Thursday, March 17, 2005
SEC Mandated Email Archiving for RIA HFs
R U Compliant?
By Terry Stanton, Managing Editor
Monday, January 24, 2005 3:18:31 PM ET
Under registration, hedge funds will have to archive all electronic communication, including instant messaging
It's the cute little message system that once was mostly the province of keyboard-chattering teenagers and preadolescents. A fast way to share fleeting thoughts and tidbits of information with family, friends and co-workers, it's efficient, it's ephemeral, but now, for hedge funds, it's official—an official medium of business communication, that is.
It's instant messaging, and now that hedge funds face the prospect of mandatory registration with the Securities and Exchange Commission as investment advisers, they need to face the fact that IM-generated communication can be a bona fide business record. And that means they need to ensure that they have a system in place to store instant messages in a way that satisfies the commission's requirement as spelled out in Rule 17a-4 under the Securities Exchange Act of 1934, among other legal mandates that go with registration.
One for the Archives
At many unregistered funds, and probably at some that have signed up with regulators, executives haven't given much thought to whether their procedures for electronic storage—if they have any formal protocol at all—live up to federal standards. What attention they have paid to the issue might deal only with email. With its automatic backup and storage features, email sorts and retains its own record on hard drives and networks. Companies that back up and store the messages on tape may be satisfied that they are in compliance with regulations for the financial industry. Officials at such companies might want to get to know the rules better, including what kinds of searches they might have to conduct in the event of an audit.
At a seminar on the issue of record keeping and instant messaging at the fall meeting of the Futures Industry Association, David Cox, chief technical officer at Calyon Financial Inc., Chicago, told the audience, "Anyone in the room who thinks they're in compliance with the new regulations, think again."
While that discussion focused on how to lasso instant messaging into a proper storage pen, dealing with IM begins with understanding the requirements for retention of any electronic communication. The basic rule is that organizations in financial services, along with other selected industries, must capture and store for auditing purposes all business-related communications conducted by employees and with clients, generally for a minimum of five years.
For email, that means "a usage policy backed up by active processes for monitoring, archiving and storage," says Richard Fleischman, whose New York-based RFA Technology Consulting firm helps financial companies, hedge funds among them, with message-storage compliance issues. "Additionally they require an email forensic solution that can track, report and monitor email usage to avoid costly manual recovery practices," he said, referring to the complex process that may be involved in retrieving specific messages from records that merely have been slapped onto magnetic tape.
A fully compliant solution stores messages on a medium (WORM—or, "write once, read many") whose contents can be read but not written over or deleted and which can be retrieved in targeted searches, such as by individual, time period or trading position for a particular holding.
So far, the hedge fund world has not rushed into strict compliance.
"Virtually none of them archive email properly," says Chris Grandi, managing director of Boston-based Eze Castle Integration Inc., speaking of hedge fund clients with which his Boston-based firm has worked. "They back it up on tape, but then [to retrieve something for an audit] you have to restore it and search and find—which could take 300 hours and thousands of dollars to do. We deem that unacceptable."
The IM Conundrum
While a haphazard approach of back-up-and-hope might let a firm squeak by for email when the examiners come knocking—albeit with great expense and hassle—it won't work with instant messaging.
"In the IM space, there is more entropy than there is movement in the other direction," Jonathan Christensen, vice president of products and chief technology officer for FaceTime, Foster City, Calif., told his audience as a member of that IM seminar panel. In science, entropy refers to the tendency of things to move to a state of disorder, and while Mr. Christensen was describing the persistent lack of standardization and control among IM networks as their use grows, he also was referring to the tendency of information transmitted via IM to vanish into thin air unless deliberate measures are taken to capture it and store it.
While the same storage requirements that cover email apply to instant messages, complying with them is a trickier task technologically and one that eludes many firms that don't act. "The vast majority of IM use is still ‘undiscovered,'" Mr. Christensen said at the seminar. "Unlike email, IM has no backup or archive, no standard addressing method, no monitoring tools. It's very tricky to manage because of nuances as to how it works." And yet, he said, instant messaging is the fastest-growing form of communication, one that is used in 90% of enterprises and that by 2006 will "usurp email as the preferred method."
But tricky to manage is not the same as impossible or even highly difficult or expensive, all three of the IM specialists contacted for this article agree. Their companies each offer technical and administrative solutions for the IM challenge that don't require much in the way of active monitoring or policing and that can be economically feasible even for small shops.
On Site or Off
As with many IT challenges, organizations seeking to implement message archiving can work with suppliers to set up a system in-house or can completely outsource the job, including the physical storage, to a vendor. Many of the technology consultants that work in this field can help with either route.
Generally the in-house solution, involving an on-site server, has relatively high upfront costs—perhaps US$40,000 or more and requires some ongoing monitoring by internal employees with expertise. Shipping the storage job out to an offsite location requires no new onsite hardware and is much less expensive to implement, but may involve a per-user charge and will entail an ongoing service fee. Start-up costs for outsourcing may be as low as US$3,000.
For larger firms, the in-house option and the one-time major investment will even out with the ongoing cost of outsourcing in about 24 months, according to Mr. Fleischman (although periodically the storage medium in the on-site hardware must be replaced). Obviously, the outsourcing approach makes more economic sense for the many smaller firms that manage hedge funds. "Monthly, you're renting space on somebody's servers," he says, "but it's US$500 a month vs. US$40,000."
Money is not the whole issue. "The smaller shops definitely have less time and attention to worry about IT structure," says Mr. Christensen, whose FaceTime firm has an off-site archiving product, RTShield, geared to small- and medium-sized firms but which also counts many of the largest financial institutions among its customers. For many of the big banks, FaceTime's in-house IM Auditor system is the choice.
For the hedge funds served by Eze Castle, "off-site is much more popular," Mr. Grandi says. His firm markets its Integration Email & IM solution, which like many such offerings uses software from other suppliers (iLumin Software Services and IMIlogic) for archiving, indexing and retrieval tasks. As with other outsourced systems, Eze Castle's setup transfers a copy of each email and IM to secure facility. Those messages "sit in suburban Boston, outside any financial district," Mr. Grandi says.
RFA also offers two basic approaches. It can install an on-site server that collects email and instant messages (along with Bloomberg messaging, as most of the providers do), using Zantaz and IMLogic software. If the client firm chooses, RFA will monitor the system from offsite for a fee. RFA's offsite solution is called MessageRite. It provides a scalable messaging infrastructure that archives and indexes, using technology and software from Lightport and Iron Mountain
A number of other vendors offer products and services for message archiving. For example, Smarsh Inc., of Portland, Ore., recently announced the release of its Archive InSite product, which is geared to small- and mid-sized hedge funds.
It's Not Too Late
If you are a hedge fund manager and you haven't given much thought to the IM activity in your office, or to the issue of archiving electronic messages in general in anticipation of the imposition of mandatory SEC registration Feb. 1, 2006, not only do you still have about a year to get a system into place but you are far from alone.
Mr. Grandi says that many fund firms are just at the stage of appointing a chief compliance officer and that many fund executives, while vaguely aware that a record-retention protocol is part of the registration checklist, have not delved into the details. Right now he estimates that about 90% of funds have not achieved full compliance.
He says Eze Castle is starting to see an uptick in inquires about archiving from hedge funds in the wake of the SEC's adoption of the final rule, and he anticipates a large increase in activity over the next six months, a sentiment shared by FaceTime's Mr. Christensen and RFA's Mr. Fleischman, who says, "They're queuing up for the first and second quarter. By summertime, people will have something in place, or a clear plan."
"They are slowly learning," Mr. Grandi says. "They're asking questions. Now that they know there has to be a compliance officer, they're learning about it, but they don't know what it means."
Mr. Christensen observes a similar scene. "There's already some understanding, but maybe some frustration," he says. "They say, ‘We see the regulation, but explain to us what it means, how we can comply in an affordable, simple solution.' Most of these guys want to comply, and it's really been [a matter of] understanding what it means. Hedge funds typically are smaller organizations—kind of lean, mean organizations. Their IT is focused on proprietary algorithms for strategy, not information management."
