I never find it boring to review the investment adviser exemptions for private fund managers.  Apparently, I am not the only one since this is a question we frequently field.

Initially, private fund manager investment advisers, who are primarily regulated by the SEC, that is, large adviser firms with $100 million or more in assets under management (“AUM”), may claim federal exempt reporting status by relying on one of the statutory exemptions implemented under the Dodd-Frank Act of 2010 (“DFA”) amending the Investment Advisers Act of 1940 (“Advisers Act”).   Essentially, a party may be able to rely upon the private fund adviser exemption pursuant to Advisers Act Section 203(m), so as not to register fully as a registered investment adviser (“RIA”) .  This private fund adviser exemption for large advisers is the transition threshold from state to federal registration and from a federal exempt reporting adviser (“ERA”)– advisers relying upon either of the venture capital fund adviser exemption or the private fund adviser exemption — to a full-fledged RIA ($100 million AUM to $150 million AUM).

The large adviser may also advise non-venture capital funds, including, but not limited to, funds of funds and secondary funds, while saving money by avoiding the costs associated with registration.   This exemption is available to a U.S. based adviser of “private funds”–  an issuer of securities that would be an investment company but for the exceptions provided for in the Investment Company Act of 1940 (“ICA”) Sections 3(c)(1) or 3(c)(7)– with a combined AUM of less than $150 million.  Most private equity funds rely on the Securities Act of 1933 (“Securities Act”) Regulation D Rule 506– the private offering exemption as well the exemptions pursuant to ICA Sections 3(c)(1) or 3(c)(7).  In fact, ICA Section 3(c)(1) provides an exclusion from investment company registration for a fund that: (i) does not publicly offer its securities; and (ii) has 100 or fewer beneficial owners, while Section 3(c)(7) of the ICA provides an exclusion from investment company registration for a fund that: (i) does not publicly offer its securities; and (ii) limits its owners to qualified purchasers.   A large adviser, $100 million or more in AUM, advising funds that meet these qualifications may register with the SEC as a federally covered ERA, however, if the organizer advises any clients that are not private funds, then the adviser must register as an RIA with the SEC.

Additionally, there is another exemption called the venture capital adviser exemption pursuant to Advisers Act Section 203(l).   The large advisers venture capital adviser exemption also provides for an avenue to avoid RIA registration.  However, this exemption has many caveats, and is available to advisers of one or more “venture capital funds.”  Venture capital funds are private funds that: (1) pursue a venture capital strategy; and (2) hold no more than 20% of its total assets (including committed but not yet invested capital) in non-qualifying investments or short-term holdings (cash and cash equivalents, U.S. Treasuries with a remaining maturity of 60 days or less and certain money market funds).  A “qualifying investment” is an equity security purchased directly from a “qualifying portfolio company,” that is, at the time of the fund’s investment: (a) is not a reporting company, listed on a foreign exchange, and an affiliate of an Exchange Act reporting company, (b) does not borrow or issue debt obligations in connection with the fund investment and distribute proceeds in exchange for the investment, and (c) is not a mutual fund, hedge fund, private equity fund, venture capital fund, commodity pool fund, or an issuer of asset-backed.  The venture capital fund must also: (1) limit borrowing to 15% of the fund’s assets and only for a short-term (non-renewable term of 120 calendar days); (2) not provide redemption rights (except in extraordinary circumstances); and (3) is not ICA registered or a business development company.  For each investment fund, the investment manager has to ensure it meets the venture capital fund definition or the adviser cannot rely on the exemption.  So long as each fund advised by the organizer meets the definition then the adviser can remain an ERA indefinitely, while an adviser relying on the private fund adviser exemption may only do so until its AUM reaches $150 million.  Once reached, the adviser would be required to become a federally covered RIA.

Significantly, these parties also need to concern themselves with state ERA registration as well as small and mid-sized advisers (advisers with less than $100 million AUM) must also comply with applicable state law where it conducts its advisory business. These advisers are generally prohibited from registering with the SEC, and may not register as a federally covered ERA under one of the exemptions discussed above.  Some states have adopted the NASAA Registration Exemption for Investment Advisers to Private Funds Model Rule or some variation of it.  This Rule provides exemptions for state-regulated advisers from state RIA registration.  Further, states that provide either the model rule or a modified version of the rule, typically, track the federal exemptions discussed above, but a state may have modified or added requirements that organizers should take into consideration as part of their registration

