Citi OpenInvestorSM

Private Fund Advisers: Compliance Oversight of Third-Party Administrators

By: Regulatory Administration and Compliance Support Services, Citi

1

Introduction

Private equity and hedge funds

(“Private Funds”) often contract

with third-party administrators

(“Administrators”) to manage certain

of their books and records. Investment

advisers to Private Funds who are

required to be registered (“Private

Fund Advisers”) with the Securities

and Exchange Commission (the “SEC”)

must comply with the requirements of

the Investment Advisers Act of 1940

(the “Advisers Act”), which includes

those related to record keeping.

Record-keeping Requirements

Section 404 of the Dodd-Frank

Wall Street Reform and Consumer

Protection Act of 2010 added new

section 204(b) to the Advisers Act,

which provides record-keeping

requirements for investment advisers

to private funds. Specifically, section

204(b)(2) states that the records

and reports of any private fund to

which a registered investment adviser

provides investment advice are to be

considered the records and reports of

the Private Fund Adviser. As a result,

Private Fund Advisers often look to

the Administrators of the Private

Funds they manage for these records

to assist them in meeting the adviser’s

books and records requirements.

Thus, when a Private Fund opts to

outsource core duties the investment

adviser or general partner would

otherwise perform for its client(s),

the adviser has a vested interest

in selecting an appropriate service

provider and continuing to oversee or

monitor the outsourced duties as part

of its compliance program pursuant to

Rule 206(4)-7 under the Advisers Act

(the “Compliance Rule”). In addition,

a growing number of investors,

especially institutional investors,

expect that this oversight will be

performed.

The Compliance Rule

Upon registration with the SEC, an

investment adviser must have a

compliance program in place that

meets the requirements of the

Compliance Rule. An often overlooked

area in an adviser’s compliance

program includes oversight of key

service providers to the Private Funds

it advises, such as the Administrator.

Private Fund Advisers are required

by the Compliance Rule to adopt

and implement written policies and

procedures reasonably designed

to prevent, detect and correct

violations of the Advisers Act and

rules thereunder. The Compliance

Rule also requires that the adviser

appoint a competent and empowered

Chief Compliance Officer (the “CCO”)

to administer the policies and

procedures, and that an annual review

of the written compliance policies and

procedures (the “Compliance Manual”)

be performed. Rule 204-2(a)(17)(ii)

requires that records documenting

such review be retained.

This article discusses some of the

key oversight responsibilities Private

Fund Advisers should consider in their

compliance programs with respect to

Administrators of the Private Funds

they advise.

Compliance Manual

The Compliance Manual should include

policies and procedures tailored to fit

the adviser’s business functions that

are designed to reasonably prevent

violations of the Advisers Act and

any regulations that are applicable

to the adviser. The Compliance Rule’s

adopting release contains a list of

key areas to consider for inclusion

within the Compliance Manual. The

Compliance Manual must continuously

be maintained and revised for changes

to laws, regulations, operations or the

organization. Senior management

must fully support the form and

function of the Compliance Manual.

Annual Review

The annual review is usually

conducted and evidenced through

the creation of a risk-based testing

program. Firm size, the complexity

of investments and operations and

testing resources will impact how

much testing should be performed.

The testing program should be

documented and tied (or mapped)

to the written compliance policies

and procedures contained within the

Compliance Manual. A compliance risk

matrix should be used to demonstrate

that a risk-based approach was taken

in the development of the testing

program. As part of this approach,

the CCO should consider the potential

likelihood of an issue occurring with

respect to that action within the

Compliance Manual, as well as any

potential impact to the adviser or

its clients. The risk matrix could also

be used to assign testing frequency

and sample sizes based upon the

frequency of the control activity, the

likelihood of its failure and the impact

it would have on operations if it should

fail. The risk matrix should be updated

at least annually and whenever there

is a regulatory, infrastructure or

procedural change that impacts the

content.