The typical fund manager has a rather limited understanding of IM and archiving technology, to say the least, says Mr. Grandi. "The majority has no clue. They outsource everything, so they don't know a lot."
That's not to say that hedge fund managers should be signing up for night classes in IT. There's plenty of help from professionals available. Still, a bit of knowledge can be helpful. That a number of technology companies are able to provide compliance systems that are nearly turnkey in implementation and not highly burdensome to maintain is good news for time-stretched and cost-conscious managers, but a bit of time invested up front to understand the devilish ways of instant messaging can help ensure that the solution from the vendor is appropriate and as airtight as possible.
I Want My IM!
The technology vendors say that many of their clients, upon first learning about the rules for record retention and being told what a slippery fish IM is to catch and store, respond by proposing to banish the use of instant messaging from their premises.
The vendors also say it's a bad idea.
"The interesting thing with IM," says Mr. Grandi, "is that they'll say, ‘Well, I'll just tell people to stop using it.'"
Such a tack is ill-advised for two major reasons: the marketplace and human behavior.
Preventing people from using IM in a hedge fund office might solve some headaches for the hedge fund, but it won't change the fact that instant messaging is the primary means of communication for many of the folks with whom hedge funds do business—especially those in the trading community.
"We tell people, you can try to shut it down, but your traders and the people who have contact with Wall Street won't like it," Mr. Grandi says. "IM is prolific" in communication between buy and sell sides, he adds.
In other words, cutting off IM means cutting off an important channel of communication and could have a negative effect on efficiency and performance.
In any event, Mr. Christensen says, seeking to ban IM usage by fiat or trying to restrict usage to one IM network (the big three are AOL, Yahoo! and MSN) for the sake of standardization is an unrealistic strategy. People who use IM will keep using it unless they are physically prevented from doing so by network blocks.
As for confining users to one network, he notes that different IM networks prevail in different industries. Institutional traders on Wall Street use AOL's AIM "almost exclusively," he says, while among energy traders, Yahoo! Messenger is king. "There's cross-talk," he says, noting that many users communicate over more than one service. "Asking them to move" to one approved service, for the sake of simplifying the archiving process, "means they have to give up a piece of their Rolodex—their address network."
Mr. Christensen says that even the AOL and Yahoo! IM providers acknowledged how futile or misguided it is to try to confine users to one service when they abandoned last year their efforts to market an archiving and control product that worked only for traffic on their networks. He advises companies just to accept the fact that people use different networks and to adopt a compliance solution, such as FaceTime's or others, that works for all the known networks. "Most firms with more than 100 people already have all three major networks running. Even in a small shop with 15 people, there's always one or two people using something else."
Everybody Now
Because the SEC does not require that communication of all employees be retained—just that of those interacting with clients and involved in transactions—some companies that adopt archiving systems try to apply them only to selected users.
But the technology people say that savings obtained by excluding some mailboxes from an archiving solution are probably not worth the loss of certainty that everything is being retained. Mr. Christensen says many of the large institutions with which he works archives everything from everybody, for the sake of both simplicity and ultimate security. Mr. Fleischman says he advises all clients to include all employees. In many cases, especially at smaller offices, the extra software cost for universal coverage is negligible.
In setting up a retention system for IM, organizations might also do well to examine their general policies regarding the use of email and instant messaging—or to create and implement policies if they don't have them. As Mr. Fleischman notes in a statement on "messaging compliance" that he wrote, "Each email/IM sent has a potential liability attached. Executive management and corporate officers have a fiduciary duty to act in the best interest of the company and may become personally liable for statutory offenses committed by the firm. With so many people using email/IM so frequently, and having a mistaken impression that this type of communication is private, there is a risk of intellectual property or other confidential information being sent outside of the company's domain."
In short, it makes good business sense to have a policy on electronic messages and to ensure that employees are aware of it. A specific consideration for IM is screen names that people use. Mr. Christensen notes that unlike company email, with IM, users pick their own names, meaning that some guidelines might be in order. Among questions he suggests addressing are, "Are your people choosing risqué names? Is corporate HR policy being violated?"
A sound compliance and retention program also is likely to yield the benefit of increased security in a company's communication system, since the systems installed for archiving can also set up blocks to thwart would-be hackers, spoofers, identity thieves and other miscreants of the web.
No one says SEC registration is going to be a picnic, but by acting soon on email and IM issues, hedge fund managers can reap the satisfaction of both checking a regulatory chore off their list and finding that they have a communication system that is secure, efficient and law-abiding. At that fall seminar, Dale Martin, executive vice president of Cargill Financial Services, Chicago, noted that a properly instituted IM system is both an important security asset and a facilitator of good business practice. He said that excessive use of email by employees, with the constant "cc'ing" and lengthy volleying sessions of replies that flourish almost inevitably was choking work flow. "Email was being used as IM," he said. "Productivity suffered." Setting up a sanctioned, secure IM protocol and encouraging IM use addressed the problem and yielded benefits for the company. "We wanted to push an internal culture so that we had a global sense of community," he said, "so that we could provide outstanding service and so that all internal employees see the same culture."
TStanton@HedgeWorld.com
By Terry Stanton, Managing Editor
Monday, January 24, 2005 3:18:31 PM ET
Under registration, hedge funds will have to archive all electronic communication, including instant messaging
It's the cute little message system that once was mostly the province of keyboard-chattering teenagers and preadolescents. A fast way to share fleeting thoughts and tidbits of information with family, friends and co-workers, it's efficient, it's ephemeral, but now, for hedge funds, it's official—an official medium of business communication, that is.
It's instant messaging, and now that hedge funds face the prospect of mandatory registration with the Securities and Exchange Commission as investment advisers, they need to face the fact that IM-generated communication can be a bona fide business record. And that means they need to ensure that they have a system in place to store instant messages in a way that satisfies the commission's requirement as spelled out in Rule 17a-4 under the Securities Exchange Act of 1934, among other legal mandates that go with registration.
One for the Archives
At many unregistered funds, and probably at some that have signed up with regulators, executives haven't given much thought to whether their procedures for electronic storage—if they have any formal protocol at all—live up to federal standards. What attention they have paid to the issue might deal only with email. With its automatic backup and storage features, email sorts and retains its own record on hard drives and networks. Companies that back up and store the messages on tape may be satisfied that they are in compliance with regulations for the financial industry. Officials at such companies might want to get to know the rules better, including what kinds of searches they might have to conduct in the event of an audit.
At a seminar on the issue of record keeping and instant messaging at the fall meeting of the Futures Industry Association, David Cox, chief technical officer at Calyon Financial Inc., Chicago, told the audience, "Anyone in the room who thinks they're in compliance with the new regulations, think again."
While that discussion focused on how to lasso instant messaging into a proper storage pen, dealing with IM begins with understanding the requirements for retention of any electronic communication. The basic rule is that organizations in financial services, along with other selected industries, must capture and store for auditing purposes all business-related communications conducted by employees and with clients, generally for a minimum of five years.
For email, that means "a usage policy backed up by active processes for monitoring, archiving and storage," says Richard Fleischman, whose New York-based RFA Technology Consulting firm helps financial companies, hedge funds among them, with message-storage compliance issues. "Additionally they require an email forensic solution that can track, report and monitor email usage to avoid costly manual recovery practices," he said, referring to the complex process that may be involved in retrieving specific messages from records that merely have been slapped onto magnetic tape.
A fully compliant solution stores messages on a medium (WORM—or, "write once, read many") whose contents can be read but not written over or deleted and which can be retrieved in targeted searches, such as by individual, time period or trading position for a particular holding.
So far, the hedge fund world has not rushed into strict compliance.
