April 2010 - Journal of Securities Law, Regulation & Compliance Volume 3 Number 2 Compliance risk: A critical business risk for asset managers ABSTRACT 2010 presents a historical moment to define the path forward to the ‘future of enterprise risk management and mitigation strategies’ of increasing compliance risk for asset managers.1–4 The recent financial crises and cases of material compliance violations, Ponzi schemes, fraudulent activities, misappropriation of investors’ assets and collapse of major financial firms have had significant, harmful impact on investors and shareholders. Serious compliance violations, such as insider trading, have proven to be self-destructive to asset managers. No one is immune to these trends. ‘Enterprise Risk Management — 2010 and Beyond Forward Looking Approach by Asset Managers’ is a series of papers dedicated to regulatory developments and industry best practices in the enterprise risk management with a focus on ‘compliance risk: a critical business risk for asset managers’.

1. Yvonne I. Pytlik is a Managing Partner at Global
Compliance Risk Management Corporation
(GlobalRMC) in New York City. GlobalRMC, a
strategic advisory and compliance risk manage-
ment firm, focuses on Enterprise Risk
Management principles, governance techniques
and cutting-edge compliance solutions. Yvonne
is a senior executive and one of the industry’s
most highly regarded strategists in compliance
risk management and corporate governance for
financial institutions. As a global head of risk
management at Deutsche Bank AG, she devel-
oped and implemented global risk management
and governance oversight in the Americas,
Europe and Asia-Pacific regions. She is a com-
pliance subject-matter expert in CCO regula-
tions for global asset managers.
Jennifer S. Myers is a Managing Partner at
GlobalRMC. She is a senior compliance and risk
management lawyer who provides analysis and
strategic advice to financial institutions and
asset managers on regulatory compliance, risk
management, and corporate governance issues.
She began her career at the New York City office
of Shearman & Sterling. Jennifer holds a JD
degree from Harvard Law School and a BA from
Yale University.
ABSTRACT
2010 presents a historical moment to define the
path forward to the ‘future of enterprise risk
management and mitigation strategies’ of
increasing compliance risk for asset managers.1–4
The recent financial crises and cases of material
compliance violations, Ponzi schemes, fraudulent
activities, misappropriation of investors’ assets
and collapse of major financial firms have had
significant, harmful impact on investors and
shareholders. Serious compliance violations, such
as insider trading, have proven to be self-destruc-
tive to asset managers. No one is immune to
these trends. ‘Enterprise Risk Management —
2010 and Beyond Forward Looking Approach
by Asset Managers’ is a series of papers dedi-
cated to regulatory developments and industry
best practices in the enterprise risk management
with a focus on ‘compliance risk: a critical busi-
ness risk for asset managers’.
Keywords: risk management, compli-
ance, compliance risk, governance,
chief compliance officer, SEC, FINRA,
FED, FDIC, FSA
INTRODUCTION
The most recent financial crisis and major
overhaul of financial services regulations are
causing asset managers to challenge their
enterprise risk management infrastructure,
governance, methodologies, standards and
processes to further improve their risk man-
agement efforts. 2010 is a historical
Journal of Securities Law, Regulation & Compliance Volume 3 Number 2
Page 180
Journal of Securities Law,
Regulation & Compliance
Vol. 3 No. 2, pp. 180–189
᭧ Henry Stewart Publications,
1758–0013
Compliance risk: A critical business risk
for asset managers
Yvonne I. Pytlik* and Jennifer S. Myers**
Received (in revised form): 25th February, 2010
*Global Compliance Risk Management Corporation, 245 Park Avenue, 24th Floor,
New York, NY 10022, USA.
Tel: +1 781 835 8360; E-mail: ypytlik@GlobalRMC.com
**Global Compliance Risk Management Corporation, 245 Park Avenue, 24th Floor,
New York, NY 10022, USA.
E-mail: jmyers@GlobalRMC.com
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 180

