Warren Enskat Group

Who says compliance is boring… combine compliance and regulatory issues with technology and software solutions and you get something noteworthy. At least according to private equity firm Warburg Pincus, who yesterday announced $100 million investment in Ottawa-based Assent Compliance, a leader in supply chain data management software.

The investment helps Assent Compliance build out its software and platforms, as well as to enhance its product compliance, vendor mangement, and corporate social responsibility solutions, to “respond to the significant volume of data and regulatory requirements”.

CEO Andrew Waitman joined Assent three years ago, after stints at professional services firm Pythian and as managing partner of Celtic House Venture Partners.

FinTech and RegTech have been front and center for investment managers as they are dealing with new regulatory developments and global competitors.

Facebook announced that hackers had used a weakness in Facebook’s code regarding its “view as” feature this week to take over control of up to 50 million accounts. The hackers got access tokens to stay in accounts without re-entering a password.

Some 50 million users had their access tokens stolen – they were reset by Facebook, and now users have to re-enter their passwords when they try to access the service.

Facebook said the hack happened because of “complex interaction of multiple issues in our code”.

The complexities of cybersecurity were discussed in a special workshop on AI at our most recent female executive roundtable for Women in Compliance, and also in our round tables in Paris and London with CISOs from large financial services and fashion brands.

To be part of the technical committees or to learn more about CSI, give us a call.

Natalie Baylis two months after joining Swiss alt asset manager GAM from the UK’s Financial Conduct Authority as Group Head of Compliance and member of GAM Holding AG’s Group Management Board to help with the aftermath of Tim Haywood’s suspension, abruptly announced her departure this week.

Bond PM Haywood had managed over $7 billion for GAM, but was suspended for breaching policies on record-keeping, risk management, and gifts and entertainment (triggered by an internal whistleblower).

Baylis cited “personal reasons” for leaving, and now Schroder’s GC for wealth and asset management, David Kemp, will take over on an interim basis, working partnership with another newcomer, Rachel Wheeler, who two months ago became GAM’s GC from Aviva.

CEO Alex Friedman and Head of Investments Matthew Beesley have been working with key accounts to retain assets and regain trust, and, given the board director issues around Haywood, GAM implemented a new policy that bars PMs from being on boards of any investment-advisory entities.

The Compliance Strategy Institute in its most recent “Women in Compliance” executive roundtable in NY discussed how female leaders can work with their counterparts in risk, investments, tech, data and legal to ensure better communication and processes, to establish regulatory and compliance partnerships with the business side.

Hackers in 2016 stole personal data for tens of millions of Uber users (and also drivers). Uber didn’t report the breach and decided to pay two hackers (one of them a 20-year old Floridian) $100K on HackerOne to stay quiet and delete the data.

HackerOne, btw, is described as “the most trusted hacker-powered security platform”, with HackerOne:

– Response (a compliant process for receiving/acting on vulnerabilities discovered by third parties)

– Challenge (improving pen-test results with a project-based vulnerability assessment program)

– Bounty (a private, fully-managed bug bounty program for continuous coverage)

HackerOne receives an IRS W9 or W8BEN forms before payments can be made, and Reuters reported on Uber making payments to the Florida hacker on the platform.

All 50 states and D.C. filed a lawsuit and yesterday the California attorney general announced a settlement of $148 million with the company. Uber also agreed to strengthen its cybersecurity infrastructure and provide updates to the states on a quarterly basis.

Tony West, Uber’s CLO, joined once the prior chief security officer was fired, handled the cleanup process. The company said that the hackers had targeted third-party cloud-based services. Uber still has to deal with private party lawsuits and those of some specific cities.

A lot of important lessons on cybersecurity, compliance setups for financial services providers and the growing importance of Artificial Intelligence.

We discussed AI and cybersecurity/cryptocurrency issues in our most recent CSI roundtable in NY.

Neshie Tiwari is the chief compliance officer for Ellevest, the investment management company for women by women, co-founded by Sallie Krawcheck in partnership with Charlie Kroll.

Ellevest was founded in 2016 as a digital financial advisory platform for women.

