The 2024 National Society of Compliance Professionals (NSCP) annual Conference in Dallas was animated by lively discussions about what was certainly one of the most pressing issues in the compliance industry ecosystem: the billions of dollars of recordkeeping fines issued this year.
In packed conference rooms, compliance specialists and agency representatives discussed the status quo of recordkeeping rule enforcement, and scrutinized some notable recent cases.
While panelists noted that technology solutions for preventing off-channel communications are better than ever, the problem does not appear to be going away. Overall, there was a palpable impression that the industry-wide problem will continue to be intractable.
Perceptions of inevitability
Off-channel communications, and the dramatic enforcement actions taken against companies for recordkeeping violations, was a focal point of the conference.
Compliance professionals expressed “weariness” about the massive series of fines that hit the financial services industry for un-surveilled and uncaptured business communications and related supervisory negligence.
The controversial SEC enforcement action against Qatalyst LLP was raised as a prime example of how recordkeeping penalties might now seem unavoidable.
That case involved a registered investment adviser that was sanctioned, but not fined, for off-channel communications despite having robust, longstanding policies in place, and self-reporting the violations. The decision to even sanction Qatalyst prompted a notable dissent from Commissioners Uyeda and Peirce, who stated that presently “it does not appear that firms have an achievable path to compliance.”
“Compliance will never be perfect, because people will never be perfect.”
The NSCP panel, composed of compliance specialists, were largely sympathetic to that dissenting opinion. It was believed that Qatalyst was doing all that it could to prohibit off-channel communications and to enforce its robust policies. One panelist stated that it appeared like the SEC was “expecting perfection,” another said “there is no way to ensure a policy is always followed.”
“Compliance will never be perfect, because people will never be perfect,” one panelist said. Other speakers said that there should be more of a focus on going after deficient or unenforced policies and negligent supervision.
However, in another public discussion, a representative from the SEC’s Enforcement Division pushed back against this narrative by stating that there is a standard akin to “strict liability” in place.
If off-channel communications occur, a firm could be penalized, even if the penalty is only censure. Negligence would contribute to a penalty’s severity, in addition to other factors such as the extent of the off-channel commutations and the size of the involved firm, the SEC rep stated.
Different opinions were expressed about agencies’ future enforcement priorities. One panelist predicted fewer off-channel communications fines in future, an opinion that conforms to previous indications given by former SEC Enforcement Director Gurbir Grewal, who was not at the event.
Another panelist disagreed, stating that there were signs that strict enforcement actions against off-channel communications would continue into 2025. “There is no way this is going away,” he said.
Policy construction and implementation
The $6.5m penalty against Senvest Management in April was also discussed with interest during one panel. Participants addressed the SEC’s decision to pursue the firm for promulgating surveillance policies it never actually effectuated, such as reserving the right to physically inspect employees’ devices.
The Senvest fine also raised an interesting question – would actions like these incentivize firms to circumscribe their written policies to avoid agency scrutiny?
To some conference participants, the answer to that question was maybe. One panelist’s suggestion was to not overpromise and underdeliver to the SEC what a firm is doing to combat compliance deficiencies.
Other suggestions included making sure to clearly define policy terms, such as what an “approved communication” is, making sure all employees are treated equally in internal discipline, and ensuring employee privacy expectations through consent forms.
One caveat was highlighted, and that was that even the best policies are no substitute for proactive monitoring.
Self-reporting: beneficial or not?
Across panels, participants expressed skepticism that self-reporting would lead to softer agency fines or penalties, especially in the context of off-channel communications.
One conference participant noted the “fatalistic” attitude some compliance officers have begun to hold vis-à-vis these enforcement actions. Another participant noted that compliance officers would have to think “very carefully” about self-reporting off-channel communications before an exam – and only with the approval of outside counsel.
FINRA and SEC reps pushed back on that pessimistic attitude and upheld the value of self-reporting, saying it could contribute to lesser penalties, in concert with other efforts.
However, as underscored by a FINRA representative, participation had to be “substantial” for a firm to be given credit under FINRA rules, a difficult target under most circumstances. And she also stated that no credit would be given for self-reporting alone.
This standard contrasted with the SEC’s “meaningful” cooperation standard, which would, at least on paper, appear more generous.
The subject of what constitutes bona-fide self-reporting was also debated in a discussion with SEC and FINRA representatives. The SEC action against Atom Investors LP in September was raised as an example of self-reporting that was more of an inevitability than a concession.
In that case, the involved firm only self-reported its off-channel communications after discovering them during an SEC investigation into a third party, when Atom was unable to produce certain documents. The firm nevertheless received credit in the form of a no-penalty, leading a panelist to question whether “self-reporting” even fitted the description of what the firm did in that instance.
But an SEC representative stated that what Atom did presented an example that should be followed by firms if they ever found themselves in a similar situation.