"Virtually none of them archive email properly," says Chris Grandi, managing director of Boston-based Eze Castle Integration Inc., speaking of hedge fund clients with which his Boston-based firm has worked. "They back it up on tape, but then [to retrieve something for an audit] you have to restore it and search and find—which could take 300 hours and thousands of dollars to do. We deem that unacceptable."
The IM Conundrum
While a haphazard approach of back-up-and-hope might let a firm squeak by for email when the examiners come knocking—albeit with great expense and hassle—it won't work with instant messaging.
"In the IM space, there is more entropy than there is movement in the other direction," Jonathan Christensen, vice president of products and chief technology officer for FaceTime, Foster City, Calif., told his audience as a member of that IM seminar panel. In science, entropy refers to the tendency of things to move to a state of disorder, and while Mr. Christensen was describing the persistent lack of standardization and control among IM networks as their use grows, he also was referring to the tendency of information transmitted via IM to vanish into thin air unless deliberate measures are taken to capture it and store it.
While the same storage requirements that cover email apply to instant messages, complying with them is a trickier task technologically and one that eludes many firms that don't act. "The vast majority of IM use is still ‘undiscovered,'" Mr. Christensen said at the seminar. "Unlike email, IM has no backup or archive, no standard addressing method, no monitoring tools. It's very tricky to manage because of nuances as to how it works." And yet, he said, instant messaging is the fastest-growing form of communication, one that is used in 90% of enterprises and that by 2006 will "usurp email as the preferred method."
But tricky to manage is not the same as impossible or even highly difficult or expensive, all three of the IM specialists contacted for this article agree. Their companies each offer technical and administrative solutions for the IM challenge that don't require much in the way of active monitoring or policing and that can be economically feasible even for small shops.
On Site or Off
As with many IT challenges, organizations seeking to implement message archiving can work with suppliers to set up a system in-house or can completely outsource the job, including the physical storage, to a vendor. Many of the technology consultants that work in this field can help with either route.
Generally the in-house solution, involving an on-site server, has relatively high upfront costs—perhaps US$40,000 or more and requires some ongoing monitoring by internal employees with expertise. Shipping the storage job out to an offsite location requires no new onsite hardware and is much less expensive to implement, but may involve a per-user charge and will entail an ongoing service fee. Start-up costs for outsourcing may be as low as US$3,000.
For larger firms, the in-house option and the one-time major investment will even out with the ongoing cost of outsourcing in about 24 months, according to Mr. Fleischman (although periodically the storage medium in the on-site hardware must be replaced). Obviously, the outsourcing approach makes more economic sense for the many smaller firms that manage hedge funds. "Monthly, you're renting space on somebody's servers," he says, "but it's US$500 a month vs. US$40,000."
Money is not the whole issue. "The smaller shops definitely have less time and attention to worry about IT structure," says Mr. Christensen, whose FaceTime firm has an off-site archiving product, RTShield, geared to small- and medium-sized firms but which also counts many of the largest financial institutions among its customers. For many of the big banks, FaceTime's in-house IM Auditor system is the choice.
For the hedge funds served by Eze Castle, "off-site is much more popular," Mr. Grandi says. His firm markets its Integration Email & IM solution, which like many such offerings uses software from other suppliers (iLumin Software Services and IMIlogic) for archiving, indexing and retrieval tasks. As with other outsourced systems, Eze Castle's setup transfers a copy of each email and IM to secure facility. Those messages "sit in suburban Boston, outside any financial district," Mr. Grandi says.
RFA also offers two basic approaches. It can install an on-site server that collects email and instant messages (along with Bloomberg messaging, as most of the providers do), using Zantaz and IMLogic software. If the client firm chooses, RFA will monitor the system from offsite for a fee. RFA's offsite solution is called MessageRite. It provides a scalable messaging infrastructure that archives and indexes, using technology and software from Lightport and Iron Mountain
A number of other vendors offer products and services for message archiving. For example, Smarsh Inc., of Portland, Ore., recently announced the release of its Archive InSite product, which is geared to small- and mid-sized hedge funds.
It's Not Too Late
If you are a hedge fund manager and you haven't given much thought to the IM activity in your office, or to the issue of archiving electronic messages in general in anticipation of the imposition of mandatory SEC registration Feb. 1, 2006, not only do you still have about a year to get a system into place but you are far from alone.
Mr. Grandi says that many fund firms are just at the stage of appointing a chief compliance officer and that many fund executives, while vaguely aware that a record-retention protocol is part of the registration checklist, have not delved into the details. Right now he estimates that about 90% of funds have not achieved full compliance.
He says Eze Castle is starting to see an uptick in inquires about archiving from hedge funds in the wake of the SEC's adoption of the final rule, and he anticipates a large increase in activity over the next six months, a sentiment shared by FaceTime's Mr. Christensen and RFA's Mr. Fleischman, who says, "They're queuing up for the first and second quarter. By summertime, people will have something in place, or a clear plan."
"They are slowly learning," Mr. Grandi says. "They're asking questions. Now that they know there has to be a compliance officer, they're learning about it, but they don't know what it means."
Mr. Christensen observes a similar scene. "There's already some understanding, but maybe some frustration," he says. "They say, ‘We see the regulation, but explain to us what it means, how we can comply in an affordable, simple solution.' Most of these guys want to comply, and it's really been [a matter of] understanding what it means. Hedge funds typically are smaller organizations—kind of lean, mean organizations. Their IT is focused on proprietary algorithms for strategy, not information management."
The typical fund manager has a rather limited understanding of IM and archiving technology, to say the least, says Mr. Grandi. "The majority has no clue. They outsource everything, so they don't know a lot."
That's not to say that hedge fund managers should be signing up for night classes in IT. There's plenty of help from professionals available. Still, a bit of knowledge can be helpful. That a number of technology companies are able to provide compliance systems that are nearly turnkey in implementation and not highly burdensome to maintain is good news for time-stretched and cost-conscious managers, but a bit of time invested up front to understand the devilish ways of instant messaging can help ensure that the solution from the vendor is appropriate and as airtight as possible.
I Want My IM!
The technology vendors say that many of their clients, upon first learning about the rules for record retention and being told what a slippery fish IM is to catch and store, respond by proposing to banish the use of instant messaging from their premises.
The vendors also say it's a bad idea.
"The interesting thing with IM," says Mr. Grandi, "is that they'll say, ‘Well, I'll just tell people to stop using it.'"
Such a tack is ill-advised for two major reasons: the marketplace and human behavior.
Preventing people from using IM in a hedge fund office might solve some headaches for the hedge fund, but it won't change the fact that instant messaging is the primary means of communication for many of the folks with whom hedge funds do business—especially those in the trading community.
"We tell people, you can try to shut it down, but your traders and the people who have contact with Wall Street won't like it," Mr. Grandi says. "IM is prolific" in communication between buy and sell sides, he adds.
In other words, cutting off IM means cutting off an important channel of communication and could have a negative effect on efficiency and performance.
In any event, Mr. Christensen says, seeking to ban IM usage by fiat or trying to restrict usage to one IM network (the big three are AOL, Yahoo! and MSN) for the sake of standardization is an unrealistic strategy. People who use IM will keep using it unless they are physically prevented from doing so by network blocks.
As for confining users to one network, he notes that different IM networks prevail in different industries. Institutional traders on Wall Street use AOL's AIM "almost exclusively," he says, while among energy traders, Yahoo! Messenger is king. "There's cross-talk," he says, noting that many users communicate over more than one service. "Asking them to move" to one approved service, for the sake of simplifying the archiving process, "means they have to give up a piece of their Rolodex—their address network."
Mr. Christensen says that even the AOL and Yahoo! IM providers acknowledged how futile or misguided it is to try to confine users to one service when they abandoned last year their efforts to market an archiving and control product that worked only for traffic on their networks. He advises companies just to accept the fact that people use different networks and to adopt a compliance solution, such as FaceTime's or others, that works for all the known networks. "Most firms with more than 100 people already have all three major networks running. Even in a small shop with 15 people, there's always one or two people using something else."
