Controlling regulatory and compliance risk - KPMG...Controlling regulatory and compliance risk KPMG’s Asset Management Regulatory Risk practice kpmg.com. A challenging regulatory

Controlling regulatory and compliance riskKPMG’s Asset Management Regulatory Risk practice

kpmg.com

A challenging regulatory climate for the asset management industryThe asset management industry has been resurgent and appears poised for continued future growth. That is the good news.

It is also facing a host of challenging issues, including global competition, fee pressures, a low growth environment, and the need to keep pace with technology innovation. And at or near the top of this list are rapidly changing regulatory requirements and ever-increasing scrutiny from regulators.

These regulatory challenges have often led to confusion, increased costs, and inefficiencies for asset managers. As a result, they often find themselves looking for answers to questions such as:

— Is our compliance program properly customized to address the unique risks and inherent conflicts presented by our business model?

— Have we inventoried and mapped all of the rules/regulations applicable to our business to our key business activities and controls to ensure compliance?

— Do we have a compliance monitoring and testing program in place that adequately measures our compliance program’s operating effectiveness? Can we demonstrate this to regulators?

— Is our regulatory reporting process adequate to keep up with the speed and volume of the new requirements?

KPMG can help These are difficult questions that require thoughtful, and sometimes complex, answers. Moreover, as rules and regulations—both domestic and international—change, so to do the answers.

And if you get them wrong, the consequences can be significant in terms of fines, penalties, reputational harm, and loss of client confidence and trust.

The foundation of KPMG LLP’s (KPMG) Asset Management Regulatory Risk practice is built upon the skill, experience, and commitment of our professionals, our technology and innovation capabilities, and our deep knowledge of the financial services industry. This powerful combination enables us to stay abreast of new and existing regulatory requirements, offer you insights on their potential impact to your business today and in the future, and provide you with customized approaches that meet your needs and the needs of your firm.

“One of KPMG’s biggest differentiators in the marketplace is the depth and scope of services we can offer to the asset management industry. We take a “One Firm” approach and provide customized advice and approaches to our clients.

“We can assemble teams with specialized skill sets, including former regulators, chief compliance officers, fair valuation professionals, technology specialists, risk management professionals, and process and control mapping specialists. They’ll work closely with you, get to understand you and your firm, and recommend custom-tailored plans to meet your needs. They don’t offer some cookie-cutter approach.

“And to round out our services, we have project management professionals who can help your teams implement and manage large-scale, enterprise-wide initiatives.”

— Mark McKeever, KPMG Director,

Advisory, Regulatory Risk

© 2017 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. NDPPS 638959

Our goal is to help our clients meet the challenges of today while preparing for the growth of tomorrow.

Experienced personnel, innovative thinking, technology innovationKPMG serves over 3,000 asset management entities in the United States, including 70 percent of the FORTUNE 1000 financial services firms.

As one of the leading service providers to the asset management industry, we have a competitive advantage.

Our audit, tax, and advisory services relationships with asset management firms—from global multiproduct firms to stand-alone asset managers—enables us to make our broad experience and competitive intelligence available to our clients.

Our professionals have in-depth knowledge of asset management products and product life cycles. This allows them to view your business holistically—including aspects of product manufacturing, sales and distribution, firm governance, and compliance.

This facilitates their understanding of your challenges and helps them develop actionable and relevant insights and methodologies tailored to your regulatory needs. Our professionals will also help to ensure that approaches are delivered from a practical business perspective.

What differentiates KPMGWhat really differentiates KPMG is the hands-on approach our teams deliver. Our experienced and talented professionals remain involved throughout an engagement. We focus on understanding your business, the regulatory challenges you face, the way you operate, and where you want to go in the future.

This philosophy helps us to offer customized guidance derived from the extensive collective experience of our team. We then can assist you in implementing our recommendations, helping to deliver tangible results to your firm.

Our business model—and the way our professionals execute it with honesty, integrity, and professionalism—is consistent with our goal of becoming the firm with whom you engage to handle your regulatory risk and compliance needs.

