May 22, 2003
Jonathan G. Katz, Secretary
Re: File No. S7-03-03
Dear Mr. Katz:
This letter is submitted on behalf of the Committee on Federal Regulation of Securities of the American Bar Association's Section of Business Law (the "Committee")( in response to a request for comment by the Securities and Exchange Commission ("Commission") on proposed new rules, Rule 38a-1 under the Investment Company Act of 1940, as amended ("1940 Act") ("Proposed Rule 38a-1") and Rule 206(4)-7 under the Investment Advisers Act of 1940, as amended (the "Advisers Act") ("Proposed Rule 206(4)-7") (collectively, the "Proposal"). Proposed Rule 38a-1 and Proposed Rule 206(4)-7 generally would require each investment company and investment adviser registered with the Commission to adopt policies and procedures reasonably designed to prevent violation of the federal securities laws, review those policies and procedures annually for their adequacy and the effectiveness of their implementation, and designate a chief compliance officer to be responsible for administering the policies and procedures.
The comments expressed in this letter represent the views of the Committee only and have not been approved by the American Bar Association's (the "ABA") House of Delegates or Board of Governors and therefore do not represent the official position of the ABA. In addition, this letter does not represent the official position of the ABA Section of Business Law, nor does it necessarily reflect the views of all members of the Committee.
A. Proposed New Rule 38a-1 and Requests for Comment
If adopted, Proposed Rule 38a-1 would require registered investment companies to adopt and implement written policies and procedures designed to centralize the compliance function. The fund's board, including a majority of the directors who are not "interested persons" of the fund, must approve the policies and procedures, and review them annually for implementation and effectiveness. A fund must also designate an individual compliance officer, subject to the board's approval, who would report to the board annually on violations and changes. The Proposing Release1 contains a non-exclusive list of topics that policies and procedures should cover.
Proposed Rule 206(4)-7 would require investment advisers to adopt and implement policies and procedures to prevent violations of the Advisers Act and rules thereunder, review those policies and procedures annually for adequacy and effectiveness, and designate a compliance officer.
We applaud the Commission's ongoing efforts to protect investors and investment company shareholders. Given the fast pace at which the Commission has adopted regulations implementing the Sarbanes-Oxley Act,2 we believe that the Proposal, which is not related to a particular statutory initiative, could benefit from a considered self-evaluation process, such as a Blue Ribbon panel and committee process that could study compliance alternatives and develop best practices for appropriate and workable compliance programs.
We understand that a centralized system of compliance protocols could clarify compliance responsibilities. We believe, however, that the Proposal may have the unintended effect of diverting the attention of fund boards from substantive oversight of governance matters to procedural processing of paperwork and dramatically increasing costs without substantially changing the result in many areas. To the extent that the Proposal involves extensive paperwork and review, the Proposal may draw board members too closely to the day-to-day management of the fund, which includes compliance activities.
Generally, we believe that the Commission should consider crafting any required compliance program along lines similar to the anti-money laundering regulations3 adopted pursuant to the USA PATRIOT Act,4 and we suggest that the Commission reconsider the Proposal in this light. Moreover, we believe that few funds or advisers would be able to designate a single person to manage all compliance functions. We suggest that the rules allow a compliance officer to delegate or share responsibilities with other appropriate individuals so that an entity is not required to find a single person with the capability to manager all compliance functions. Finally, we believe that the rules should allow registrants to evaluate compliance programs through self-testing based upon the particular unique factors of the registrant, and not upon a black line rule.
1. The Compliance Program.
We agree that the Commission's rules should encourage and assure compliance with applicable rules, and with respect to funds, we note that many Commission rules currently require board approval of significant policies. Indeed, it is common practice for advisers and funds to establish substantial compliance procedures and operate under unified structures, with reporting to a single division or individuals. In addition, advisers, funds and fund complexes commonly establish written policies and procedures covering the practices itemized in the Proposal. Creating a centralized volume of compliance policies and procedures is a good practice, and advisers, funds and fund complexes typically maintain compliance manuals.
We also agree with the Commission's suggestion that advisers and funds should review their practices periodically to assure that appropriate policies and procedures are in place. We note, in that connection, that the new inspection approach of the Commission's Office of Compliance Inspections and Examinations effectively reinforces the need for funds and advisers to establish and maintain adequate compliance policies and procedures. We believe that current applicable regulations already require many of these practices.
A. Board of Directors Oversight Role
We are concerned, however, that with respect to funds, requiring board involvement in the implementation and operation of those policies, as contemplated by the Proposal, will involve board members too deeply in the day-to-day management of funds, performing functions more suitable for compliance officers and inappropriate for the traditional oversight "watchdog" function.5 In the context of the board's traditional role, it would be more appropriate for boards to obtain from management assurances that management has established appropriate policies and procedures. Similarly, boards could ask management to report on the resolution of any violation. If required, boards may be involved in resolving compliance issues as they occur.
B. Extent of Oversight
We suggest that the Commission clarify the extent of board oversight of third-party service providers. We note that the Proposal suggests that the oversight role, if any, would be limited to "activities in connection with operations of the fund." The configuration of service provider models within the mutual fund industry in recent years has become more diverse and complex. Some mutual fund complexes have adopted a manager of managers structure, with multiple independent organizations serving the funds. Some funds use multiple transfer agents and record keepers, which may be affiliated persons or not, each with its own specialized internal compliance and control models. With the advent of "hub-and-spoke", classes of shares and "fund of fund" structures, the configuration of investment management and shareholder service models has continued to become more complex. The Proposal lists a series of activities for which policies and procedures would be required. We note, however, that the Proposal does not define the scope of these activities in any fund context, much less in the varied business models in place across the fund industry today. Without this guidance, boards may be unaware of the activities that would result in a violation, and the Proposal will have failed to take account of this diversity in business models by seeking to impose a "one size fits all" approach to these activities.