Everybody Now
Because the SEC does not require that communication of all employees be retained—just that of those interacting with clients and involved in transactions—some companies that adopt archiving systems try to apply them only to selected users.
But the technology people say that savings obtained by excluding some mailboxes from an archiving solution are probably not worth the loss of certainty that everything is being retained. Mr. Christensen says many of the large institutions with which he works archives everything from everybody, for the sake of both simplicity and ultimate security. Mr. Fleischman says he advises all clients to include all employees. In many cases, especially at smaller offices, the extra software cost for universal coverage is negligible.
In setting up a retention system for IM, organizations might also do well to examine their general policies regarding the use of email and instant messaging—or to create and implement policies if they don't have them. As Mr. Fleischman notes in a statement on "messaging compliance" that he wrote, "Each email/IM sent has a potential liability attached. Executive management and corporate officers have a fiduciary duty to act in the best interest of the company and may become personally liable for statutory offenses committed by the firm. With so many people using email/IM so frequently, and having a mistaken impression that this type of communication is private, there is a risk of intellectual property or other confidential information being sent outside of the company's domain."
In short, it makes good business sense to have a policy on electronic messages and to ensure that employees are aware of it. A specific consideration for IM is screen names that people use. Mr. Christensen notes that unlike company email, with IM, users pick their own names, meaning that some guidelines might be in order. Among questions he suggests addressing are, "Are your people choosing risqué names? Is corporate HR policy being violated?"
A sound compliance and retention program also is likely to yield the benefit of increased security in a company's communication system, since the systems installed for archiving can also set up blocks to thwart would-be hackers, spoofers, identity thieves and other miscreants of the web.
No one says SEC registration is going to be a picnic, but by acting soon on email and IM issues, hedge fund managers can reap the satisfaction of both checking a regulatory chore off their list and finding that they have a communication system that is secure, efficient and law-abiding. At that fall seminar, Dale Martin, executive vice president of Cargill Financial Services, Chicago, noted that a properly instituted IM system is both an important security asset and a facilitator of good business practice. He said that excessive use of email by employees, with the constant "cc'ing" and lengthy volleying sessions of replies that flourish almost inevitably was choking work flow. "Email was being used as IM," he said. "Productivity suffered." Setting up a sanctioned, secure IM protocol and encouraging IM use addressed the problem and yielded benefits for the company. "We wanted to push an internal culture so that we had a global sense of community," he said, "so that we could provide outstanding service and so that all internal employees see the same culture."
TStanton@HedgeWorld.com
Monday, March 14, 2005
UK Pension Fund "Guidance" for HF Investing (SundayHerald.com)
Sunday Herald - 13 March 2005
Pension fund conference to tackle hedge fund fears
By Ian Fraser and Teresa Hunter
--------------------------------------------------------------------------------
HEDGE funds are to come out of the cold and into the investment mainstream at a major conference in Edinburgh this week.
The National Association of Pension Funds, whose members look after more than £600 billion for UK employees and pensioners, is holding its investment conference in the EICC from Wednesday to Friday.
The organisation will launch new guidance to UK occupational pension schemes endorsing the use of hedge funds as an asset class .
A document entitled Hedge Funds And Funds Of Hedge Funds Made Simple: What A Trustee Needs To Know, suggests that is acceptable for pension funds to put up to 10% to15% of total assets in this still controversial asset class.
The guide says hedge-fund investing makes sense as it is a means for pension-fund trustees to even out the risk in their portfolios.
The guide says: “For pension-fund trustees, an important consideration is that many hedge-fund strategies have historically provided [absolute] returns at lower volatility levels than the stock market.
“In general, hedge funds tend to measure and manage risk over much shorter time horizons, and are less tolerant of losses than in traditional asset classes.
“Most hedge funds are conservatively run and place great emphasis on disciplined risk management procedures. It is common for hedge-fund managers to invest a portion of their own capital in their portfolio, which is a strong indication that they do not want to take on any untoward risk.
“A low correlation with other investments [in a pension fund’s portfolio] has the potential to reduce the overall risk in the portfolio.”
But the document does accept that there are “some areas of risk [associated with hedge-fund investment] which are not desirable.” These include a lack of transparency.
Fees can also be very much higher. Typical management fees are 1% to 2% of invested assets, and performance fees are typically about 20% of realised returns.
Last April the Rail Pension Scheme declared it was going to invest more than £700 million in hedge funds, in a move that saw it overtake the BT Pension Scheme as the UK’s largest single investor in this asset class.
Railpen, as the scheme is known, controls £14bn in assets. The trustees were advised by Chris Hitchen, now Railpen’s chief executive, to allocate 5% of their assets to hedge-fund investments. Hitchen is chairing the session on hedge-fund investing at this week’s event.
At the NAPF conference, James Montier, of Dresdner Kleinwort Wasserstein, will propose a motion that, “This house believes that pension funds investing in hedge funds will all end in tears”. The motion is being opposed by Ian Morley of Morley, Day Olympia.
Other speakers include David Hunter, of Glasgow-based Arlington Property Investors and Nicola Horlick of Bramdean Asset Management who was last week rebuffed in her attempts to acquire Deutsche Asset Management’s UK business.
Trustees and fund managers will be urged to look increasingly to commodities, hedge funds and alternative forms of investment, against growing fears that equities will not produce sufficient return over the next decade to meet companies pensions promises.
Hitchen, chairman of the NAPF investment council, said: “Every pension fund needs to earn a certain return to meet their liabilities, which will continue to roll up. The future return from equities may not be enough to keep pace with the growing pension promise.”
This doomsday scenario would have it that despite the recent improvement in the FTSE, a 10-year famine looms. Hitchen said: “If you look at historic patterns, you can see a trend of 15 years of feast, followed by 15 years of famine. That means we still have 10 years to go before feast days return.”
Trustees and investment managers will be coached at the conference in the use of alternatives to equities, particularly hedge funds, commodities and private finance initiatives.
Hitchen, who is also the head of the railways pension fund, concluded: “These are difficult concepts for the average trustee to grasp.
“But in future, they will have to diversify their investment strategy and have a much wider basket.
“In the past, we all thought we knew where the best returns were to be had, and that was stock markets. That is no longer the case.”
--------------------------------------------------------------------------------
Pension fund conference to tackle hedge fund fears
By Ian Fraser and Teresa Hunter
--------------------------------------------------------------------------------
HEDGE funds are to come out of the cold and into the investment mainstream at a major conference in Edinburgh this week.
The National Association of Pension Funds, whose members look after more than £600 billion for UK employees and pensioners, is holding its investment conference in the EICC from Wednesday to Friday.
The organisation will launch new guidance to UK occupational pension schemes endorsing the use of hedge funds as an asset class .
A document entitled Hedge Funds And Funds Of Hedge Funds Made Simple: What A Trustee Needs To Know, suggests that is acceptable for pension funds to put up to 10% to15% of total assets in this still controversial asset class.
The guide says hedge-fund investing makes sense as it is a means for pension-fund trustees to even out the risk in their portfolios.
The guide says: “For pension-fund trustees, an important consideration is that many hedge-fund strategies have historically provided [absolute] returns at lower volatility levels than the stock market.
“In general, hedge funds tend to measure and manage risk over much shorter time horizons, and are less tolerant of losses than in traditional asset classes.
“Most hedge funds are conservatively run and place great emphasis on disciplined risk management procedures. It is common for hedge-fund managers to invest a portion of their own capital in their portfolio, which is a strong indication that they do not want to take on any untoward risk.
“A low correlation with other investments [in a pension fund’s portfolio] has the potential to reduce the overall risk in the portfolio.”
But the document does accept that there are “some areas of risk [associated with hedge-fund investment] which are not desirable.” These include a lack of transparency.
Fees can also be very much higher. Typical management fees are 1% to 2% of invested assets, and performance fees are typically about 20% of realised returns.
