Insights

10 June 2024

Is it time for a CCO liability framework?

Who would be a Chief Compliance Officer? It’s not enough to keep their firms straight and narrow—they’ve got to manage their liability risks, too. But does it need to stay this way?

Talk of a liability framework for compliance leaders is a well-trodden path, but what is standing in the way of making it a reality? And is it time for the SEC to walk its talk?

The Human Face of Compliance Challenges

CCOs find themselves in a precarious position where their liability can be invoked for various compliance failures within their organizations. This liability can arise from several specific scenarios, each underscoring the weighty responsibilities and risks associated with the CCO role.

High-profile cases have brought this to light. Jeffrey Kirkpatrick, who served as the CCO and principal at Hamilton Investment Counsel LLC, faced the wrath of the SEC for not fixing compliance issues within his firm. The SEC’s settlement order was blunt, explicitly pointing out Kirkpatrick’s authority as a principal to address the deficiencies despite having identified areas for improvement in the firm’s compliance program.

Failure to act in good faith is a primary trigger for CCO liability. As highlighted in the Kirkpatrick case, neglecting to identify and address compliance issues, despite having the authority to do so, can lead to severe consequences. The SEC’s emphasis on Kirkpatrick’s knowledge of the inadequacies and failure to take appropriate action despite multiple opportunities underscores the expectation of proactive compliance management.

Direct involvement in or facilitation of fraudulent activities or serious violations can also result in CCO liability. Take the curious case of Dean Vagnozzi from Par Funding. The SEC’s charges against him for misleading investors about the safety and use of their funds in significant unregistered securities show the grave consequences of active participation in or failure to prevent fraudulent activities.

Inadequacies in the Current System

The current approach to CCO liability is plagued by inconsistency and a need for clear guidelines. Without a standardized framework, CCOs can navigate a maze of regulatory expectations. This unpredictability fosters a climate of fear and uncertainty, deterring qualified professionals from assuming CCO roles.

SEC Commissioner Hester Peirce has raised concerns about this. She says ambiguity undermines compliance programs’ effectiveness and places undue stress on CCOs. She holds that the compliance obligation belongs to the firm, not solely to the CCO, highlighting the need for a more balanced approach.

Proposals from organizations like the National Society of Compliance Professionals (NSCP) and the New York City Bar Association offer potential solutions. The NSCP’s framework, updated in 2023, emphasizes compliance as a firm responsibility and suggests that CCOs should not be charged for rule violations if they acted reasonably and in good faith. The framework’s adoption by many firms and CCOs underscores its relevance in assessing compliance functions.

The New York City Bar Association’s framework proposes evaluating factors such as the CCO’s good faith effort to fulfil responsibilities and the centrality of the compliance failure to the firm’s compliance program. This approach acknowledges the complexities of the CCO role and aims to create a more equitable system.

CCO Liability in the Global Context

The issue of CCO liability extends beyond the United States, with various jurisdictions grappling with similar challenges. In the United Kingdom, the Corporate Criminal Offence (CCO) legislation imposes significant liabilities on companies and partnerships for failing to prevent the facilitation of tax evasion. The only defense against this charge is having ‘reasonable prevention procedures’ in place, emphasizing the importance of thorough risk assessments and robust controls.

Directives and regulations in the European Union, such as the General Data Protection Regulation (GDPR) and the Anti-Money Laundering Directive (AMLD), impose significant responsibilities on CCOs. The EU’s approach ensures CCOs have adequate resources and support to implement effective compliance programs, with regular audits and assessments to mitigate risks.

Australia’s approach, governed by corporate governance and financial regulations, holds CCOs accountable for ensuring compliance with financial services laws. The Australian Securities and Investments Commission (ASIC) emphasizes the need for CCOs to thoroughly understand their firm’s compliance obligations and ensure appropriate measures are in place to manage risks effectively.

Expert Opinions and the Call for a Consistent Framework

Experts are divided on the best approach to establishing a consistent liability framework for CCOs. Some argue for stringent regulations to ensure accountability and protect investors, while others advocate for a balanced approach that recognizes the unique challenges CCOs face.

The call for a liability framework that clarifies and protects CCOs acting in good faith while maintaining rigorous compliance standards is gaining traction. SEC Commissioner Mark Uyeda’s support for clearly defining the circumstances under which a CCO will be held liable underscores the need for fair and predictable enforcement.

Charting the Path Forward

As the regulatory landscape changes, a consistent CCO liability framework becomes increasingly urgent. The ongoing discussions and proposals within the industry reflect a growing consensus that change is necessary.

The SEC’s adoption of a standardized approach, guided by the advocacy of Commissioners like Hester Peirce and Mark Uyeda, could provide much-needed clarity and support for compliance professionals. Striking a balance that upholds accountability without discouraging talented individuals from assuming CCO roles is crucial.

As the industry awaits the SEC’s next steps, the hope is that reforms will foster a more predictable and supportive environment for CCOs. The introduction of a consistent liability framework would not only alleviate the burdens faced by compliance professionals but also strengthen the overall effectiveness of compliance programs.

0
Search
Recent posts
LATEST INSIGHTS
2 August 2024
FDIC Proposes Sweeping Changes to Brokered Deposits Rules
The Federal Deposit Insurance Corporation (FDIC) has proposed a significant overhaul of its brokered deposits rules. This move, announced on July 30, 2024, could reshape the landscape for banks, neobanks, fintechs, and other financial industry players.
2 August 2024
Explaining the FCA's Public Offer Platform rules
The UK's Financial Conduct Authority (FCA) has released a consultation paper outlining proposed rules for the new public offer platform (POP) regime.
25 July 2024
What new ARGA legislation will mean for UK GRC
The King's Speech has unveiled plans for a Draft Audit Reform and Corporate Governance Bill, signalling significant changes in the UK's regulatory landscape. MBK Search has pulled out these crucial aspects that risk managers and compliance professionals need to understand:
24 July 2024
FTC sets its sights on surveillance pricing: Key points
The Federal Trade Commission (FTC) has launched a significant investigation into "surveillance pricing" practices, signalling a new frontier in consumer protection and data privacy. This will have implications for risk managers and compliance professionals across financial services. Here are five key aspects to consider:
css.php