For example, California adopted a modified version of the NASAA Model Rule, and parties, who are primarily regulated by the California Department of Business Oversight, may rely on the California private fund adviser exemption.   Pursuant to California law, the California private fund adviser exemption is the equivalent state ERA exemption.  See Cal. Code Regs. tit. 10, Section 260.204.9.   Pursuant to this Rule, a venture capital company (“VCC”) would include a fund that meets the federal venture capital fund definition as well as: (1) an entity that has 50% of its assets are in venture capital investments (investment in an operating company where the adviser obtains management rights); (2) an entity that is a “venture capital fund” as defined in Advisers Act Rule 203(l); and (3) an entity that is a “venture capital operating company” as defined in Employee Retirement Income Security Act of 1974 Rule 2510.3-101(d).   If the adviser advises funds that meet one of these definitions then it may claim the certificate exemption for investment advisers to private funds under California law, and it allows a California adviser to rely on the venture capital fund definition as defined by federal law for purposes of claiming the state exemption.  If the adviser meets this standard or one of the other definitions then it is a VCC and is only required to file a truncated Form ADV, pay the applicable state filing fee, and abide by the substantive requirements of state covered ERAs.  Further, if the organizer advises funds that do not meet one of the three statutory definitions of a VCC, then it still may rely on an exemption from state RIA registration but with additional considerations.  A private fund (excluding a fund that limits offerings to qualified purchasers) that does not qualify as a VCC is considered a “retail buyer fund” under California law, and an adviser to a retail buyer fund may still qualify for the certificate exemption for investment advisers to private funds but must provide audited financials to the fund’s beneficial owners within 120 days of the end of the fiscal year and may not charge performance fees to an investor that is not a “qualified client.”

Moreover, if the state does not have applicable exempt reporting adviser exemptions then the adviser must ensure that it complies with state RIA requirements.  Additionally,, there is nothing that would exempt these RIAs from taking a licensing test—Series 65.

Finally, given the complexity of state RIA and ERA requirements, fund organizers should consult counsel for the appropriate course of action to ensure full compliance.

On December 17, 2020, SEC created the Division of Examinations by renaming the now defunct, Office of Compliance Inspections and Examinations, making it the SEC’s 6th Division joining Enforcement, Corporation Finance, Trading and Markets, Investment Management, and Economic and Risk Analysis (DERA).

A couple of months later, the new Examinations  Division  announced its 2021 examination priorities, carrying on OCIE’s long standing tradition of annually publishing its examination priorities.  The publication of these priorities is supposed to provide a framework for those registered persons and entities to prepare for the onslaught of SEC examiners.  These priorities will include a focus on climate-related risks; broker and RIA conflicts of interest; Reg BI; FinTech risks; ESG-related risks; proxy voting policies and practices; BCPs; mutual funds; ETFs; municipal securities and other fixed income securities; variable annuities; private placements; and microcap securities.  The Division will also review information security and operational resiliency; safeguards for customer accounts and to prevent account intrusions; AML programs; LIBOR transition; RIA and IC compliance programs; Private Fund RIAs; municipal advisors; Customer Protection Rule and the Net Capital Rule;  internal processes, procedures, controls, and compliance adequacies; review of requirements for borrowing securities from customers; best execution in a zero commission environment; order routing disclosure rules; Reg SHO market-maker compliance; clearing agencies; national securities exchanges; transfer agents; and oversight over FINRA and MSRB.

In short, the new Examinations Division will continue to pursue a broad package of priorities.  Firms and those in the securities industry subject to these examinations should consult securities counsel prior to any contact with the SEC.

Fox Rothschild’s Securities Industry Group is pleased to announce its publication of an interactive Survey of State Blue Sky Filing Requirements.   SI Group members, A. Binford Minter and Jennifer M. Vinciguerra, were instrumental in developing the site.  We encourage all of our readers to visit the site and see what it may be able to offer to you.

Interactive Survey of State Blue Sky Filing Requirements Facilitates Rule 506, Regulation A+ Securities Compliance

We were recently reminded of how difficult it is to re-register for a position in the securities industry after being barred.  See https://www.sec.gov/litigation/admin/2021/ia-5682.pdf.

On February 9, 2021, the United States Securities and Exchange Commission refused to let a former investment adviser re-register, claiming that the barred adviser had not demonstrated “extraordinary circumstances” to merit re-entry .  In particular, the Commission noted that the barred adviser had not paid his penalty, initially, imposed in 2011.  The Commission also rejected his arguments that, by working with an actual registered adviser, he would be appropriately supervised.  However,  the Commission found that the person had failed to submit sufficient evidence to demonstrate this supervision.

