Sidley Partners Nathan J. Greene and Colleen Theresa Brown are co-authors of a new chapter of the PLI treatise Investment Adviser Regulation: A Step-by-Step Guide to Compliance and the Law focusing on legal and compliance considerations for use of Big Data. The chapter examines the expanding range of topics facing investment management lawyers and compliance professionals, as well as the attendant legal and operational risks. The chapter includes an introduction to the concepts of data, alternative data, big data and artificial intelligence; examples of an organization’s data users, likely sources of data, and organizational controls for data collection and processing; and a review of the ways different types of data are regulated.
Sidley’s newest partner, Sujit Raman, former U.S. Associate Deputy Attorney General at the Department of Justice (DOJ), was among three panelists on the TRM Talks inaugural podcast, titled “Unpacking DOJ’s Crypto Enforcement Framework.” The panel discussed the DOJ’s recently-published Cryptocurrency Enforcement Framework on legitimate uses of cryptocurrencies, the inherent risks and challenges, and the federal government’s enforcement strategies in this space.
Recent changes to Chinese law have broad implications on cross-border data transfer in the course of investigations conducted by non-Chinese regulators. Clients work closely with counsel to navigate potential legal landmines in any defense of an investigation involving data from China.
Just over six months ago, on March 24, 2020, the People’s Republic of China’s (PRC) revised Securities Law (revised on December 28, 2019) (中华⼈民共和国证券法（2019年修订) went into effect. While the revised Securities Law affects many aspects of China’s securities law framework (including the registration of new securities for initial public offerings, disclosure requirements, and investor protection rules), a new “blocking” provision is particularly notable. Specifically, Article 177 of the revised Securities Law prohibits non-Chinese securities regulators from conducting investigations within China and prevents Chinese individuals and entities from providing information to such regulators without first receiving approval from the China Securities Regulatory Commission and/or other competent departments under the State Council.
After three years of discussions and in a final debate, the Swiss parliament has agreed on the final draft bill of a new and modernized data protection law.
In particular, the National Council and the Council of States found a compromise on the these outstanding issues: (more…)
The U.S. Office of the Comptroller of the Currency (OCC) has issued an Advance Notice of Proposed Rulemaking (ANPR)1 seeking input on how best to accommodate new technology and innovation in the business of banking, in connection with the OCC’s “comprehensive review” of its regulations at 12 C.F.R. part 7, subpart E (national banks), and part 155 (federal savings associations) (collectively, Rules). The ANPR offers industry participants an opportunity to shape future guidance and remove regulatory burdens to offering innovative new products, partnering with technology companies and enhancing operations through deployment of new technologies. The ANPR follows on the heels of regulators’ other efforts to address technological developments,2 with the caveat that the OCC is not seeking comment on authority to issue special purpose national bank charters.
On May 18, 2020, the Financial Crimes Enforcement Network (FinCEN), as part of its COVID-19-related response, issued a Notice Related to the Coronavirus Disease 2019 (COVID-19) reminding financial institutions of certain Bank Secrecy Act (BSA) obligations and pertinent information regarding reporting COVID-19-related criminal and suspicious activity (the Notice). Contemporaneously, FinCEN issued an Advisory on Medical Scams Related to the Coronavirus Disease 2019 (COVID-19) (the Advisory).
In light of the Notice and Advisory, firms should (a) continue to comply with their BSA obligations; (b) include COVID-19 detail only when that detail relates to the reported suspicious activity; (c) review policies and procedures to notify and to provide COVID-19 information to government agencies, including verification of the requesting agency; (d) review the Advisory red flags related to medical scams; and (e) consider revising policies and procedures as appropriate.
COVID-19-related frauds are a special emphasis for law enforcement and regulatory agencies, so failing to detect and report those issues could be viewed as a significant flaw in a firm’s anti-money laundering (AML) program.
The U.S. Departments of State, the Treasury and Homeland Security and the Federal Bureau of Investigation issued a joint advisory (the Advisory) on April 15, 2020, discussing the threat to the international community posed by cyberattacks linked to the Democratic People’s Republic of Korea (North Korea), in particular highlighting concerns for the financial services sector. North Korea has been subjected to comprehensive international sanctions implemented to pressure its government to denuclearize. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has implemented additional unilateral sanctions in response to other North Korean activities, including cyberattacks, human rights violations and money laundering. In addition to broad prohibitions on trade with North Korea, U.S. sanctions bar domestic financial institutions from conducting or facilitating any significant transaction in connection with trade with North Korea or on behalf of any person whose property has been blocked under executive orders imposing sanctions on North Korea. Foreign financial institutions risk secondary sanctions for engaging in the same. (more…)
On March 5, 2020, the Office of the Comptroller of the Currency (OCC) issued an updated set of answers to frequently asked questions (FAQs)1 regarding risk management in national bank relationships with third parties to further supplement its 2013 guidance, OCC Bulletin 2013-29 (the Bulletin),2 and its 2017 FAQs (Prior FAQs) on the topic.3 Twelve of the 27 FAQs are new and elaborate on a wide range of topics, including the broad intended scope of third-party risk management obligations, obligations of banks where negotiating power or access to information is limited, oversight of cloud computing providers and data aggregators and use of third parties in model development or delivery of alternative data for credit underwriting.
The U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year.1 In general, the 2020 Examination Priorities continue recurring themes from recent prior years.
OCIE’s 2020 Examination Priorities for broker-dealers and investment advisers include the protection of retail investors (including compliance with new standard of care requirements and interpretations), cyber and information security risks, anti-money laundering compliance, firms engaging in the digital asset space and the provision of electronic investment advice.
FINRA’s 2020 Examination Priorities for member firms include those generally identified by OCIE for registered broker-dealers, as well as cash management and bank sweep programs, initial public offerings, liquidity management, trading authorizations and order routing and vendor display rule requirements, among others.
This Sidley Update summarizes selected aspects of the Examination Priorities that may be of particular interest to broker-dealers and investment advisers. As always, firms should use the 2020 Examination Priorities to review their compliance and supervisory procedures carefully and make any necessary revisions. Firms also should be prepared to explain their compliance and supervisory policies in these areas in their upcoming SEC and/or FINRA examinations, as applicable, and provide documentation of relevant reviews.