The parade of civil and criminal insider trading investigations, indictments, prosecutions, and escalating monetary sanctions has dropped a very potent message on the thresholds of the Hedge Fund community: take compliance risk management as seriously as you take your fund’s return of Alpha. Last week’s announcement of a $600MM insider trading settlement will no doubt galvanize Hedgies to undertake an internal assessment of the efficacy of their insider trading compliance risk controls and, more broadly, the business processes, infrastructure, and compliance risk program across all areas of their business model and their related compliance risks.
Are the SAC Capital and other recent Hedge Fund connected insider trading debacles just the tip of the iceberg of undetected insider trading? We believe that it may indeed be and should be the stimuli for hedge funds to evaluate the internal compliance risk controls they have invested, or perhaps, under-invested in, to determine if: 1) their compliance risk stakeholders have the right-size technology to discharge their “detect, prevent, and deter” regulatory supervisory responsibilities; and 2) these risk controls will insulate their C-suite against control-person liability.
Flagging and reviewing P&L grand slams falls into the category of low-lying fruit from a compliance risk management perspective and begs the question as to whether compliance has their eye on the ball. It also invites the question as to activities that are under the iceberg and that may be off the compliance group’s radar screens (e.g. insider trading using credit default swaps on the target and/or acquirer’s debt in an unannounced M&A deal). While the recent regulations enacted pursuant to Dodd-Frank (e.g. Hedge Fund IA registration) will no doubt compel Hedge Fund management to embrace their compliance responsibilities with more enthusiasm and capital spend than they may have in the past, it remains to be seen if they will do so on a reactive or a proactive basis.