As a result, the barred adviser was not let back into the business, demonstrating the difficulty for others, who seek to follow in his path.  We are not suggesting it is impossible, but those barred persons interested in re-entering the securities industry should seek out securities counsel prior to making any filing.

In what has become a yearly occurrence, FINRA has notified its member firms about its intent regarding the member firms’ compliance programs.  See https://www.finra.org/rules-guidance/guidance/reports/2021-finras-examination-and-risk-monitoring-program.

This year, FINRA combined its Report on Examination Findings and Observations (an analysis of prior examination results) and the Risk Monitoring and Examination Program Priorities Letter (planned areas of review) into “FINRA’s Risk Monitoring and Examination Activities Report.”  This new report is 46 pages long, and very dense.  It is meant to assist member firms on what they should be reviewing, analyzing, and remediating, including, but not limited to, AML; OBAs; sales and communications, specifically, Regulation BI, Form CRS, private placements and variable annuities; compliance; cybersecurity; “game-like” trading platforms; best execution and trade routing; and, of course, net capital and customer protection.

In sum, FINRA looks like it is planning a busy year, meaning member firms will be even more busy.  It is strongly suggested that member firms seek seasoned securities counsel to prepare for this onslaught.

In December  2020, the New York State Attorney General altered its filing rules to align with those required by the SEC’s requirements for a Regulation D Rule 506 offering.  Now, for a Rule 506 offering in New York, the issuer must only file a  copy of the federal Form D with New York’s Investor Protection Bureau instead of the former pre-offer Form 99 within 15 days of the first sale within or from New York.   See https://ag.ny.gov/sites/default/files/13-nycrr-10-unofficial.pdf.   The Form D filing would then be submitted online through the Electronic Filing Depository (“EFD”) system developed by the North American Association of Securities Administrators (“NASAA”).  Essentially, with these changes, New York has joined the rest of the states in standardizing their Form D notice filings for Rule 506 offerings.

For many years, the New York State Attorney General required an issuer that conducted a Rule 506 offering to submit a Form 99 prior to making a first offer or sale in New York pursuant to New York General Business Law, Chapter 20, Article 23-A (“Martin Act”).   This oddity is the result of the Martin Act’s regulation of securities dealers as opposed to the regulation of offerings like other states and the federal government.   Thus, to conduct a Rule 506 securities offering, an issuer would have to “register” as a dealer by filing the Form 99 with the Investor Protection Bureau prior to the first sale or offer.  Such a registration would be valid for 4 years, and also required a consent to service of process, among other things.

This position was not universally accepted and a number of noted securities practitioners held the position that New York’s Rule 506 filing requirements were pre-empted by federal law, in particular, The National Securities Markets Improvement Act of 1996 (“NSMIA”).  This position was described in a position paper prepared by The Committee on Securities Regulation of the New York State Bar Association in August 2002.   We note that the New York State Attorney General never adopted this position.

Nonetheless, the new rules eliminate the Form 99 filing requirement, as well as the other filings, and substitute the Form D filing, providing a 4 year dealer registration period beginning on the date of the filing.   There are also filing fees associated with the Form D filing of either $300 or $1,200, depending on the size of the offering.  We also note that, if the issuer files an Amended Form D with the SEC, it will also have to file the same with New York as a “supplemental filing,” and have to pay a $30 filing fee.  Further, any annual amendment to a Form D for any offering, beyond the 4 year filing period, will incur a similar registration renewal fee.

The use of Form 99 filings or renewals ceased on February 1, 2021, but an issuer my still use the Form 99 registration number through the 4 year period, and amended Form 99s will be accepted from these issuers through December 2, 2024, but cease after that date, with the issuer required to file through the EFD system.   However, an issuer could file a Form D through the EFD system even if its Form 99 filing is still valid, but it will have to pay all required registration fees, supply all relevant information, and use a new identification number as well as obtain a new registration date.  Finally, once the EFD system is utilized, an issuer must use it for all future filings, but it is important to note that this system does not apply to real estate securities who will continue to use the old system.

In short, New York has finally entered the modern age and joined the federal government and its sister states in streamlining the Rule 506 filing process.

In a stark 3-2 vote along political lines, the SEC announced today that it was proposing new rules relating to finders.  Essentially, if the proposed rules are, ultimately, approved, the SEC will sharply change the position it has maintained for over 8 decades, allowing unregistered finders to sell securities to the investing public while receiving transaction based compensation.  See https://www.sec.gov/news/press-release/2020-248.  

