Securities and Exchange Commission member Daniel M. Gallagher said the agency unfairly targeted chief compliance officers in recent enforcement actions and is leaving them unsure of the extent of their responsibility for firm behavior.
Mr. Gallagher issued a statement Thursday dissenting from SEC settlements in two recent cases. In one of them, the agency charged that BlackRock Advisors did not have a compliance program to monitor advisers' outside business activities.
In the other case, the SEC charged the CCO of SFX Financial Advisory Management Enterprises with failing to implement procedures to stop theft from clients' accounts.
The actions show a tendency by the agency to punish compliance officers for violations of an SEC rule, known as 206(4)-7, that requires firms to write and implement compliance programs, according to Mr. Gallagher.
As a result, the SEC is “sending a troubling message that CCOs should not take ownership of their firm's compliance policies and procedures … or worse, that CCOs should opt for less comprehensive policies and procedures,” Mr. Gallagher wrote.
The trend is especially harmful for small firms, where there is often just one set of policies for compliance and business functions and the CCO could be accountable for securities violations committed by other staff.
“Given the vitally important role played by compliance personnel, I am very concerned that continuing uncertainty as to the contours of liability under Rule 206(4)-7 will disincentivize a vigorous compliance function at investment advisers,” Mr. Gallagher said.
Blurred lines between compliance and the rest of the firm are a growing source of confusion, said Dennis Stubblefield, a partner at Shustak & Partners.
The SEC wants compliance officers to be forceful and have influence at the top of the firm, yet they also can be held liable for what happens on the business side, he said. A case involving Theodore Urban, former general counsel at Ferris Baker Watts Inc., highlights the dilemma. An SEC split decision didn't resolve the question of whether Mr. Urban should have taken action to fire a rogue broker rather than recommend the supervisor discipline him.
“There's an irreconcilable conflict that is out there,” said Mr. Stubblefield, a former SEC branch chief of enforcement in the agency's Miami office. “Compliance personnel are very, very concerned about the uncertainty of when they will and will not end up being deemed a supervisor.”
Amy Lynch, president of FrontLine Compliance, a consulting firm, said she agrees with Mr. Gallagher that the SEC should clarify what's expected of compliance officers.
“Senior management and the CCO are all responsible for whether the program works,” Ms. Lynch said. “The SEC could make the rule much more-user friendly for CCOs.”
In the meantime, CCOs should keep careful track of what they tell executives about problems at the firm.
“The proper approach for the CCO is to do their job, do it well, and document,” Ms. Lynch said. “That will protect him or her in an enforcement action.”