Press Release & Media

Practical Compliance Considerations for Cross Border Marketing

NSCP Currents, National Society of Compliance Professionals ("NSCP")

01/06/2018

Wrangling in a firm’s marketing team can be quite a challenge for even the most seasoned compliance professionals. When marketing goes global, so does a firm’s risk exposure which could subject it to increased scrutiny by regulators. While the asset management industry may be globalizing, regulation is still very local in that each jurisdiction— whether it be a union of members like the European Union, a sovereign nation state like Canada, or individual states and territories like the United States—takes a different approach on how to govern their market to protect their local participants. This multi-jurisdictional approach requires firms to understand and comply with applicable local and foreign regulations from both a marketing and investment perspective. This article focuses on the cross border marketing aspect of asset management.

Globalization of the Asset Management Industry

As advisers and funds seek opportunities to further diversify their client base and portfolios it is increasingly clear that investing in global markets can provide sustainable, continued growth that adds to long term performance and access to a better investment pipeline1 . Given this, globalization should be carefully considered in the context of strategic business planning as the plethora of opportunities can be accompanied by significant risks. For example, firms should weigh the potential opportunities in a region as compared to the cost of meeting compliance obligations. There are times when registration or legal expenses may exceed fee revenue, so it is important to understand the potential market opportunity before proceeding.

Extraterritorial Approach to Jurisdiction

Unfortunately, physical presence no longer dictates whether foreign law applies to asset management activities. As countries across the globe strive to protect the financial health of their resident investors, regulators are asserting their jurisdiction over asset managers regardless of whether they have a physical place of business within that jurisdiction. The United States is prime example. The U.S. Securities and Exchange Commission (SEC) takes an expansive approach to jurisdiction and its laws are often triggered merely by using or effecting interstate commerce. This formulation has the effect of regulating a large number of individuals and entities, both situated in the country as well as those located abroad, forcing firms to find an exclusion or exemption if they want to escape the regulatory burden. Regulation can be costly. However, violations can lead to steep monetary fines and financial industry bars. Indeed, if a regulator believes the conduct warrants it, violators can also be prosecuted and jailed.

Types and Triggers of Foreign Securities Regulatory Requirements

Asset managers looking to take their business global must consider multiple types of foreign securities regulatory requirements that might apply to their operations and whether the conduct of their proposed business operations will in fact trigger those requirements.

  • Securities Professional Licensing and Registration Requirements

Asset managers should be aware of the licensing and registration requirements in the jurisdictions that they operate in. These registration requirements are often triggered once there is solicitation of services to local residents, regardless of whether the professionals maintain a place of business within the jurisdiction. Many regulators require professionals to pass competency exams (such as the FINRA Series exams in the United States or the Canadian Securities Course in Canada) prior to approving licenses.

Each jurisdiction has its own nomenclature (investment adviser, portfolio manager, exempt market dealer, etc.) and definitions for regulated activity so firms must analyze the requirements of each jurisdiction based on the facts and circumstances of their proposed activity. Some regulators, like the U.K.’s Financial Conduct Authority (FCA), offer different types of authorizations depending on whether the firm offers full or limited regulated products and services. Often jurisdictions will have de minimis exemptions for limited activity. For example, the SEC provides an exemption from investment adviser registration for certain advisers with no place of business in the United States if the adviser, among other conditions, has, in total, fewer than 15 clients (or private fund investors) in the United States and aggregate assets under management attributable to clients (and investors) in the United States of less than $25,000,000.

  • Securities Offering Registration Requirements

Asset managers who sponsor pooled investment vehicles, whether public or private funds, must analyze under what conditions and restrictions, including registration, will the offering of such funds be permitted in each jurisdiction where the offering will be conducted. In fact, cross-border offerings often involve compliance requirements in multiple jurisdictions. An asset manager sponsoring a U.S. domiciled private investment fund that offers to U.S. and European investors will need to comply with the offering registration or applicable private placement requirements in (i) each State of the U.S. where a solicitation is made (often referred to as “Blue Sky” requirements); (ii) the U.S. Securities Act of 1933, as amended (with Regulation D’s safe harbor provisions for private offerings being the most frequently relied upon); (iii) the Alternative Investment Fund Manager Directive (AIFMD); and (iv) if applicable, the national private placement regime of the European state in which a solicitation is made. Each jurisdiction may require an application for registration of the offering or for an exemption, public disclosure of material information regarding the offering as well as restrictions on the types of eligible investors and ongoing reporting requirements. Some jurisdictions are easier than others. For example, in the United States, a private fund sponsor can rely on Regulation D if it files a notice of such reliance on Form D with the SEC and with each state securities regulator and limits its offering to only those investors who qualify as “accredited investors” as defined under the U.S. Securities Act of 1933, as amended.3 Other jurisdictions, such as France, are much more challenging. In addition to the numerous notification, transparency, authorization and depositary requirements, there must be a cooperation agreement in place between the fund sponsor’s regulator and France’s regulator, the Autorite Des Marches Financiers (AFM). In fact, France’s conditions for a third-party open-ended fund are so draconian, that at this point in time it is virtually impossible for a non-E.U. fund sponsor to obtain private placement authorization from AFM.

