companies.  In 2014, the firm amended its Form ADV to state that “under specific circumstances, certain Monomoy operating professionals may provide services to portfolio companies that typically would otherwise be performed by third parties,” and that “Monomoy may be reimbursed” for costs related to such services.

In the settled administrative order the SEC found that the Form ADV disclosure did not “fully and fairly disclose” that Monomoy did, in fact, provide those services to portfolio companies and was, in fact, reimbursed by portfolio companies for the services.  In other words, the use of the word “may” in the disclosure was misleading when Monomoy actually was engaged in the disclosed activity.

The SEC has for several years been warning advisers that “may” disclosures can be misleading if the matter actually is occurring.  For example, in 2016 the SEC issued an opinion in an enforcement action against the Robare Group, where the SEC found that a disclosure stating that the adviser “may” receive a certain type of compensation was inadequate because it did not disclose that the adviser actually had an arrangement pursuant to which it received such fees that created a conflict of interest (link to case here).  Likewise, the SEC’s guidance last year on the standards of conduct for investment advisers stated:

disclosure that an adviser “may” have a particular conflict, without more, is not adequate when the conflict actually exists.  For example, we would consider the use of “may” inappropriate when the conflict exists with respect to some (but not all) types or classes of clients, advice, or transactions without additional disclosure specifying the types or classes of clients, advice, or transactions with respect to which the conflict exists. In addition, the use of “may” would be inappropriate if it simply precedes a list of all possible or potential conflicts regardless of likelihood and obfuscates actual conflicts to the point that a client cannot provide informed consent. On the other hand, the word “may” could be appropriately used to disclose to a client a potential conflict that does not currently exist but might reasonably present itself in the future.

Commission Interpretation Regarding Standard of Conduct for Investment Advisers, Investment Advisers Act Release No. 5248 (June 5, 2019), p. 25 (link here).  Similar guidance is found in the SEC’s FAQ’s Regarding Disclosure of Certain Financial Conflicts Related to Investment Adviser Compensation (link here) and in the instructions to Part 2 of Form ADV.

Following from the plain meaning of the word, it is appropriate to use “may” to provide disclosure that in the future the adviser can and might take some action creating a conflict.  It is not appropriate, however, and potentially materially misleading, to use “may” where an action is being taken or a conflict actually exists.  Advisers should at least annually review their disclosure documents to make sure they are up to date and reflect current practices.  In particular, and since the use of “may” disclosures was somewhat common in the past, advisers should incorporate into their disclosure reviews an examination of whether any “may” disclosures need to be updated to “are” disclosures.

Insider Trading Policies

So far in 2020 the SEC has brought two enforcement actions against investment advisers for failing to have adequate insider trading policies.  These cases are notable because it is unusual for the SEC to bring an enforcement action alleging only a violation of Section 204A’s insider trading policies and procedures requirements.  Instead, violations of Section 204A almost always appear as “tacked on” claims to the SEC’s actual insider trading cases.

Section 204A of the Investment Advisers Act requires advisers to “establish, maintain, and enforce written policies and procedures reasonably designed, taking into consideration the nature of such investment adviser’s business, to prevent the misuse . . . of material, nonpublic information by such investment adviser or any person associated with such investment adviser.”  The important concepts here are, first, that the firm’s policies must not only exist, but must be “maintained and enforced,” and, second, the policies must be “reasonably designed” with the adviser’s unique business practices taken into consideration.

The first case, a settled administrative proceeding brought against investment adviser Cannell Capital, was filed in February (link to case here).  In that case, the firm’s written policies stated that it would maintain a restricted list, but the SEC found that in practice it did not.  Instead, the firm relied on a “patchwork system” of restrictions in the order management system, documents saved to a shared drive, email, and/or verbal communication about trading restrictions.  The problem was that none of these methods were used consistently, and did not constitute an actual restricted list as required by the firm’s policies.  For example, when the CCO was out of the office, no other employee could establish a new restriction in the order management system.  In other cases, the order management system restrictions were established days after it had been determined that trading in an issuer’s securities needed to be restricted.  Likewise, while sometimes the firm used a sharedrive for documents concerning restricted issuers, documents were at times not added to the sharedrive until months or years after the restriction, and employees were not directed to look at the sharedrive for information identifying restricted issuers.  An actual restricted list is not specifically required by Section 204A, although they have been ubiquitous for so long that it is an expected component of a compliance program.  However, since Cannell’s written policy required one, the failure to maintain a list meant that the firm had not implemented its compliance policies.  This is not a surprising finding as for years the SEC has stated, and it should be self-evident, that policies are not being “maintained and enforced” if they are not followed.  If your policies say you will do something – do it or change the policy to something that you can actually follow.