We have assembled an outstanding regulatory compliance team that is committed to helping our clients achieve their objectives, as demonstrated by our significant investments in:

— Building a cross-functional team with industry, consulting, and regulatory backgrounds

— Continuously recruiting top-line industry talent

— Developing compliance tools that help facilitate rule inventorying and internal control review.

© 2017 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. NDPPS 638959 3Controlling regulatory and compliance risk

Who we serveBelow is an overview of the types of clients we serve:

Asset ManagementPublic Investment Management Alternative Investments Wealth Management

— Mutual funds — Business development

companies — Investment advisers — Exchange-traded funds — Common and collective funds — Unit investment trusts — Public/private retirement plans — Retail or liquid alternatives

— Hedge funds

— Real estate funds

— Private equity funds

— Fund of funds

— Venture capital funds

— Infrastructure funds

— Credit/debit funds

— Commodity funds

— Hybrid products

— Public/private retirement plans

— Wrap-fee advisory programs

— Diversified global wealth managers

— Private banking

— Retail wealth management

— Family offices


1 KPMG Analytics, Morningstar, June 20152 Form ADV data via Audit Analytics, July 20153 Form ADV data via Audit Analytics, February 20164 Money market funds and private funds already have their own set of

liquidity maintenance and reporting/disclosure requirements.

Public investment management While regulatory reform has potential to reshape the way many industries conduct business, the public investment fund sector has experienced the greatest impact.

The U.S. Securities and Exchange Commission (SEC) passed a series of regulations for registered funds intended to curb risks arising from portfolio construction and fund and investment adviser operations. The new rules will significantly affect funds and their advisers across compliance, operations, and risk management functions, as they seek to:

— Modernize fund reporting and disclosure

— Provide greater transparency to investors

— Manage the risk of funds not being able to meet redemption requests

— Minimize the impact of purchase and redemption transactions

— Address risks related to derivatives.

Investment managers and fund sponsors may need to make fundamental changes to their business models and operating structures. This includes redesigning and implementing governance and risk management frameworks.

Moreover, all of this must be done against the backdrop of managing the rising costs of reform and its impact on growth, and coping with the ever-changing nature of a dynamic global marketplace.

New regulationsHere is a quick overview of some of the SEC rules and regulations that public investment funds will have to address:

Liquidity risk management program: All registered open-end funds and exchange-traded funds (except money market funds and UITs) must adopt liquidity risk management programs and related written policies

and procedures. Such programs include requirements to classify each fund’s investments into one of four categories—highly liquid, moderately liquid, less liquid, and illiquid—and review these classifications at least monthly. In addition, funds must establish a set minimum of investments that are convertible to cash within three business days at a price that would not significantly change the market value of the investment.

New reporting requirements: In connection with the liquidity risk management rules, funds will be required to file two new reports with the SEC. New Form N-PORT will require detailed liquidity information on a monthly basis, notably position-level liquidity classifications (that will not be made public) and aggregate liquidity information (that will be made public). New Form N-CEN will provide “census type” information annually.

In addition, funds will report privately to the SEC on Form N-LIQUID each time they breach their 15 percent illiquid investment threshold or for breaches of their highly liquid investment minimum that continue for more than seven consecutive days. Parallel reports must also go to the fund’s board of directors. Form N-CEN includes certain questions regarding the use lines of credit, interfund lending, interfund borrowing, and swing pricing—all of which the SEC views as relevant to a fund’s liquidity position.

Use of derivatives: There is an outstanding rule proposal where funds may face limits on the amount of leverage they can obtain through investments in derivatives. And depending on the extent of its derivatives usage, a fund may have to establish a formalized derivatives risk management program and maintain assets equal in value to its full exposure for the derivatives transactions.


Investment advisers

KPMG serves:

75% 9,000+More than

U.S. mutual funds 2

KPMG provides the following services to the top 50 investment advisers:3

Auditservices

Taxservices

Advisoryservices

of the top 50 U.S.stock-basedmutual fundfamilies. 1

18% 20% 38%

KPMG can help

Our Regulatory Risk and Compliance practice professionals can help you address these regulatory changes. They can provide you with actionable and relevant advice, while also offering valuable insight into how your progress and approach measure against your industry peers.