Last April the Rail Pension Scheme declared it was going to invest more than £700 million in hedge funds, in a move that saw it overtake the BT Pension Scheme as the UK’s largest single investor in this asset class.
Railpen, as the scheme is known, controls £14bn in assets. The trustees were advised by Chris Hitchen, now Railpen’s chief executive, to allocate 5% of their assets to hedge-fund investments. Hitchen is chairing the session on hedge-fund investing at this week’s event.
At the NAPF conference, James Montier, of Dresdner Kleinwort Wasserstein, will propose a motion that, “This house believes that pension funds investing in hedge funds will all end in tears”. The motion is being opposed by Ian Morley of Morley, Day Olympia.
Other speakers include David Hunter, of Glasgow-based Arlington Property Investors and Nicola Horlick of Bramdean Asset Management who was last week rebuffed in her attempts to acquire Deutsche Asset Management’s UK business.
Trustees and fund managers will be urged to look increasingly to commodities, hedge funds and alternative forms of investment, against growing fears that equities will not produce sufficient return over the next decade to meet companies pensions promises.
Hitchen, chairman of the NAPF investment council, said: “Every pension fund needs to earn a certain return to meet their liabilities, which will continue to roll up. The future return from equities may not be enough to keep pace with the growing pension promise.”
This doomsday scenario would have it that despite the recent improvement in the FTSE, a 10-year famine looms. Hitchen said: “If you look at historic patterns, you can see a trend of 15 years of feast, followed by 15 years of famine. That means we still have 10 years to go before feast days return.”
Trustees and investment managers will be coached at the conference in the use of alternatives to equities, particularly hedge funds, commodities and private finance initiatives.
Hitchen, who is also the head of the railways pension fund, concluded: “These are difficult concepts for the average trustee to grasp.
“But in future, they will have to diversify their investment strategy and have a much wider basket.
“In the past, we all thought we knew where the best returns were to be had, and that was stock markets. That is no longer the case.”
--------------------------------------------------------------------------------
SEC Registered Adviser Exams (Albourne Village 3/14/05)
Compliance Alert: Exam-by-Mail Mini Sweeps and New SEC Exam HotLine
posted by jeffmorton on Friday 11 Mar 2005 13:22 GMT
New SEC Mini-Sweep
It appears as though the SEC is beginning to conduct an "Exam-by-Mail" mini-sweep of advisers in the New York City area. Recently, several of our clients (mainly registered hedge fund managers) received a letter from the SEC via FedEx requesting 22 items to be sent back to the SEC no later than March 28, 2005. The letter indicates that the "staff's examination will focus on Registrant's brokerage arrangements and certain investment transactions made on behalf of Registrant's clients..." You can view the "Exam-by-Mail" request list by clicking on the following link: www.advisercomplianceassociates.com.
New SEC Exam Hotline
Lori Richards, Director of the SEC's Office of Compliance Inspections and Examinations, recently announced the rollout of a new SEC "Exam HotLine." According to Ms. Richards, the purpose of the HotLine is to field calls from members of the investment management industry who have a complaint or a concern about an SEC examination. The HotLine, which will be staffed by senior attorneys in OCIE's Office of Chief Counsel, can be reached by phone at (202) 551-EXAM (3926) or, alternatively, via e-mail at examhotline@sec.gov. For a copy of the speech announcing the creation of the HotLine, please see www.sec.gov.
If you have any questions on the above noted issues or if we can be of any assistance with the development or maintenance of your compliance program, please feel free to give us a call at your convenience.
Regards,
Adviser Compliance Associates, LLC 2120 L Street, NW, Suite 530 Washington, DC 20037 Ph: (202) 955-5800
posted by jeffmorton on Friday 11 Mar 2005 13:22 GMT
New SEC Mini-Sweep
It appears as though the SEC is beginning to conduct an "Exam-by-Mail" mini-sweep of advisers in the New York City area. Recently, several of our clients (mainly registered hedge fund managers) received a letter from the SEC via FedEx requesting 22 items to be sent back to the SEC no later than March 28, 2005. The letter indicates that the "staff's examination will focus on Registrant's brokerage arrangements and certain investment transactions made on behalf of Registrant's clients..." You can view the "Exam-by-Mail" request list by clicking on the following link: www.advisercomplianceassociates.com.
New SEC Exam Hotline
Lori Richards, Director of the SEC's Office of Compliance Inspections and Examinations, recently announced the rollout of a new SEC "Exam HotLine." According to Ms. Richards, the purpose of the HotLine is to field calls from members of the investment management industry who have a complaint or a concern about an SEC examination. The HotLine, which will be staffed by senior attorneys in OCIE's Office of Chief Counsel, can be reached by phone at (202) 551-EXAM (3926) or, alternatively, via e-mail at examhotline@sec.gov. For a copy of the speech announcing the creation of the HotLine, please see www.sec.gov.
If you have any questions on the above noted issues or if we can be of any assistance with the development or maintenance of your compliance program, please feel free to give us a call at your convenience.
Regards,
Adviser Compliance Associates, LLC 2120 L Street, NW, Suite 530 Washington, DC 20037 Ph: (202) 955-5800
Sunday, March 13, 2005
Use of "Related Performance" Data
Hedge Fund and Private Equity Fund Use of Related Performance - So That's the Difference!
March 08 2005
San Francisco, CA (www.hedgeco.net) When a hedge fund or private equity fund manager (collectively, "private fund managers") decides to organize a new fund, perhaps the most relevant information that a potential investor could be presented with would be the past performance of the existing funds advised by the private fund manager or a track record of the private fund manager developed at a previous employer. The presentation and use of this type of information is generally referred to as "related performance" and it is a topic of great interest at the National Association of Securities Dealers (the "NASD"). This "great interest" by the NASD affects every private fund manager that expects to generate distribution of its fund through third party marketing agents or capital introduction services of an NASD member broker dealer.
It is the NASD's position that Rule 2210 of the NASD's Rules of Conduct prohibits NASD member brokers from using or distributing sales materials or other communications to the public that present related performance. This prohibition applies not only to information prepared by the member broker, but also to information prepared by a non-member, such as a private fund manager. Accordingly, it is illegal for a broker to present to its clients the marketing materials prepared by a private fund manager if such marketing materials include related performance. The NASD reaffirmed this position in an interpretive letter to the Securities Industry Association dated October 2, 2003.
Most private fund managers are not NASD member brokers in reliance upon the "issuer's exemption" of Rule 3a4-1 under the Securities Exchange Act of 1934, and therefore, are not subject to the NASD prohibition on the use of related performance. As investment advisers to funds, private fund managers are subject to the anti-fraud provisions of the Investment Advisers Act of 1940 (the “Advisers Act”), whether or not they are actually registered with the Securities and Exchange Commission (the "SEC") as investment advisers. The SEC, in a line of no-action letters dating back to 1986, has permitted the use of various types of related performance in communications to clients under very specific conditions and with prominent and adequate disclosure with respect to what the related performance is and is not. If you think life is unfair, you should also know that it is the position of the NASD that member brokers may publish or distribute sales literature for a public commodity pool that presents the same related performance information that appears in the pool's offering document as prescribed by the Commodity Futures Trading Commission.
In a more recent interpretive letter (Davis Polk, December 30, 2003), the NASD attempted to draw a distinction between hedge funds and private equity funds for purposes of permitting the use of related performance. In this letter, the NASD took the position that a member broker may present related performance about a fund that is exempt from registration under Section 3(c)(7) of the Investment Company Act of 1940 (the "1940 Act"). A private fund that relies on Section 3(c)(7) must be completely comprised of "qualified purchasers," which means an individual with $5 million in investments, or an institution with at least $25 million in discretionary assets under management.