Administrator Compliance Oversight

Oversight Responsibilities

While the SEC has not yet committed

to rule making on the responsibilities

a registered investment adviser has

over the functions it relies upon

an Administrator or other third-

party service provider to perform,

members of the SEC’s staff have

provided insight into their views

on outsourcing certain duties that

would otherwise be performed by

an adviser. During the SEC’s 2009

CCOutreach Regional Seminars

directed to the compliance staff of

advisory and broker-dealer firms, the

staff devoted its April session to “The

Evolving Compliance Environment:

Examination Focus Areas.” During

this session, the staff stated that

“when a service provider is utilized,

the adviser still retains its fiduciary

responsibilities for the delegated

services. As a result, advisers should

review each service provider’s overall

compliance program for compliance

with the federal securities laws and

should ensure that service providers

are complying with the firm’s specific

policies and procedures.” Private

Fund Advisers should, therefore,

consider their oversight obligations

of Administrators and other key

service providers and, at a minimum,

include a description of this oversight

within their Compliance Manual. More

appropriately, a Private Fund Adviser

should maintain a copy of the service

provider’s key compliance controls

and procedures related to those

functions that the Private Fund has

outsourced to the Administrator, given

that the associated books and records

are deemed to be those of the Private

Fund Adviser under Section 204 of

the Advisers Act. The CCO should also

periodically test these key compliance

controls and procedures, using a

risk-based approach, as described

in the “Annual Review” section. Test

results should be maintained as part

of the annual compliance review.

Compliance Program Considerations

Some examples of outsourced

functions an Administrator might

provide to a Private Fund, and other

incidental regulatory and business

considerations, which should be

reviewed or tested by the CCO to

support the Private Fund Adviser’s

compliance program include:

• Independent valuations:

Administrators to hedge

funds typically use third-party

independent valuation agents to

obtain prices for clients’ portfolio

holdings. These third-party pricing

2

agents should be reviewed and

approved by clients as the adviser is

ultimately responsible for the hedge

fund’s valuation(s). Administrators

should be provided with a copy of

any written valuation procedures

the adviser may have in place.

Administrators typically have

various pricing controls which they

use to perform reasonableness

checks of the information provided

by the pricing agents. A CCO

should understand the controls

the Administrator has in place and

periodically test such controls.

Examples include comparison of

price movements for securities

from its prior valuation exceeding

set tolerances for that asset type,

reviews for unpriced securities and

for stale prices.

• Fair valuations: Compare any fair

valuation the Private Fund Adviser

has provided to the Administrator

(where independent prices

were unavailable) to ensure the

Administrator input it correctly into

the accounting system as this would

usually entail a manual process.

• Code of conduct: Confirm the

Administrator has a Code of

Conduct and that it includes

information related to how the

Administrator’s employees should

conduct themselves with respect

to gifts and entertainment,

insider trading, treatment of

client’s information, including

confidentiality, etc.

• Business continuity: Confirm

the Administrator has a business

continuity plan, that it is periodically

tested and that identified issues are

remediated.

• Books and records: Administrators

are not subject to the Advisers

Act; however, they do agree to

manage some books and records

for the Private Funds, which could

also be used by the Private Fund

Adviser to fulfill portions of their

record-keeping obligations under

the Advisers Act. Therefore, CCOs

should discuss the record-keeping

provisions with their Administrator

and other key service providers,

such as the custodian and/or

prime broker(s), to ascertain

where required records are kept

and to confirm agreement as to

responsible parties for each of the

requirements. The testing program

should include periodic testing of

books and records to confirm that

the Administrator is appropriately

maintaining books and records, as

agreed upon, particularly since such

books and records are ultimately

deemed to be the records and

reports of the Private Fund Adviser.

• Escalation: Discuss the

Administrator’s escalation process

to confirm understanding of how

items impacting the adviser and/or

its clients will be escalated and the

timing of such escalation.

• Expense calculations: Typically

the Administrator to a Private Fund

calculates its own administration

service fee and the management

company fee but is only responsible

for booking other types of fees,

as those fees are reported to

them by the adviser (such as legal

fees charged by outside counsel).

The adviser should perform a

reasonableness check for the

accuracy of all fees, which would

include an understanding of the

methodology used for the inputs.

A reasonable sampling of fees

that were manually input into

the accounting system should be

reviewed for accuracy.

• Reconciliation controls: The adviser

should understand the controls

the Administrator uses to confirm

positions, cash and allocations,

including the separation of duties

and the management review

process around each of these

important controls. The CCO should

arrange for periodic testing of

critical processes to confirm that

the Administrator is fulfilling these

functions appropriately.

3

• Financial statements:

Administrators typically compile

the Private Fund’s financial

statements for review by the Private

Fund Adviser and Fund Auditor

(if the financial statements are

audited). The CCO should ensure

that all positions and valuations

are properly recorded and that

applicable required disclosures

are included, such as those

related to Accounting Standards

Codification Topic (“ASC”) 820

(Fair Value Measurements and

Disclosures), ASC 740 (Accounting

for Uncertainty in Income Taxes)

and ASC 815 (Disclosures About

Derivative Investments and Hedging

Activities).