Our cross-functional capabilities enable us to deconstruct complex regulatory changes and then incorporate operations, risk management, governance, change management, IT, training, and other areas into helping you design and implement approaches to help you manage regulatory and compliance risks.



Areas receiving closer scrutiny by the SECRecent enforcement activity, combined with the knowledge gathered by KPMG’s regulatory risk teams, has revealed key areas CCOs should focus on, which include, but are not limited to:

— Fee and expense allocations

— Valuation

— Allocations of investment opportunities

— Cybersecurity.

Alternative investmentsPrior to the passage of the Dodd-Frank Act in 2010, the SEC had limited involvement in regulating the alternative investments industry. Very few private equity, hedge fund, or real estate advisers were registered with the SEC, and few of the SEC’s examiners had ever conducted a review of an alternative private fund. That was then, this is now.

Over the past six years, the SEC has greatly enhanced its knowledge of the alternative investments space through its Presence Exams initiative, hiring of experts from the industry, development of new tools and technologies, and a never-ending quest for more data. As a result, examinations of alternative investment managers have become more challenging and more focused.

The increased regulatory scrutiny is challenging chief compliance officers (CCOs) to build stronger compliance programs that can stand up to the more focused SEC exams and potential enforcement actions, which can lead to financial penalties, and worse, a possible loss of investor confidence. CCOs should carefully review their policies and procedures to ensure that they are designed to address the specific risks present in their businesses and are updated to reflect recent SEC guidance.

Insights from 2016 SEC enforcement activityThe SEC announced eight enforcement actions against private equity advisers in 2016. In seven of the eight actions, the SEC charged the adviser with failing to identify and manage the firm’s conflicts of interest.

What does this mean for private fund CCOs?

The SEC has put CCOs on notice that failure to identify and address the risks in your specific business may result in examination findings and/or enforcement actions. Relying on the compliance model of your peers is no longer adequate. CCOs must show they have analyzed the practices of their funds and worked to address conflicts of interest.

ProfessionalServices

Hedge funds

Of the top 100 U.S. real estate fund managers 8

Private equity

Real estate fund managers

KPMG provides professional services to

of the top 30 U.S.-based PE firms 7

KPMG provides the following services:

22% 16% 37% 51%

Audit

Advisory

Tax

KPMG:

26%

32%

Auditsand provides nonaudit services to

of the top 50 hedge funds 5

66%

56%Serves

of the top hedge fund of funds asset managers 6

5 “Barron’s Best Hedge Funds,” May 20156 Global Alternatives Survey, Towers Watson, July 20157 Private Equity International, PEI 300, May 20158 Prequin database, 2015


9 SEC Release 2015-202; Also see R.T. Jones investment firm settles SEC violations for $75K after data breach, The Washington Times, Sept. 23, 2015.

Fee and expense allocations: Although it was first highlighted in a 2014 speech by Andrew Bowden, former director of the SEC’s Office of Compliance and Examinations, advisers continue to be challenged with adequately disclosing and allocating fees and expenses to their private fund clients. The SEC has taken the position that many private fund advisers only broadly disclose expense arrangements in limited partnership agreements; in other cases, fee and expense disclosures were deemed incomplete or unclear.

The SEC has put the alternative industry on notice that the status quo on fee and expense disclosures, and certain types of arrangements previously considered “industry practice,” will receive intense scrutiny to ensure adequate transparency, disclosure, and fair and equitable treatment of all clients and investors.

Valuation: The policies and procedures that advisers use to value their investment holdings must address a variety of inherent conflicts of interest. While portfolio managers generally are most knowledgeable about the value of a holding, they also typically have a vested interest in the outcome.

For example, an adviser may face certain conflicts such as the desire to inflate valuations to boost performance during times of fund-raising activities or based on the impact valuations may have on the adviser’s fees. Therefore, advisers are challenged to create a balance in the valuation process that mitigates conflicts whenever possible.

Allocation of investment opportunities: Advisers managing multiple funds or clients have a responsibility to ensure that investment opportunities are allocated fairly among similarly situated client accounts. Favoring one client over another could result in a breach of an adviser’s fiduciary duty to its clients.