  • Advisory Client Fund Investor Qualifications

Licensing and registration requirements in certain jurisdictions turn on the type of advisory clients the firm services. Many jurisdictions, such as Israel, may provide exemptions for asset managers servicing only financially experienced clients who do not require regulatory protection (subject to certain anti-fraud and additional conditions). As discussed above, many jurisdictions also provide registration exemptions for investment fund securities offerings made only to financially experienced investors. Similar to the “accredited investor” requirements of Regulation D discussed above for U.S. private placements, these eligibility requirements often qualify investors based on their assets, income, or investment sophistication. Depending on the jurisdiction, the following facts and circumstances might apply with respect to these exemptions:

    • Where the client/investor is an entity, rather than a natural person, is the client/investor is an institutional investor? If not, will it be considered “sophisticated” or “knowledgeable” and less in need of protecting by regulations?
    • If the client/investor is a natural person, what is the income level? How much do they have under investment generally and specifically with the asset manager?
  • Disclosure and Ongoing Reporting Requirements

Investment advisers and fund sponsors may have a duty to disclose certain information, such as conflicts of interest, fees and disciplinary history, to investors in different jurisdictions. For those jurisdictions that require registration, required disclosures are often made by publically filing an application for registration. For U.S. registered investment adviser, Form ADV (Uniform Application for Investment Adviser Registration) requires registrants to either use Form ADV or some other means to make full disclosure to clients of all material facts relating to the advisory relationship, which at a minimum must include full disclosure of all material conflicts of interest between the registrant and its clients that could affect the advisory relationship. Asset managers who are investment fund sponsors may need to ensure they are complying with applicable regulatory reporting requirements regarding the funds they sponsor, such as the AIFMD transparency information required by private fund operating in Europe.

  • Custodian/Depositary Requirements

The SEC (and some state regulators) required investment advisers with access to client funds and securities to safeguard client assets by maintaining them with a “qualified custodian” (e.g., certain regulated banks and broker-dealers).4 Certain jurisdictions, such as Denmark and Germany, require alternative investment fund sponsors to appoint a third party depositary (e.g., certain credit institutions and similar entities). Generally, depositaries monitor compliance and cash flows, manage day-to-day fund administration, safe-keep assets (either by custody or recordkeeping) and calculate net asset value of the investment funds.

Additional Foreign Regulatory Requirements

Beyond local securities laws, asset managers looking to take their business global must consider additional foreign regulatory requirements that might apply to their operations. Of course, everyone thinks about tax regulation when entering a foreign jurisdiction, but what about anti-money laundering, anti-bribery and privacy considerations?

  • Anti-Money Laundering

    Money laundering, by its nature, is an international crime, requiring international laws and cooperation. Over 170 countries have some type of anti-money laundering legislation in force, although they vary significantly depending on the locale. The Financial Action Task Force, (FATF), established by the G-7 summit in 1987 is an inter-governmental organization with members comprised of 35 countries (including the United States) and two regional organizations. The main focus of the group is to encourage jurisdictions to implement anti-money laundering regulations. In the United States, banks and broker-dealers are subject to The Bank Secrecy Act and The USA PATRIOT Act, which require those financial institutions to establish anti-money laundering programs (AML) and customer identification programs as well as to monitor for, and report, suspicious activity (so-called SAR reporting). In addition, recent changes to the FinCEN’s Customer Due Diligence Rule requires those financial institutions to also incorporate procedures to maintain and update customer information on a risk basis. However, investment advisers in the United States are not yet required to implement those programs, despite FinCEN’s multiple attempts (with three proposals of such a rule withdrawn and another proposed in 2015, with comments extended in 2017), we still do not have a final rule applicable to investment advisers. Other jurisdictions, such as the U.K., do require investment advisers to comply with anti-money laundering requirements. The U.K. passed the Money Laundering 2017 bill last year, which replaced and updated the country’s existing regulations. However, the application of those requirements only apply when the adviser has a place of business in the country. These new regulations apply to “relevant persons” undertaking certain financial activities, including investment managers and stockbrokers. Regulated entities are required to apply risk-based customer due diligence measures and policies and procedures to minimize their money-laundering risk. If a firm is covered, its subsidiaries will also need to comport with the regulations, no matter where they are located. Different requirements will apply, however, depending on whether the subsidiary is located in Europe or another country. Even where investment advisers are not directly subject to AML regulation, those that manage offshore private investment funds often need to implement policies and procedures to satisfy the compliance requirements of those offshore jurisdictions. For example, the Cayman Islands’ expanded anti-money laundering regulations came into force at last October.5 Among other changes, the regulations will now apply to investment entities, starting on May 31, 2018. The regulations will require private fund managers—including U.S. managers/ sponsors of Cayman investment funds—to develop and maintain systems and programs to take a risk-based approach to understand, monitor, and mitigate any money laundering risks. When assessing whether they are at high or low risk, firms will need to take a look at their customers, the countries they deal with, and the product, service, transaction, and delivery channels that are used. After making this assessment, the firm will then need to take steps to decide what their risk tolerance is, implement appropriate policies, procedures, and controls to manage and mitigate its risks, and put further systems in place to monitor the risks that were identified and asses how they change or evolve over time.6 Changes in Cayman legislation will now require Cayman domiciled entities to appoint named individuals to fulfill the roles of Anti-Money Laundering Compliance Officer, Anti-Money Laundering Reporting Officer, and Deputy Anti-Money Laundering Reporting Officer. Compliance with this new rule is required by 30 September 2018.
  • Anti-Bribery