• Anti–money laundering: Although

investment advisers are generally

not required to have anti–money

laundering policies and procedures

adopted pursuant to the Bank

Secrecy Act, they usually do as

a matter of best practice, given

they are still subject to regulations

administered by the U.S. Treasury

Department’s Office of Foreign

Assets Control (“OFAC”). A Private

Fund Adviser should understand

any anti–money laundering controls

the Administrator has in place and

compare them to the adviser’s

policy and procedures to note

and resolve discrepancies. A CCO

should not assume an Administrator

has adopted and implemented an

effective anti–money laundering

program. In the U.S., such programs

are only mandated for bank-

affiliated Administrators and are

not required to treat Private Fund

investors as customers of the

Administrator for purposes of their

anti–money laundering program.

In addition, the adviser should use

its testing results to identify whether

the service provider is performing the

functions that they are contracted to

provide as part of its due diligence

review of the Administrator. If the

service provider produces a report on

Service Organization Controls (“SOC

1 Report” formerly known as the SAS

70 Report), it is prudent to consider

that as a factor in its evaluation

rather than the SOC 1 Report having

completely satisfied the adviser’s

oversight responsibilities of that

service provider. SOC 1 Reports are

not client specific; rather, the auditor

takes samples across the service

provider’s client base to test controls.

Thus, a CCO should not consider a

SOC 1 Report’s results conclusive

of the type of control environment

the Administrator has in place with

respect to the specific services it

is providing to the Private Funds

managed by the adviser.

Conclusion

Advisers should review services

delegated to service providers to

reasonably confirm that the service

provider is performing these services

adequately. In addition, CCOs, as part

of the required annual compliance

review, should include services

provided by service providers to

reasonably confirm that the service

provider is operating in compliance

with the federal securities laws, as

well as complying with the adviser’s

specific policies and procedures,

where appropriate. The adviser could

use its compliance testing program

results to help satisfy increasing

customer demand for strong due

diligence reviews of the Private Funds

in which they invest and its key service

providers. The oversight program

can also be used to help assure the

SEC that the Private Fund Adviser’s

compliance program is robust,

sound and compliant with the

requirements of Rule 206(4)-7

under the Advisers Act.

4

Citi OpenInvestorSM is the investment

services solution for today’s

diversified investor, combining

specialized expertise, comprehensive

capabilities and the power of Citi’s

global network to help clients meet

performance objectives across asset

classes, strategies and geographies.

With an on-the-ground presence in

over 95 countries and over $12.5

trillion in assets under custody,

Citi offers award-winning service

and unmatched scale. Citi provides

complete investment services for

institutional, alternative and wealth

managers, delivering middle-office,

fund services, custody, and investing

and financing solutions focused

on clients’ specific challenges and

customized to their individual needs.

The article is written by: Chuck Booth,

Diana Hanlin, Eric Phipps, Fred

Schmidt and Bruce Treff.

Chuck Booth, Diana Hanlin, Eric

Phipps and Fred Schmidt are members

of the Regulatory Administration

and Compliance Support Services

Group of Citi Investor Services. Bruce

Treff is Managing Director of Citi

Investor Services. Their views may

not represent the view or opinion of

Citigroup or any affiliate and are not

intended to be legal advice.

To learn more, please contact:

Chuck Booth at 614-470-8070

charles.booth@citi.com

Diana Hanlin at 614-428-3439

diana.b.hanlin@citi.com

5

Citi Transaction Serviceswww.transactionservices.citi.com

© 2012 Citibank, N.A. All rights reserved. Citi and Arc Design is a registered service mark of Citigroup Inc. OpenInvestor is a service mark of Citigroup Inc.

952855 GTS05914 05/12

This communication is provided for informational purposes only and may not represent the views or opinions of Citigroup or its affiliates (collectively, “Citi”), employees or officers. The information contained herein does not constitute and shall not be construed to constitute legal and/or tax advice by Citi. Citi makes no representation as to the accuracy, completeness or timeliness of such information. This communication and any documents provided pursuant hereto should not be used or relied upon by any person/entity (i) for the purpose of making regulatory decisions or (ii) to provide regulatory advice to another person/entity based on matter(s) discussed herein. Recipients of this communication should obtain guidance and/or advice, based on their own particular circumstances, from their own legal or tax advisor.