Therefore, advisers should have comprehensive policies, procedures, and controls in place to manage the investment allocation process.

Cybersecurity: Investment advisers face cyber risks from both internal and external sources, including employees, third parties, and other players who are completely outside

of their organizations but intent on stealing information or otherwise doing harm.

Regulators are focused on ensuring that private fund advisers are developing strong controls over their data and systems. For example, in late 2015, the SEC fined an investment adviser with failing to adopt appropriate cybersecurity policies and procedures, failing to conduct periodic risk assessments, and failing to implement a firewall or maintain a response plan for cyber incidents.9

CCOs should work closely with their technology partners to ensure that the firm has developed controls to address key areas including:

— Intellectual property

— Enterprise risk management initiatives/systems

— Business continuity management

— E-mail and computer systems

— Cybersecurity

— Compliance.

KPMG can helpThis is where we come in. We work with clients to perform a holistic review of their business models. Our professionals can help your compliance officers identify your unique risks and business interactions and then analyze them for potential conflicts of interest. This analysis is one of the cornerstones of a strong compliance program.

Our knowledge of the alternative investments industry, our relationship with regulators and industry leaders, and our extensive experience working with other firms allow us to bring an informed perspective to the conflicts of interest discussion.

We can also help you prepare your fund for potential SEC exams. Our professionals understand what regulators will be looking for—many of them were former regulators themselves—and can identify gaps in your compliance programs and offer approaches to address them.

By combining your knowledge of your business with our knowledge of the industry, we can help you build an effective compliance program.


KPMG works with more than 59% of the top 50 U.S. alternative asset managers.10

10 Source: Towers Watson Global Alternatives Survey, Top 500 Asset Managers, July 2015.


Wealth managementBecause of its dramatic growth over the past several years and some high-profile cases regarding compliance violations, the wealth management industry has come under increasing scrutiny by the SEC, FINRA, and the Department of Labor.

Wealth management firms should carefully review their compliance programs, including governance, policies, and procedures in the following areas, as they have drawn the most regulatory scrutiny.

Areas drawing regulatory scrutinySales and compensation practices: The SEC and other prudential regulators of wealth management firms have identified issues with certain sales practices, specifically in connection with incentive compensation structures.

Because of certain bonus and compensation structures, financial advisers were incentivized to steer clients to in-house mutual funds and other proprietary investment products rather than external products that may have been more suitable for the investors.

This heightened scrutiny on sales practices has prompted some private banks and other wealth management firms to revise their policies and procedures relating to potential conflicts of interest regarding their disclosure and compensation policies.

Growth of robo-adviser services: The growth of the automated, algorithm-based robo-adviser platform has led to increased attention by regulators. They want to be sure that wealth management firms using these platforms are adhering to compliance requirements, such as proper distribution of account opening documentation and accurate disclosures of historical performance.

Many firms using traditional advisers and brokers have developed strong controls over new account opening processes. But broker-dealers and other wealth management firms taking advantage of new technologies, such as robo-adviser platforms or client-directed portfolio construction tools, need to ensure that their policies and procedures—and the actual delivery of products and services—is equally buttoned up.

Proliferation of fee-based accounts: Assets under management in fee-based accounts have steadily increased across wealth management firms over the past several years. With fee-based accounts, advisers’ fees are based on a percentage of the value of the account. (With more traditional, commission-based accounts, advisers typically receive payment per transaction.)

Regulatory agencies are closely examining the suitability of fee based advisory programs in the retail accounts of wealth management firms. The SEC holds these fee based programs to the same fiduciary standards as institutional asset management accounts. Additionally, the SEC closely scrutinizes the level of transparency of the fee disclosures contained in the investment management agreements. More specifically, the SEC is concerned about the various levels of fees that can be embedded in these type programs, and potentially leading to misleading or insufficient fee disclosures

FINRA examiners recently charged several wealth management firms with failing to supervise their advisers and violating their fiduciary duty to its clients. These violations can end up costing wealth management firms significant sums of money and, perhaps more importantly, damaging their reputation.