According to Neshie, “everyone is responsible for compliance…. and ethics.”

In the most recent “What the Elle?” Newsletter from August 21, 2018, she also described situations with potential conflicts of interest and how Ellevest published details on the possible conflicts and its mitigation in Ellevest’s Form ADV.

Other focal points for CCOs, in Neshie’s opinion, are “the benefits of diversity to build a strong business”, to “talk. A lot.” and “rules are good. A ‘true north’ is better.”

She will share her thoughts in panels and workshops at WomenInCompliance.com. While space is limited, we still have a few spots left for C-level female (and male) compliance, risk, data, tech and legal officers.

See you on September 18th.

Since issuing its first award in 2012, the SEC has awarded more than $266 million to 55 individuals under the whistleblower program. In that time, almost $1.5 billion in monetary sanctions have been ordered against wrongdoers based on actionable information received from whistleblowers, including more than $740 million in disgorgement of ill-gotten gains and interest, the majority of which has been or is scheduled to be returned to harmed investors.

For more details on the program, please visit the SEC’s Whistleblower Program.

Dalia Blass, who last September was named the SEC’s head of investment management (David Blass, her husband, spoke at CSI NY last year about some of the industry developments), addressed the Standards of Conduct for Investment Professionals in NY this month.

The commission on April 18th published “regulation best interest” – proposing enhancements to the standards of conduct for B/Ds, and clarified views on fiduciary duties of financial advisors.

SEC Chair Clayton last week also testified that the best interest proposals are a priority for FY2019. Both said the commission’s efforts are the result of over two decades of thinking and experience, as part of his $1. 7b budget request. A modest increase is earmarked to fill 100 vacancies post hiring freeze.

Blass divided the three areas of the proposals as follows:

1. Clarity for retail investors about investment professionals (what kind of person is advising them, e. G. RIA, registered B/D, et al, and the use of “adviser” and “advisor”), including a “relationship summary”.

2. Enhanced standard of Conduct for B/Ds

3. Clarity around Standards of Conduct for I/As
The public comment period will remain open for 90 days following publication of the documents in the Federal Register.

For access to research, news, data and one of the largest global compliance, data, technology and information networks, please visit the Compliance Strategy Institute.

Russian hackers in late 2014 stole Yahoo’s “crown jewels”, hundreds of millions of usernames, emails, phone numbers, birthdays, passwords, and security questions. Last week, the company in its entirety agreed to pay $35 million in SEC fines for failing to disclose the breach for over two years, filing quarterly and annual reports with the commission without mentioning the data breaches.

Verizon acquired Yahoo in June 2017 and since renamed the firm Altaba Inc.

For more information, including SEC statements and comments on the case, click here.

For access to research, data and one of the largest global compliance, risk, technology and data networks, visit the Compliance Strategy Institute.

Over $4 billion set aside for the fake account and MBS issues post-crisis, another billion today in fines for issues around mortgages, loans and risk compliance, and the Fed putting a limit on growth with a balance sheet cap.

Aside from the impact on the stock price, many in the industry now publicly wonder whether WF has been punished too harshly, and, by extension, the shareholders.

And results, while lower than competitors, have not been bad:

Preliminary net income of $5.9 billion, compared with $5.6 billion in first quarter 2017
Diluted earnings per share (EPS) of $1.12, compared with $1.03
Revenue of $21.9 billion, down from $22.3 billion
Net interest income of $12.2 billion, down $86 million, or 1%
Noninterest income of $9.7 billion, down $235 million, or 2%
Average deposits of $1.3 trillion, down $2.0 billion
Average loans of $951.0 billion, down $12.6 billion, or 1 percent
Return on assets (ROA) of 1.26 percent, return on equity (ROE) of 12.37 percent, and return on average tangible common equity (ROTCE) of 14.75 percent1

Wells Fargo last month hired C. Allen Parker as new general counsel.

Wells Fargo will hold its 2018 shareholder meeting on April 24, listen to it live here. The company presentation will be available as well following the event.

For ongoing analysis, news, research and networking, please visit: http://www.thecompliancestrategyinstitute.com