If approved, the proposed rules would permit 2 categories of finders.  Both types of finders would be allowed to solicit accredited investors for investments in various issuers.   There are restrictions on the activities the finders could engage in as well as certain disclosure requirements for one category.  Nonetheless, the breadth of the proposed rules is significant because it represents a sea change from the SEC’s previous position that any transaction based compensation paid to persons who solicit investors would require broker-dealer registration.

These proposals also apparently conflict with recent state activities on finders and business brokers.  For example, the State of New York proposed actually registering finders.   See https://securitiescompliancesentinel.foxrothschild.com/broker-dealer-registration/fox-rothschilds-securities-industry-group-members-ernie-badway-and-alex-kerzhner-publish-alert-on-nysags-pandemic-rule-making-on-finders-and-business-brokers/.  

There is a 30-day comment period for these proposed rules after publication in the Federal Register, and the SEC is encouraging interested parties to comment.

Recently, the Office of Compliance Inspections and Examinations (“OCIE”) released an alert to broker-dealers and registered investment advisers regarding the risks associated with credential stuffing.  See https://www.sec.gov/files/Risk%20Alert%20-%20Credential%20Compromise.pdf.

Credential stuffing is an automated attack on web-based user accounts and direct network login account credentials. Cyber attackers obtain lists of usernames, email addresses, and corresponding passwords from the “dark web,” and then use automated scripts to try to compromise user names and passwords on other websites. OCIE believes that credential stuffing is emerging as a more effective way for attackers to obtain unauthorized access to customer accounts and/or BD or RIA firm systems rather than traditional “brute force” password attacks, attempts to guess a password using numerous combinations. The successful attack, using either method, allows access to customer accounts and, possibly, the firms’ systems, allowing for the theft of customer and firm accounts.

The OCIE staff observed an increase in the frequency of credential stuffing attacks, and BD and RIA failures to mitigate the risks of such attacks.   The findings included problems with the use of systems hosted by third-party vendors and personally identifiable information (“PII”) through the website of BD or RIA.  Such use would facilitate  an attacker’s ability to control a customer account at the firm or the customer’s accounts at other institutions according to the OCIE report.

OCIE determined that customers using the same password or login usernames were a prime target for these attacks.  Further, OCIE suggested that firms update their Regulation S-P and Regulation S-ID policies and programs to address these risks. Similarly, OCIE found certain practices could protect client accounts, including, but not limited to: (1) policies and procedures relating to updating and improving passwords; (2) employing Multi-Factor Authentication (“MFA”), where multiple “verification methods” authenticate the person logging in to an account; (3) Completely Automated Public Turing test to tell Computers and Humans Apart (“CAPTCHA”), requiring users to confirm they are actual humans and not automated scripts; (4) improving controls to detect and prevent multiple login “fingerprints” for sessions, along with the use of a web application firewall (“WAF”) to detect and inhibit credential stuffing attacks; and (5) monitoring the dark web.

Firms should consider their current practices, and any potential limitations of those practices.  Further, firms should consider if the firm’s customers and staff are properly informed on securing their accounts.  If not, OICE strongly recommends that improvements be made quickly.

In sum, BDs and RIAs should remain vigilant and proactively address emergent cyber risks; review their customer account protection safeguards; identity theft prevention programs; and consider updating such programs or policies as necessary. Firms should seek out experienced securities counsel to assist in these tasks and engage their customers in this process because, like the Pandemic, we are all in this together.

Money service businesses received a reprieve last week that will make cryptocurrency firms very happy since they will be able to more easily expand across the United States. The Conference of State Bank Supervisors (“CSBS”) – 48 state regulators – agreed on a regulatory system for money services’ businesses, including a single set of supervisory rules and exam program conducted by state regulators.

The new regime applies to nearly 80 large payment and cryptocurrency firms, doing business of over $1 trillion annually. In recent years, state regulators have been working together to address complaints that the state-by-state supervisory system is redundant and overly burdensome. Cryptocurrency firms, typically are licensed state by state, but, under the new arrangement, a group of state examiners will jointly supervise a business, instead of individual states. This approach should be more efficient with states sharing information; however, states may still conduct independent examinations.

In short, this new regime should make it easier for cryptocurrency firms to operate. However, seasoned counsel is still necessary to manage this new path for cryptocurrency firms.