Although many private equity funds limit themselves to qualified purchasers, that is not the case for all. It is typical for most hedge funds, and a great number of private equity funds, to rely on the lower "accredited investor" standard of Section 3(c)(1) in order to permit investment by certain "friends and family" types. An "accredited investor" need only have $1 million in net worth and an income of $200,000 in each of the past two years. As a practical matter, this standard will likely increase as a result of the new hedge fund adviser registration rule, Rule 203(b)(3)-2, which effectively prohibits the use of performance fees in a private fund unless all investors meet the definition of "qualified client" in Rule 205-3 under the Advisers Act. Because most private funds impose a performance fee, after February 1, 2006, new private fund investors will likely be limited to those with $750,000 under management with that particular manager, or $1.5 million in net worth.
So where does this leave private fund managers that hope to take advantage of a broker dealer's capital introduction services? Unless the NASD can see its way clear to permit the use of related performance by member brokers for the benefit of their high net worth and sophisticated clients, member brokers will continue to direct clients to the private fund managers to obtain such information and hope that the NASD Enforcement arm does not view this activity as a circumvention of Rule 2210.
Note: White & Case LLP represents hedge fund and private equity fund sponsors and advisers, prime brokers, and administrators through its 38 offices in 25 countries around the world. For further information on the White & Case investment funds practice, contact:
Jay B. Gould, Esq.
White & Case LLP
San Francisco, California 94111
415-544-1112 (O)
310-800-6500 (C)
Jgould@whitecase.com
David A. Goldstein
White & Case LLP
New York, New York 10036
212-819-8757 (O)
917-891-8900 (C)
dgoldstein@whitecase.com
March 08 2005
San Francisco, CA (www.hedgeco.net) When a hedge fund or private equity fund manager (collectively, "private fund managers") decides to organize a new fund, perhaps the most relevant information that a potential investor could be presented with would be the past performance of the existing funds advised by the private fund manager or a track record of the private fund manager developed at a previous employer. The presentation and use of this type of information is generally referred to as "related performance" and it is a topic of great interest at the National Association of Securities Dealers (the "NASD"). This "great interest" by the NASD affects every private fund manager that expects to generate distribution of its fund through third party marketing agents or capital introduction services of an NASD member broker dealer.
It is the NASD's position that Rule 2210 of the NASD's Rules of Conduct prohibits NASD member brokers from using or distributing sales materials or other communications to the public that present related performance. This prohibition applies not only to information prepared by the member broker, but also to information prepared by a non-member, such as a private fund manager. Accordingly, it is illegal for a broker to present to its clients the marketing materials prepared by a private fund manager if such marketing materials include related performance. The NASD reaffirmed this position in an interpretive letter to the Securities Industry Association dated October 2, 2003.
Most private fund managers are not NASD member brokers in reliance upon the "issuer's exemption" of Rule 3a4-1 under the Securities Exchange Act of 1934, and therefore, are not subject to the NASD prohibition on the use of related performance. As investment advisers to funds, private fund managers are subject to the anti-fraud provisions of the Investment Advisers Act of 1940 (the “Advisers Act”), whether or not they are actually registered with the Securities and Exchange Commission (the "SEC") as investment advisers. The SEC, in a line of no-action letters dating back to 1986, has permitted the use of various types of related performance in communications to clients under very specific conditions and with prominent and adequate disclosure with respect to what the related performance is and is not. If you think life is unfair, you should also know that it is the position of the NASD that member brokers may publish or distribute sales literature for a public commodity pool that presents the same related performance information that appears in the pool's offering document as prescribed by the Commodity Futures Trading Commission.
In a more recent interpretive letter (Davis Polk, December 30, 2003), the NASD attempted to draw a distinction between hedge funds and private equity funds for purposes of permitting the use of related performance. In this letter, the NASD took the position that a member broker may present related performance about a fund that is exempt from registration under Section 3(c)(7) of the Investment Company Act of 1940 (the "1940 Act"). A private fund that relies on Section 3(c)(7) must be completely comprised of "qualified purchasers," which means an individual with $5 million in investments, or an institution with at least $25 million in discretionary assets under management.
Although many private equity funds limit themselves to qualified purchasers, that is not the case for all. It is typical for most hedge funds, and a great number of private equity funds, to rely on the lower "accredited investor" standard of Section 3(c)(1) in order to permit investment by certain "friends and family" types. An "accredited investor" need only have $1 million in net worth and an income of $200,000 in each of the past two years. As a practical matter, this standard will likely increase as a result of the new hedge fund adviser registration rule, Rule 203(b)(3)-2, which effectively prohibits the use of performance fees in a private fund unless all investors meet the definition of "qualified client" in Rule 205-3 under the Advisers Act. Because most private funds impose a performance fee, after February 1, 2006, new private fund investors will likely be limited to those with $750,000 under management with that particular manager, or $1.5 million in net worth.
So where does this leave private fund managers that hope to take advantage of a broker dealer's capital introduction services? Unless the NASD can see its way clear to permit the use of related performance by member brokers for the benefit of their high net worth and sophisticated clients, member brokers will continue to direct clients to the private fund managers to obtain such information and hope that the NASD Enforcement arm does not view this activity as a circumvention of Rule 2210.
Note: White & Case LLP represents hedge fund and private equity fund sponsors and advisers, prime brokers, and administrators through its 38 offices in 25 countries around the world. For further information on the White & Case investment funds practice, contact:
Jay B. Gould, Esq.
White & Case LLP
San Francisco, California 94111
415-544-1112 (O)
310-800-6500 (C)
Jgould@whitecase.com
David A. Goldstein
White & Case LLP
New York, New York 10036
212-819-8757 (O)
917-891-8900 (C)
dgoldstein@whitecase.com
Thursday, March 03, 2005
SEC Email Retention Policy
Financial-Planning.com
You've Got Mail
A new compliance rule raises a host of questions about recordkeeping and e-mail retention.
By Andrew Miller
March 1, 2005- Jo-Ann Gallerstein, a registered investment adviser in Morris County, N.J., has become as meticulous in handling compliance-related issues as she is in constructing clients' financial plans. She is taking no short cuts-investing nights and weekends familiarizing herself with the Securities and Exchange Commission's new and complex compliance regulation.
The rule, which went into effect in February, requires advisers to appoint a chief compliance officer and to adopt and implement written policies and procedures to prevent violations of federal securities laws. "I've dedicated a huge amount of time to compliance," Gallerstein says. The rule is designed to deter abuses uncovered by the SEC and state enforcement authorities involving advisers and broker-dealers, including self-dealing, misuse of nonpublic information, failure to supervise employee activities, and improper practices such as market timing and late trades.
The SEC has provided some general guidelines to help advisers follow the rule. "You should be tweaking your programs over time, not simply waiting until the annual review," Lori Richards, head of the SEC's Office of Compliance Inspections and Examinations, advised in a speech earlier this year. Yet the road to compliance isn't all that clear-cut.
Many investment advisers still are not sure what they need to do to meet the new guidelines, especially when it comes to recordkeeping. Although the rule doesn't explicitly mention retaining e-mails and other correspondence, it's widely viewed as requiring advisers to archive e-mails, in line with earlier broker-dealer rules that were issued by the SEC and the National Association of Securities Dealers.
The compliance rule comes about three years after the SEC issued a rule permitting advisers to maintain and preserve all forms of records, including documents received in any non-electronic format, on electronic media such as tapes or disks. That rule, which was meant to encourage greater use of electronic storage, did not explicitly mandate the use of electronic archiving, but did state that advisers "must have procedures to reasonably protect electronic records from loss, alteration, or destruction, to limit access to electronic records, and to assure that electronic records that are created from hard copy are complete, true, and legible." The earlier SEC rule also cited the "unique vulnerability of unprotected electronic records to undetectable alteration and falsification."
Anxious to avoid Eliot Spitzer's A list, the appetite of investment firms for new, more sophisticated archiving and search capabilities has grown with each developing scandal. The challenge is to fine-tune search capabilities to comb through ever-larger archives with greater precision, so that if regulators come calling or a case goes to court, the relevant records can be produced in a timely, cost-effective manner.
