Mar. 28, 2024

Compliance Corner Q2‑2024: Regulatory Filings and Other Considerations Hedge Fund Managers Should Note in the Coming Quarter

This twenty-eighth installment of the Hedge Fund Law Report’s quarterly compliance update highlights key upcoming filing deadlines and reporting requirements fund managers should be aware of during the second quarter of 2024. This guest article by ACA Group consultants Valerie Speare, Grazia Gatti, Luis Garcia and Dan Campbell also discusses the latest amendments to Form PF, proposed anti-money laundering rulemaking and a recent enforcement action concerning Rule 105 of Regulation M under the Securities Exchange Act of 1934. For more from ACA Group, see “ACA Regulatory Outlook for 2024” (Mar. 14, 2024).

Common Law Fraud and SEC v. Jarkesy: The Key Issue Underlying the Questions Presented

In SEC v. Jarkesy, the U.S. Supreme Court (Court) is poised to determine the constitutionality of the SEC’s practice of enforcing the securities laws through administrative proceedings. How the Court will answer that question is unclear, but whatever the Court decides will have far-reaching implications. Beyond the obvious repercussions for SEC proceedings and the administrative state generally, the case also offers the Court a chance to weigh in on another significant question: What are the contours of common law fraud? This guest article by MoloLamken attorneys Eric R. Nitz and Kenneth E. Notter III discusses the proceedings before the Court, how the Court appears likely to rule and the implications the Court’s decision may have on SEC enforcement efforts – and fraud actions generally – against private fund managers. See “Agency Power and Adjudication: The Government Seeks Supreme Court Review of Jarkesy v. SEC” (Jun. 8, 2023).

Complying With the FTC’s Amended Safeguards Rule’s New Reporting Requirement

On October 27, 2023, the Federal Trade Commission (FTC) approved an amendment to the Standards for Safeguarding Customer Information, known as “the Safeguards Rule,” under the Gramm-Leach-Bliley Act. The amended Safeguards Rule (Final Rule) requires non-banking financial institutions “to report certain data breaches and other security events to the agency.” The FTC unanimously approved the update by a vote of 3‑0. “Companies that are trusted with sensitive financial information need to be transparent if that information has been compromised,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “The addition of this disclosure requirement to the Safeguards Rule should provide companies with additional incentive to safeguard consumers’ data.” This article analyzes the Final Rule and offers practical measures for non-bank financial institutions to take in response to the new reporting requirement, which takes effect on May 13, 2024. See “Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action” (Sep. 30, 2021).

CFTC Goes After CPO/CTA and Principal in Alleged Cherry Picking Scheme

The CFTC charged a commodity pool operator/commodity trading advisor and its founder and principal with engaging in a long-running cherry picking scheme. Simultaneously, it obtained an order imposing an asset freeze and expedited discovery. The agency claimed that, over nearly three years, the defendants repeatedly executed block futures trades that they closed out prior to the end of the trading day, allocating a disproportionate share of profitable trades to accounts in which they had an interest and a disproportionate share of losing, or less profitable, trades to customer accounts. They also allegedly made misrepresentations about their allocation practices and their funds’ investment focuses. This article details the CFTC’s allegations. See “CFTC Wins Seven‑Figure Verdict Against Introducing Broker and Associated Person Who Traded Against Customers” (Sep. 22, 2022); as well as our two-part review of CFTC activity: “Enforcement Actions” (Apr. 15, 2021); and “Regulatory Actions” (Apr. 29, 2021).

Recent Developments in Privacy, Cybersecurity and AI Regulation

The pace of legislation and regulation concerning privacy, cybersecurity and artificial intelligence (AI) has been relentless. A recent Ballard Spahr program offered a high-level view of regulatory developments in those areas, including amendments to the Safeguards Rule; the SEC’s cyber risk management and incident reporting regime; New York’s amended cybersecurity regulation; a proposed rule on personal financial data rights; and regulatory action on AI. The program featured Ballard Spahr partner Gregory P. Szewczyk and associate Sarah B. Dannecker. This article distills the key takeaways from the presentation. See “Checklist for Framing and Assessing Third-Party Privacy and Information Security Risk” (Sep. 28, 2023); and “Understanding and Mitigating Risks of Using ChatGPT and Other AI Systems” (Jul. 6, 2023).