STRAIT, a provider of outsourced compliance, fund administration, financial oversight and investor relations services to private fund advisers, has adopted a “control framework” model for its fully outsourced regulatory compliance offering. Already in common use for public company financial controls and among European regulated entities to meet compliance goals, STRAIT’s Control Framework is a unique application of this comprehensive and transparent model to U.S. based investment advisers’ compliance needs.
WHAT IS THE STRAIT COMPLIANCE CONTROL FRAMEWORK?
In addition to its project-based offerings such as regulatory filings, periodic policy reviews, and regulatory exam support, STRAIT also offers execution of the compliance program on an outsourced basis. A common approach to doing so, internally and via outsourced providers, is with reference to a narrative form compliance manual/code of conduct which is heavy on regulatory guidance but light on actual process, various disparate logs and questionnaires to evidence vague procedures, and a year-end review document of policies and procedures drawn from disparate and isolated underlying support documents like those logs and questionnaires.
The STRAIT Compliance Control Framework provides both a detailed and holistic view of all adviser regulatory responsibilities and controls in one place, while demonstrating real-time application of controls in an auditable format. That single view includes:
- Every securities regulation applicable to the adviser, such as controls of conflicts, marketing rules, and insider trading;
- The actual SEC, state or other regulatory agency rule pertaining to the regulatory responsibility;
- An explicit reference to the language of the compliance manual or policy regarding the regulatory responsibility to ensure alignment among law, policy and practice;
- A risk assessment to transparently provide a reference to “why we do this” and a way to assess “are we doing it well”;
- A listing of all tailored procedures and controls to meet the responsibilities, including when and how to do them;
- Any findings as a result of the application of the policy or procedure;
- Any recommendations for enhancement of the compliance program that flow from findings, and demonstration of their adoption via integration back into the STRAIT Control Framework; and
- Integrated support documents demonstrating an auditable and active compliance program, such as redlines of marketing material, internal memos, and records of client communications.
The STRAIT Control Framework is also a live document that is securely internet-based, providing clients a real-time picture of progress, enhancing both transparency and accountability. STRAIT supplements this transparency with regular, documented meetings with the adviser’s Chief Compliance Officer to educate, share facts and recommendations, gain context, and lay out action items.
WHY IS THE STRAIT COMPLIANCE CONTROL FRAMEWORK IMPORTANT AND HOW IS IT DIFFERENT?
An adviser’s compliance program is a large and ongoing project, requiring organization and effective project management. Flipping pages through a compliance manual and numerous exhibits and logs commonly provide little guidance on how to complete the project and whether one has done enough.
Moreover, these tools can make demonstrating that the project has been done and done well even more difficult, sometimes bringing operations to a halt to pull documents and craft an audit trail during an investor due diligence, internal review, or regulatory exam.
The STRAIT Control Framework provides a clear, central view of what is being done, why it is being done, and the history of all efforts to be fully and continually compliant with law and regulation.