One case in point is UBS. Last year, the investment firm was sanctioned by a federal judge for destroying or failing to produce in a timely manner e-mails in a gender-discrimination lawsuit. The judge found UBS personnel had erased relevant e-mails-some were recovered from backup tapes; others were lost altogether. The case proves that all firms, including investment advisers, need to rethink their policies for routinely recycling or erasing such tapes, especially if they contain any evidence that may be used in a legal proceeding.
Investment advisers are now required to index records in a way that allows easy location, access, and retrieval; provide on demand a legible and complete copy of a record; and separately store, for the time required to preserve the original document (typically five years), a duplicate copy of the record on any medium. Dechert LLP, a Washington-based law firm, issued a memo this summer recommending investment advisers either save all of their e-mails, including personal e-mails and spam, or else save only those pertinent to business, while maintaining some system of surveying all deleted e-mails.
In the absence of more specific rulings from the SEC, many advisers, especially smaller, less-sophisticated ones, are finding themselves caught in a Catch-22. "They are uncertain whether they need to retain every electronic communication, including spam, explains Elizabeth Knoblock, an attorney in Dechert's financial services group.
Most regulatory experts urge advisers to be conservative. "The big question right now is, What do I save?'" says Mont Levy, a principal with Buckingham Asset Management, an investment adviser in St. Louis that provides advisory services to small investment advisers. Levy's answer: Save it all.
Other tips: Clearly mark e-mails that fall under attorney-client privilege, or else they're fair game for regulators. Also, do careful due diligence when evaluating vendors of e-mail retention systems; some are more robust than others, especially in litigation support, Levy says.
Most advisers are choosing to save everything. But merely saving e-mails to a hard drive isn't enough. "As I understand it, all business-related e-mails have to be maintained, be tamper-proof, well-organized, retrievable, and searchable by keywords and by categories," Gallerstein says. She's using AdvisorMail Lite, an e-mail compliance system from LiveOffice Corp. that's designed for investment advisers with 15 employees or less.
The product is a scaled-down version of AdvisorMail, which is used by 20% of the nation's largest broker-dealers to monitor, retain, and archive thousands of e-mails, attachments, and instant messages in a secure location. Both products allow for fast retrieval of electronic communications during audits, investigations, or litigation; monitor all inbound and outbound communications; and index communications by indicators like keyword, sender, recipient, and date.
The service costs about $2,500 annually, and includes one hour of compliance consulting services from National Regulatory Services (NRS), a regulatory consulting firm. (NRS and Financial Planning are both owned by Thomson Media). Despite the considerable sum, Gallerstein says that she has no choice: "I can't stay in business without being in compliance." She suggests e-mail retention is only part of an overall compliance strategy, which includes portfolio management processes, trading practices, accuracy of disclosures and advertising, safeguarding of client assets and privacy, and business continuity planning.
The pairing of LiveOffice and NRS is an example of the multidisciplinary approach needed to ensure advisers get the right blend of technology and regulatory advice. Shilanski and Associates, an Anchorage, Alaska-based investment adviser with 11 employees, uses Data Quality Institute, which provides a combination e-mail archiving and consulting service. The package costs about $3,000 a year, but again, it's a mandatory cost of doing business, says Rosa Shilanski, one of the firm's principals. She adds that the firm prohibits sending of any personal e-mails and instant messaging.
The key to meeting needs of investment advisers is keeping the costs down while providing the highest quality service, says Larry Nagelberg, president of Data Quality Institute in Richboro, Pa. Since the new compliance rule went into effect, customer inquiries have been rising noticeably, he notes. Data Quality Institute recently retained the services of Global Relay Communications, an e-mail archiving provider. Global Relay's core e-mail system, Record Keeper, connects to an investment adviser's internal e-mail system-such as Microsoft Exchange-in real time over a secure Internet connection; captures inbound, internal, and outbound e-mail; and then stores it on either the adviser's or Global Relay's servers.
Record Keeper captures, serializes, time-stamps, and duplicates each e-mail, concurrently storing a copy of each one in a primary database utilizing RAID (redundant arrays of inexpensive disks), in a secondary database using robotic tape libraries, and in a tertiary, offsite tape-storage database for disaster recovery and long-term storage. The system features lifecycle management of e-mail, including audit trails and action logs, to ensure that all retention and disposal schedules are met.
The system's Compliance Reviewer is a rules-based engine that scans an e-mail's header, body, and attachments, stripping all relevant text and metadata (data about data) from the e-mail. Users configure the rules to flag any keywords and phrases contained in the e-mail.
Bigger investment advisers with their own in-house information technology departments have to sort through a glut of technical and legal issues, such as complying with laws and regulations, protecting themselves from lawsuits and reducing the cost of e-mail environments. Among the technical decisions are whether to archive all incoming and outgoing e-mails, or just those for specific users or user groups, and whether to archive e-mails before or after they're sent or received.
Another technical decision is whether to rely on a pure e-mail archiving solution or a more comprehensive records management system aimed at handling a variety of paper and electronic records, including e-mail, documents, transactions, and voicemail. The two alternatives aren't mutually exclusive.
"For regulatory compliance purposes, a firm needs to get a solution up quickly. But for long-range purposes it needs to think about more than e-mail-it needs to implement a comprehensive records management policy where all information is maintained in one place," says Erica Rugullies, an analyst with Forrester Research, a market research firm in Cambridge, Mass.
E-mail archiving systems-offered by firms such as iLumin Software Services, Open Text, Veritas, and Zantaz-offer the ability to review a sample of messages randomly or based on a lexicon and to implement supervisory features such as alerts, holds, and workflow. Records management systems-offered by EMC, FileNet, IBM, Interwoven, and Stellent, among others-manage e-mail as part of a comprehensive document policy and don't offer supervisory features.
Although the e-mail archiving market is growing rapidly as firms seek compliance, that growth will slow as archiving functions are subsumed by records management systems, and as a new generation of mail servers emerges with built-in archiving capabilities. Forrester projects that the market for e-mail archiving systems, $200 million in 2003, will peak at $1 billion in 2006, then scale back to $660 million in 2008.
By that time, according to Forrester, 41% of the e-mail archiving market will be owned by vendors offering integrated records management and archiving products that will allow companies to define automated classification schemes and retention policies for all records, including e-mail. They'll also offer storage management features-allowing, for example, newer records to be stored on fast, erasable media and older records to be moved to slower, nonerasable media according to predefined rules.
Whatever happens on the technology front, it's clear that investment advisers need to make compliance part of their everyday routine. Those who flunk the compliance test could find themselves out of business-or in jail.
Andrew Miller is a freelance writer in New York specializing in business topics.
Copyright 2005 Thomson Media Inc. All Rights Reserved.
http://www.thomsonmedia.com http://www.Financial-Planning.com
You've Got Mail
A new compliance rule raises a host of questions about recordkeeping and e-mail retention.
By Andrew Miller
March 1, 2005- Jo-Ann Gallerstein, a registered investment adviser in Morris County, N.J., has become as meticulous in handling compliance-related issues as she is in constructing clients' financial plans. She is taking no short cuts-investing nights and weekends familiarizing herself with the Securities and Exchange Commission's new and complex compliance regulation.
The rule, which went into effect in February, requires advisers to appoint a chief compliance officer and to adopt and implement written policies and procedures to prevent violations of federal securities laws. "I've dedicated a huge amount of time to compliance," Gallerstein says. The rule is designed to deter abuses uncovered by the SEC and state enforcement authorities involving advisers and broker-dealers, including self-dealing, misuse of nonpublic information, failure to supervise employee activities, and improper practices such as market timing and late trades.
The SEC has provided some general guidelines to help advisers follow the rule. "You should be tweaking your programs over time, not simply waiting until the annual review," Lori Richards, head of the SEC's Office of Compliance Inspections and Examinations, advised in a speech earlier this year. Yet the road to compliance isn't all that clear-cut.