KPMG can helpOur risk management and compliance professionals thoroughly understand existing and new compliance rules and regulations. Furthermore, based on their experience in the wealth management industry and working with regulators, they can help identify areas where you may be at risk and then provide options to address these risks.

For example, we can assist you in:

— Drafting and distributing enhanced disclosures about fees and potential conflicts when describing investment products to clients

— Revising variable compensation formulas so they award greater credit to the sales of outside products, which makes it more likely that financial advisers will act in the best interest of their customers

— Testing or periodically reviewing new technology offerings, such as robo-adviser platforms and portfolio builder reports, to ensure that they deliver accurate information to clients

— Creating and implementing policies and processes that help firms exercise closer oversight over their financial advisers.

KPMG serves: — 3,000+ asset management entities in the U.S.

— 70% of the FORTUNE 1000 financial services firms.


Establishing a compliance risk management program Establishing a compliance program for asset management firms that is appropriately designed and operates effectively in light of ever-increasing regulations and regulatory scrutiny is challenging. At a minimum, it requires creating and implementing comprehensive, written policies and procedures, ongoing monitoring, and control testing.

In addition, regulators are looking to see if firms promote a strong culture of compliance. In other words, does firm management—both in its policies and actions—encourage employees to “raise their hands” and come forward with information about wrongdoing, specifically where advisers are not putting customers first and acting in their best interests.

Compliance transformation framework:The three lines of defenseKPMG’s compliance transformation framework includes eight key elements that help drive prevention, detection, and response with governance and culture at the core. Compliance accountability starts with a strong compliance culture, with tone at the top, and reaches across the Three Lines of Defense (LOD). With clearly defined roles and responsibilities, each “line” of defense plays an important role within the organization’s overall compliance framework.

LOD models can help promote agility and help identify emerging compliance risks. Organizations that apply the LOD model appropriately can help reduce risk.

“As regulatory pressures have intensified over the past few years, expectations for the role of compliance within an asset management firm have grown and changed significantly. Traditional compliance functions are merging with a need to understand and address complex operational risks unique to a firm’s asset management business.

“This wider scope of responsibility means CCOs must understand and document processes in areas such as finance, portfolio management, and technology to ensure that high-risk operational processes are functioning properly. Given these needs, it’s KPMG’s depth and breadth of knowledge and our ability to offer our clients potential approaches that makes us especially qualified to assist asset management CCOs in taking their compliance programs to the next level of maturity.”

— Laurence Godin, KPMG Principal,

National Practice Leader, Asset Management Regulatory Risk


Integrated compliance

Internal Audit Function

Independent assurance

Compliance Function

Advise, challenge, and assess

Line of Business

Design and execute controls

Prevent

Respond

Rep

orting

Monitorin

g

and testing

Te

chno

log

y an

ddat

a an

alys

isIssues

management

and investigations

Detect

Governanceand culture

People, skills, and

due diligencePolicies andprocedures

Comm

unication

and trainingC

om

plia

nce

risk

asse

ssm

ent


Our U.S. asset management services are delivered through 3,400-plus professionals, including 370 partners, part of a global network of member firms whose financial services presence of more than 35,000 partners and professionals spans 115 jurisdictions covering the world’s most prominent financial centers.

Five reasons why asset management companies choose KPMG:

1. Deep experience in asset management: Regardless of where your firm is in its evolution—from launch to globalization to exit—our professionals have the experience to help you deal with the issues and challenges that impact you today as well as prepare you for what lies ahead.

2. Depth and breadth of services: We serve a broad range of industry players—from start-ups to FORTUNE 50 diversified financial services firms—with varying structures including private partnerships, offshore vehicles, and registered funds.

3. Integrated implementation approach: Our Regulatory Risk and Compliance practice works hand-in-hand with Management Consulting, Operations Risk, and other groups to provide an integrated and coordinated implementation approach toward regulatory changes.

4. Global strength and capabilities: Professionals located in all of the world’s commercial hubs, working through our global network of member firms, serve our clients wherever they do business.

5. Outstanding team leadership by senior professionals: Our engagement teams, led by experienced partners and professionals, work hand-in-hand with you, members of senior management, and fund boards of directors to (1) help identify, measure, monitor, and control regulatory risk, and (2) deliver practical, customized, and appropriate insight and guidance.