The second aspect of the compliance failure at Cannell cited by the SEC was that its policies were not tailored to the specific business risks posed by the adviser’s unique business activities.  For example, there were no policies tailored to the adviser’s practice of frequently communicating with public company insiders, entering into confidentiality agreements with public companies, speaking with investment bankers, and publishing investment research.  Moreover, the compliance program relied entirely on employees “self-reporting” MNPI to the CCO.  Finally, and somewhat cryptically, the SEC faulted the adviser for not addressing the risk posed by the fact that the adviser was owned and controlled by a single individual.  On this last point, a shortcoming of settled SEC cases is that the orders are the product of a compromise and therefore sometimes lack the specificity or context to provide meaningful guidance to the industry.  While it is true that an owner of a business has an incentive to maximize profit, economic incentive is an aspect of all insider trading cases, regardless of ownership or employment title, since making money is the whole point.  The SEC offers no explanation of what unique risk is posed by a firm owned by a single individual or what an appropriate protective policy would be.

The larger point, that compliance policies cannot just be generic statements but must be customized to address the specific risks posed by the unique activities of the adviser, is one that the SEC has been highlighting for several years.  The SEC has also previously stated that insider trading policies that rely solely on employee self-reporting are probably inadequate.  What the SEC is looking for is an adviser to examine its business practices, identify the key risks posed by those activities, and design policies to reasonably address those specific risks.  Similarly, an adviser should adopt reasonable oversight or audit procedures so that the insider trading compliance program does not rely only on employee self-policing.

The second of these cases, also a settled administrative proceeding, was filed last month (link to case here).  The SEC’s order states that Ares Management had access to MNPI by having a firm employee sit on an issuer’s board of directors and also through a confidentiality agreement in connection with a loan made to the issuer.  Pursuant to its written policies, the firm had placed the issuer on the restricted list, allowed trading only if approved by the compliance department, and to approve trading compliance was required to speak with the director about any MNPI that may have been received and to confirm with the issuer that the issuer’s trading window for directors was open.  These are all fairly common compliance policies for advisers who have representatives on the boards of public companies.

Nevertheless, the SEC found fault with the policies because they:

failed to properly assess the special circumstances presented by the Ares director’s dual role as a director of the portfolio company and as an Ares employee, particularly where the Ares director remained involved in Ares’ trading decisions regarding the portfolio company’s stock.

However, the policies (and actual practices) did require the issuer to be on the restricted list, required compliance to inquire with the director about any MNPI received, to check with the issuer that the window was open for the director to trade, and for compliance to specifically approve any proposed trade.  While policies can always be more rigorous, these policies appear adequate (at least as to the employee sitting on the board).

The SEC had other issues with Ares’ policies in that they:

did not provide specific requirements for compliance staff concerning the identification of relevant parties with whom to inquire regarding possession of potential MNPI and the manner and degree to which the staff should explore MNPI issues with these parties.

Again, policies can always be more specific and detailed, but finding fault with a lack of “specific requirements” as to the “manner and degree” that compliance needs to ask about MNPI issues is a level of micro-management that heretofore has not been seen – and with no guidance as to what level of specific instructions need to be in written policies to be compliant.

Finally, the SEC found that the policies were not adhered to because the compliance staff in “numerous instances” did not “document sufficiently” that compliance had asked employees about the potential receipt of MNPI.  This issue at least appears to present a more clear case of a policy requirement that was not followed.

The Ares case repeats the point that an adviser must consider and tailor insider trading policies to actual business practices, and must actually do what the firm’s policies require.  The particular facts set forth in the order, however, place the case as an outlier because the shortcomings identified do not appear to be significant enough to warrant an enforcement action.  This perception may be because the Ares case was a settled action, which as mentioned, often means a compromise between the parties which can obscure what really happened.  Ares was ordered to pay a penalty of $1 million – a large penalty when compared to the $150,000 Cannell was ordered to pay for what appear to have been more concrete policy violations.  This at least suggests that there may have been more to the Ares story than is reflected in the order.  This is a problem with settled SEC cases – that the concepts that may have made sense in the particular circumstances of the settlement, such as requiring compliance policies to spell out “specific requirements” for the “manner and degree” that compliance steps must be taken, can potentially become an expectation for all advisers in all situations.  The SEC has rightly been criticized for what is known as “rulemaking through enforcement”, and let’s hope Ares does not become another example.

The conclusion from these cases is that the SEC takes seriously the requirement to have properly functioning insider trading policies.  Advisers therefore need to ensure that their insider trading policies (1) take into account and address the firm’s particular practices and the risks they create, (2) include reasonable oversight in addition to employees self-reporting MNPI issues, and (3) are actually followed in practice.