Many investment advisers still are not sure what they need to do to meet the new guidelines, especially when it comes to recordkeeping. Although the rule doesn't explicitly mention retaining e-mails and other correspondence, it's widely viewed as requiring advisers to archive e-mails, in line with earlier broker-dealer rules that were issued by the SEC and the National Association of Securities Dealers.
The compliance rule comes about three years after the SEC issued a rule permitting advisers to maintain and preserve all forms of records, including documents received in any non-electronic format, on electronic media such as tapes or disks. That rule, which was meant to encourage greater use of electronic storage, did not explicitly mandate the use of electronic archiving, but did state that advisers "must have procedures to reasonably protect electronic records from loss, alteration, or destruction, to limit access to electronic records, and to assure that electronic records that are created from hard copy are complete, true, and legible." The earlier SEC rule also cited the "unique vulnerability of unprotected electronic records to undetectable alteration and falsification."
Anxious to avoid Eliot Spitzer's A list, the appetite of investment firms for new, more sophisticated archiving and search capabilities has grown with each developing scandal. The challenge is to fine-tune search capabilities to comb through ever-larger archives with greater precision, so that if regulators come calling or a case goes to court, the relevant records can be produced in a timely, cost-effective manner.
One case in point is UBS. Last year, the investment firm was sanctioned by a federal judge for destroying or failing to produce in a timely manner e-mails in a gender-discrimination lawsuit. The judge found UBS personnel had erased relevant e-mails-some were recovered from backup tapes; others were lost altogether. The case proves that all firms, including investment advisers, need to rethink their policies for routinely recycling or erasing such tapes, especially if they contain any evidence that may be used in a legal proceeding.
Investment advisers are now required to index records in a way that allows easy location, access, and retrieval; provide on demand a legible and complete copy of a record; and separately store, for the time required to preserve the original document (typically five years), a duplicate copy of the record on any medium. Dechert LLP, a Washington-based law firm, issued a memo this summer recommending investment advisers either save all of their e-mails, including personal e-mails and spam, or else save only those pertinent to business, while maintaining some system of surveying all deleted e-mails.
In the absence of more specific rulings from the SEC, many advisers, especially smaller, less-sophisticated ones, are finding themselves caught in a Catch-22. "They are uncertain whether they need to retain every electronic communication, including spam, explains Elizabeth Knoblock, an attorney in Dechert's financial services group.
Most regulatory experts urge advisers to be conservative. "The big question right now is, What do I save?'" says Mont Levy, a principal with Buckingham Asset Management, an investment adviser in St. Louis that provides advisory services to small investment advisers. Levy's answer: Save it all.
Other tips: Clearly mark e-mails that fall under attorney-client privilege, or else they're fair game for regulators. Also, do careful due diligence when evaluating vendors of e-mail retention systems; some are more robust than others, especially in litigation support, Levy says.
Most advisers are choosing to save everything. But merely saving e-mails to a hard drive isn't enough. "As I understand it, all business-related e-mails have to be maintained, be tamper-proof, well-organized, retrievable, and searchable by keywords and by categories," Gallerstein says. She's using AdvisorMail Lite, an e-mail compliance system from LiveOffice Corp. that's designed for investment advisers with 15 employees or less.
The product is a scaled-down version of AdvisorMail, which is used by 20% of the nation's largest broker-dealers to monitor, retain, and archive thousands of e-mails, attachments, and instant messages in a secure location. Both products allow for fast retrieval of electronic communications during audits, investigations, or litigation; monitor all inbound and outbound communications; and index communications by indicators like keyword, sender, recipient, and date.
The service costs about $2,500 annually, and includes one hour of compliance consulting services from National Regulatory Services (NRS), a regulatory consulting firm. (NRS and Financial Planning are both owned by Thomson Media). Despite the considerable sum, Gallerstein says that she has no choice: "I can't stay in business without being in compliance." She suggests e-mail retention is only part of an overall compliance strategy, which includes portfolio management processes, trading practices, accuracy of disclosures and advertising, safeguarding of client assets and privacy, and business continuity planning.
The pairing of LiveOffice and NRS is an example of the multidisciplinary approach needed to ensure advisers get the right blend of technology and regulatory advice. Shilanski and Associates, an Anchorage, Alaska-based investment adviser with 11 employees, uses Data Quality Institute, which provides a combination e-mail archiving and consulting service. The package costs about $3,000 a year, but again, it's a mandatory cost of doing business, says Rosa Shilanski, one of the firm's principals. She adds that the firm prohibits sending of any personal e-mails and instant messaging.
The key to meeting needs of investment advisers is keeping the costs down while providing the highest quality service, says Larry Nagelberg, president of Data Quality Institute in Richboro, Pa. Since the new compliance rule went into effect, customer inquiries have been rising noticeably, he notes. Data Quality Institute recently retained the services of Global Relay Communications, an e-mail archiving provider. Global Relay's core e-mail system, Record Keeper, connects to an investment adviser's internal e-mail system-such as Microsoft Exchange-in real time over a secure Internet connection; captures inbound, internal, and outbound e-mail; and then stores it on either the adviser's or Global Relay's servers.
Record Keeper captures, serializes, time-stamps, and duplicates each e-mail, concurrently storing a copy of each one in a primary database utilizing RAID (redundant arrays of inexpensive disks), in a secondary database using robotic tape libraries, and in a tertiary, offsite tape-storage database for disaster recovery and long-term storage. The system features lifecycle management of e-mail, including audit trails and action logs, to ensure that all retention and disposal schedules are met.
The system's Compliance Reviewer is a rules-based engine that scans an e-mail's header, body, and attachments, stripping all relevant text and metadata (data about data) from the e-mail. Users configure the rules to flag any keywords and phrases contained in the e-mail.
Bigger investment advisers with their own in-house information technology departments have to sort through a glut of technical and legal issues, such as complying with laws and regulations, protecting themselves from lawsuits and reducing the cost of e-mail environments. Among the technical decisions are whether to archive all incoming and outgoing e-mails, or just those for specific users or user groups, and whether to archive e-mails before or after they're sent or received.
Another technical decision is whether to rely on a pure e-mail archiving solution or a more comprehensive records management system aimed at handling a variety of paper and electronic records, including e-mail, documents, transactions, and voicemail. The two alternatives aren't mutually exclusive.
"For regulatory compliance purposes, a firm needs to get a solution up quickly. But for long-range purposes it needs to think about more than e-mail-it needs to implement a comprehensive records management policy where all information is maintained in one place," says Erica Rugullies, an analyst with Forrester Research, a market research firm in Cambridge, Mass.
E-mail archiving systems-offered by firms such as iLumin Software Services, Open Text, Veritas, and Zantaz-offer the ability to review a sample of messages randomly or based on a lexicon and to implement supervisory features such as alerts, holds, and workflow. Records management systems-offered by EMC, FileNet, IBM, Interwoven, and Stellent, among others-manage e-mail as part of a comprehensive document policy and don't offer supervisory features.
Although the e-mail archiving market is growing rapidly as firms seek compliance, that growth will slow as archiving functions are subsumed by records management systems, and as a new generation of mail servers emerges with built-in archiving capabilities. Forrester projects that the market for e-mail archiving systems, $200 million in 2003, will peak at $1 billion in 2006, then scale back to $660 million in 2008.
By that time, according to Forrester, 41% of the e-mail archiving market will be owned by vendors offering integrated records management and archiving products that will allow companies to define automated classification schemes and retention policies for all records, including e-mail. They'll also offer storage management features-allowing, for example, newer records to be stored on fast, erasable media and older records to be moved to slower, nonerasable media according to predefined rules.
Whatever happens on the technology front, it's clear that investment advisers need to make compliance part of their everyday routine. Those who flunk the compliance test could find themselves out of business-or in jail.
Andrew Miller is a freelance writer in New York specializing in business topics.
Copyright 2005 Thomson Media Inc. All Rights Reserved.
http://www.thomsonmedia.com http://www.Financial-Planning.com