Our people – Located wherever you are


KPMG’s regulatory risk and compliance servicesWhether your firm specializes in public investment management, alternative investments, wealth management, or some combination of these areas, the chart below offers a summary of the regulatory risk management and compliance services and support we can offer.

Business driver/regulatory risk KPMG core services

— New/changed regulations

— New products and distribution channels

— Increased exposure to multiple prudential regulators (e.g., SEC, CFTC, FINRA, OCC)

— Regulatory change impact assessments

— Compliance transformation framework development

— Application of regulatory requirements to firm’s unique business model

— Rule 38a-1 and 206(4)-7 compliance program requirements

— Internal and external demands for regulatory risk mitigation and regulatory exam readiness

— Risk alerts issued by regulators in specific areas deemed a high risk and examination priority

— Compliance program risk assessments

— Laws and rules inventory and process and control mappings

— SEC mock examinations

— Targeted regulatory risk reviews

— SEC registration requirements for newly registered advisers

— Registration guidance and compliance program development

— Regulatory inspections and examinations — Regulatory exam support

— Demand from regulators and investors for robust oversight programs of service providers and subadvisers

— Third-party manager due diligence support

— Adverse event histories increasing demand for more robust monitoring and testing

— Resource challenges to sustaining adequate monitoring and testing program

— Assist with compliance monitoring program assessments and testing support

— Dynamic regulatory change environment demanding policy and procedure updates

— Policy and procedure development

— Need for employee awareness of obligations in highly dynamic and regulated environment

— Compliance training


Contact usContact us and see how you can potentially benefit from our asset management regulatory risk experience, global bench strength, technological innovation, and customized client care. Go to our Regulatory Risk Web page for more information about our services and to read our latest thought leadership publications.

Or call one of the asset management regulatory risk specialists below, talk with them about your situation, and learn how we can help:

The KPMG difference Managing regulatory risk and anticipating future changes to the regulatory landscape impact far more than just your firm’s compliance department; virtually every area of your firm—from operations to sales to payroll to IT—is affected.

That is why so many asset management firms have come to us for guidance and assistance. The depth and breadth of our services enables us to offer you a holistic response to regulatory issues.

Our Regulatory Risk and Compliance professionals work closely with colleagues in our Operations, Risk Management, Governance, Change Management, IT, Training, and other practice areas so they can provide you with an integrated, coordinated implementation approach toward regulatory changes.

Moreover, we work hand-in-hand with members of senior management and fund boards of directors to help organizations become more proactive in identifying, measuring, monitoring, and controlling regulatory risk.

Laurence Godin Principal National Practice Leader Asset Management Regulatory Risk T: 212-954-1939 E: [email protected]

Neerav TrivediDirector Advisory Regulatory Risk T: 617-988-6765 E: [email protected]

Daniel HaffDirector T: 212-872-6799 E: [email protected]

Mark McKeever Director Advisory Regulatory Risk T: 267-256-1704 E: [email protected]

Tracy Whille Principal National Practice LeaderFinancial Services Regulatory Risk T: 212-954-2691 E: [email protected]

Edward Resnick Director Advisory Regulatory Risk T: 617-905-7364 E: [email protected]

kpmg.com/socialmedia

Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates.The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation.


https://advisory.kpmg.us/risk-consulting/frm/regulatory-risk-services.html?var=1&gclid=Cj0KEQiA-_HDBRD2lomhoufc1JkBEiQA0TVMmrU7OLWlqFZKIe-SK_XGWc5S8WMPYlJ83JrY4lKD5VsaAgdT8P8HAQ

http://www.linkedin.com/company/kpmg-us

https://www.facebook.com/KPMGUS/

http://www.youtube.com/user/KPMGMediaChannel

https://twitter.com/kpmg_us

https://plus.google.com/+KPMGUSA/posts

https://instagram.com/kpmgus

Documents

Controlling regulatory and compliance risk - KPMG...Controlling regulatory and compliance risk KPMG’s Asset Management Regulatory Risk practice kpmg.com. A challenging regulatory