    Asset managers also need to consider the various anti-corruption laws found in many jurisdictions. More and more countries are implementing or refining their own anti-corruption laws. For example, in 2017, the Australian government introduced a new law that would add the offense of “failure to prevent bribery of foreign officials” which would require companies to show they implemented adequate procedures to prevent bribery. Such an offense is already in force in the U.K. France also recently updated its previous anti-corruption regime with the implementation of what is known as “Sapin II,” which added a new offense for bribery of a foreign official, bringing it into line with other jurisdictions. Even if the country where you operate doesn’t have its own law, the U.S.’s Foreign Corrupt Practices Act (FCPA) and the U.K.’s Bribery Act 2010 could still apply. The FCPA generally prohibits U.S. companies and citizens, foreign companies listed on a U.S. stock exchange, or any person acting while in the United States, from corruptly paying or offering to pay, directly or indirectly, money or anything of value to a foreign official to obtain or retain business.7 The U.K.’s Bribery Act, while not as far reaching as the FCPA, still extends jurisdiction to both offenses committed within the U.K. as well as those committed elsewhere that retain a “close connection” to the country. Investment advisers and other financial firms are facing increasing FCPA-scrutiny. SEC-regulated firms are especially susceptible as the SEC has an easy means of reviewing their books and records during OCIE exams. In May 2013, the DOJ filed a case involving a broker-dealer that sprung out of an OCIE exam. Three employees of the New York based broker-dealer Directed Access Partners eventually pleaded guilty to two counts of conspiring to violate the FCPA related to their efforts to bribe foreign officials from two Venezuelan state economic development banks to direct trading business to them.8 The investigation appeared to have its origins in the SEC’s 2010-2011 examination of the broker-dealer. Investment advisers are particularly susceptible to possible FCPA violations when dealing with sovereign wealth funds. For example, in September 2016, Och-Ziff Capital Management Group LLC became the first hedge fund to be charged with FCPA violations. The fund and its subsidiary, OZ Africa Management GP LLC, agreed to pay the DOJ and SEC a combined $412 million to settle alleged civil and criminal violations of the FCPA’s antibribery, books and records, and internal controls provisions.9 The improper conduct first came to the attention of the SEC while it was proactively scrutinizing the way that financial services firms obtained investments from sovereign wealth funds overseas. Further investigation found that the fund used intermediaries, agents, and business partners to bribe government officials in Africa, which were used to obtain investments from the Libyan Investment Authority sovereign wealth found as well as to secure mining rights in Libya and other countries.10 Och-Ziff is not the only fund manager facing scrutiny over its Libyan business. In November 2017, Société Générale announced it was under investigation for possible bribery offenses related to certain transactions with the Libyan Investment Authority,11 and on May 30, 2018, Legg Mason announced that it was reserving $67 million to settle alleged FCPA violations by its former London-based subsidiary hedge fund, Permal Group, in connection with Permal’s management of assets of Libyan governmental entities between 2005 and 2007

Another area in which firms could find themselves liable under the FCPA is through acquisitions or participation in joint ventures with companies that operate in foreign markets. According to the DOJ and SEC, when a company acquires another, no matter the form of the acquisition, the successor company assumes the predecessor’s liabilities, including any pre-acquisition FCPA violations.13 In this context, it is especially important that acquiring companies undertake meaningful pre and post-acquisition FCPA due diligence, identify any possible violations, discloses them to the DOJ and/or SEC, cooperates in any federal investigations, and immediately applies a rigorous compliance and anti-corruption program going forward.