Requiring a fund to adopt policies and procedures to protect against violation of federal securities laws by third parties presents practical challenges. The service provider regulatory and operating environments may be different from those of the fund. Moreover, fund boards are not likely to be sufficiently informed about third party service provider practices and functions to be in a position to evaluate and approve compliance policies. We believe it would be more effective to require the third-party service providers to provide management or the board with assurances that they have established and maintain adequate policies and procedures, and annually report violations. We note that the Report on Processing of Transactions by Service Organizations under Statement of Auditing Standards No. 70 may be sufficient to demonstrate effective controls at the service provider level.
This type of procedure has been effective in the context of reviewing anti-money laundering procedures of service providers. In this respect, management is in the best position to oversee the relationships with service providers and secure the necessary certifications. Board oversight should be limited to receiving and reviewing reports and certifications no less frequently than annually.
2. The Compliance Officer
Advisers, funds and fund complexes generally have compliance officers, and large complexes often have compliance departments. Recent regulatory initiatives have required advisers and funds to designate specific compliance officers (e.g., anti-money laundering), and compliance officers oversee activities in specific areas (e.g., privacy compliance officers, Sarbanes-Oxley Act compliance officers).
A. Designating a Compliance Officer
We agree with the Commission's goal of clarifying compliance responsibilities by creating a single compliance reporting line. We suggest, however, that the Commission clarify the designated compliance officer's role. As a practical matter, not all registrants will be able to appoint a compliance officer who is knowledgeable about all federal securities laws. The mutual fund industry, involving both funds and advisers, has a wide array of investment management and customer service business models. Some funds are part of an investment company complex where the sponsoring organization provides all investment management, distribution, accounting, pricing and booking, administrative and transfer agency services through one or more affiliated entities. Even in this model, many critical functions, such as custody and subcustody service, are provided by independent organizations that maintain books and records associated with each entity's operations.
Only experienced practitioners in the administration, legal and compliance areas would begin to satisfy the general nature of that job description but the level of expertise and complexity of systems to create a good control environment would be beyond the ability of any single individual. The increasing responsibilities of compliance officers suggests that funds and advisers should be allowed to appoint multiple compliance officers. We recommend that the Commission consider revising the Proposal to permit multiple compliance officers and allow compliance officers to delegate duties to other principal personnel.
B. Burden on Small Funds and Small Advisers
We believe that the Proposal will impose a harsh burden on small issuers, at a cost that would not necessarily justify the marginal improvements in compliance. Small advisers, funds and fund complexes, which typically outsource many functions, generally do not maintain extensive compliance staff. Requiring small advisers, funds and fund complexes to hire new personnel at great cost will not further shareholder interests. We request that the Commission consider some threshold below which compliance with this aspect of the Proposal would not be required. If examiners note particular compliance deficiencies, the staff could impose increased compliance requirements on a case-by-case basis.
3. Annual Review
We believe that an annual board review requirement is unnecessarily burdensome. Absent changes in the regulatory environment, we believe that investment company counsel is in the best position to recommend changes to policies and procedures. To some extent, the benefit of an annual review process is already likely to arise from the recently adopted rules applicable to review of disclosure controls and procedures (to support certifications required by the Sarbanes-Oxley Act6), and thus, key elements of a fund's operational procedures are already subject to a more frequent than annual review.
We believe that it would be helpful for boards to receive an annual report (from management or third party service providers) concerning major compliance policies and procedures. Advisers and funds can test the effectiveness of their procedures when they review reports of violations and remedial measures. We suggest that the Commission provide more guidance if it expects annual reviews that go beyond the review requirements of Rule 17j-1 under the 1940 Act.
4. Compliance Reviews by Third Parties -- "Mini-Exams"
Many advisers and funds conduct internal or third-party mini-examinations, to identify systemic weaknesses or to improve compliance. We believe that the Commission should continue to encourage advisers and funds to conduct internal audits or similar reviews because they likely will lead to better compliance practices.
We do not believe, however, that mini-examinations, whether internal or by third parties, should be required. In many cases, management can more effectively and economically review compliance. In light of the recent statutory separation of the audit and non-audit services, we believe that accountants should not be encouraged to perform these mini-examinations for their audit clients. We are concerned that auditor compliance examinations could raise concerns about auditor independence. We note that such mini-examinations, if conducted by legal counsel, would continue to be protected by the attorney-client privilege.7
C. Additional Areas for Comment
1. Expanding the Scope of Audit
The Commission also sought comment on whether to expand the scope of the auditor's engagement to cover evaluation of investment company compliance programs. We believe the auditor's role should not be expanded to include mini-examinations. If the Commission is inclined to permit auditors to evaluate compliance systems, we suggest that the Commission provide additional guidance to ensure and preserve auditor independence. Changing auditors is an expensive procedure for all audit clients, and we suggest that the Commission provide specific guidance beyond that given in the auditor independence releases 8 to assist registrants in determining that the particular aspects of an auditor's review will not compromise auditor independence.
2. Imposing a Fidelity Bond Requirement on Advisers
We recommend that the Commission clarify the Proposal to exclude from the adviser's fidelity bond requirement fund assets which are covered under Rule 17g-1 of the 1940 Act.
* * *
We hope these comments are helpful to the Commission and its staff. Members of the Committee's Subcommittee on Investment Companies and Investment Advisers would be happy to respond to any questions.
Diane E. Ambler
cc: William H. Donaldson, Chairman