  • Privacy

    Asset managers will also need to consider privacy laws in different jurisdictions, notably Europe’s new General Data Protection Regulation (EU) 2016/679 (GDPR). The new law came into force May 2018, and firms of all shapes and size who have any European clients or deal with European citizens’ data are scrambling to comply. Similarly, advisers who collect, record, or store information of European residents during the provision of services to them will have to comply, regardless of where they are located. Among other things, compliance will include drafting a policy, providing notice to clients, and updating documents. Advisers may also need to think about the third-parties they use and how personal information is shared. Firms that don’t take steps to comply could face steep penalties. Authorities can impose fines of up to 20 million Euros or 4% of worldwide turnover in the preceding financial year for non-compliance with key provisions.

Suggested Steps for Compliance Personnel when Marketing in a New Jurisdiction

If your firm is considering expanding its business operations into a foreign jurisdiction, here are some suggested steps to help you navigate foreign regulatory requirements and communicate these requirements to your marketing team.

  • Engage counsel

    It is extremely beneficial to have the insight and guidance of local counsel when operating in unfamiliar jurisdictions. Violating local securities laws can result in serious consequences for the firm, such as a complete ban from conducting business in that country, or even personal liability for individual violators. Local counsel can guide you on how to operate in the country and provide key insight on local best practices and regulatory expectations. It is highly recommended to engage local counsel when you plan to establish a local presence (i.e. where you intend to open an office or have permanent employees based) in a foreign jurisdiction. It is also important to understand the securities regulations for those jurisdictions where you intend to conduct marketing activities and not establish a local presence. If your firm has decided to target a jurisdiction for marketing purposes only, then there are regtech tools that can provide guidance on the local marketing requirements. There is free guidance available online, but there are also subscription tools such as Aosphere15 or Sales Road Maps Online16, that provide instant, up to date guidance. One of the benefits to utilizing these services is that they often include the name of the local counsel used to generate the summary, so you have the contact information for a local reputable firm should there be additional questions.
  • Use Disclaimers and Disclosures

    Some countries have specific disclaimers or disclosures that must be included in marketing materials or constituent documents. For example, materials distributed in Canada and Switzerland require specific disclosures for their investors. A convenient way to address these requirements is to either include all of the jurisdictional requirements in a standard disclaimer at the end of offering and marketing materials, or include jurisdiction specific requirements as a wrapper to the appropriate offering document. While these disclaimers/ disclosures may not completely alleviate you from liability, they will show good faith in your dealings with that particular jurisdiction. Ultimately no disclosure or disclaimer will absolve you from liability should you not have the appropriate authorizations to conduct business in the relevant jurisdiction.
  • Communicate With Your Team

    Once the guidelines of the local jurisdiction are understood, the compliance team will typically communicate to the marketing or business development team the firm’s approach to interpreting local guidance. It is helpful to condense the guidance to a one to three page summary that can be used as a reference sheet for those that are marketing in the local market. It is also important to have those operating in the local jurisdiction acknowledge that they have read and understand the guidelines and will consult Compliance should they have any questions. (Please See Exhibit A as an example.) The acknowledgement helps with accountability and also provides evidence that they were aware of the firm’s policies should there be consequences for breaching the guidelines. Updates to marketing guidelines should also be communicated and employees should reacknowledge that they have reviewed the updated guidelines. If there are no updates in a year, then it is helpful to have the guidelines reviewed annually to make sure everyone stays abreast of the rules and acknowledge that they understand and agree to comply. You can also incorporate this into your annual employee’s attestation process for other policies and procedures, code of ethics disclosures, etc. There may be instances where you have a rogue marketer visit jurisdictions that are not permitted or instances where they have violated the guidelines that have been set forth. It is important to escalate these breaches in accordance with your firm’s policy to ensure these matters are handled appropriately. Rogue marketers can cause reputational harm to the firm, including sanctions or a ban from the market by the local securities regulator. This could require disclosure to existing investors who inquire whether the firm has received any adverse action by any regulator, or disclosure to potential investors who inquire about adverse actions during the initial due diligence process.

The goal of this paper is to provide an overview of the compliance considerations that should be contemplated as your firm determines whether or not it should operate in global financial markets. As reiterated throughout the piece, it is important to approach the topic from a practical standpoint while considering the regulations of your home jurisdiction as well as the jurisdiction where you to plan to operate.