2. moment to define the path forward to the
‘future of enterprise risk management’ and
mitigation strategies of increasing compli-
ance risk for asset managers.
The recent array of material compli-
ance violations, Ponzi schemes and fraud-
ulent activities,5
misappropriation of
investors’ assets and collapse of major
financial institutions have had significant,
harmful impact on investors and share-
holders.6
Compliance is becoming a critical ele-
ment of an overall enterprise risk manage-
ment framework. Leading asset managers
are taking a proactive and comprehensive
approach in identifying emerging risks,
such as compliance and business risks.
Compliance risk is expected to increase
even further due to re-assessing post-crisis
economic conditions, increasing complex-
ity of business offerings, global business
expansions combined with increasing
complexity of the regulatory landscape,
cross-jurisdictional regulations and the
imposition of higher compliance standards
by regulators and investors.
The challenge for most asset managers is
to effectively manage enterprise and com-
pliance risks, find efficiency in the way that
risk management protects and creates the
greatest value for asset managers, investors
and shareholders by balancing risk, cost
and value across the enterprise. Asset man-
agers who effectively address this challenge
will not only protect their firm by creating
sustainable values, but will also outperform
their competitors.
2010 REGULATORY FOCUS
Regulators are urging board members and
senior managers to be more proactive in
setting risk ‘appetite’ for financial institu-
tions, establish effective risk governance
oversight and compliance programmes,
and in setting and maintaining a stated tol-
erance for risk. Enterprise Risk
Management is a critical strategic and
business decision-making framework for
identifying, monitoring and managing risk
across the whole organisation.
The recent financial crisis and material
compliance violations, in many cases,
resulted from inadequate risk management
functions and weaknesses in compliance
governance leading to business risks.These
risks directly resulted in reputational
damage for asset managers, a collapse of
financial institutions and significant capital
losses for investors and shareholders.
In her 2010 Testimony Concerning the
State of the Financial Crisis, US Securities
and Exchange Commission (SEC)
Chairman Mary L. Schapiro highlighted
the primary causes of the financial crisis
related to risk management:7
• A siloed financial regulatory framework
that lacked the ability to monitor and
reduce risks across entities and markets.
• Insufficient risk management and risk
oversight by boards and management.
• Perverse incentives and asymmetric
compensation arrangements that
encouraged significant risk-taking.
• A widespread view that markets were
almost always self-correcting resulted in
weaker standards and regulatory gaps.
• The proliferation of complex financial
products that was not fully transparent.
The SEC and other regulatory agencies
will continue to address legal and regula-
tory gaps that came to light during the
recent crises thus helping policymakers to
build better regulatory oversight across
financial services industry.
COMPLIANCE RISK IS EMERGING AS
CRITICAL BUSINESS RISK
Enterprise Risk Management with com-
pliance as a critical component to mitigate
business risk is a forward-looking
Page 181
Pytlik and Myers
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 181

3. approach that regulators will enforce and
pro-active asset management embrace
going forward to protect their firms,
investors and shareholders.8–10
Regulators and leading asset manage-
ment firms strive to improve their risk
management efforts and aspire towards the
integration of risk management infrastruc-
ture, methodologies and standards with
compliance as a critical component of a
‘single view of risk’ across the organisation.
The US Federal Reserve Board
Chairman Ben S. Bernake has explicitly
stated that ‘policy makers must insist that
the large financial firms be capable of mon-
itoring and managing their risk in a timely
manner and on an enterprise-wide basis’.
In October 2009, a group of senior
financial supervisors from five major
nations reported that financial firms still
need ‘full and ongoing commitment to
risk control by management, as well as
dedication of considerable resources
toward developing the necessary informa-
tion technology infrastructure’ to imple-
ment the best practices for pro-active risk
management in their firms.11
President Obama’s ‘Financial
Regulatory Reform’ and other regulatory
initiatives currently before the US Senate,
also impose higher regulatory standards
and implies best practices that will guide
the financial services industry in imple-
menting effective risk management and
compliance programmes.This new regula-
tory framework clearly positions
Enterprise Risk Management as the best
practice for financial institutions to recali-
brate in a post-crisis global financial
system.12
COMPLIANCE VIOLATIONS ARE
DETRIMENTAL TO ASSET
MANAGERS
As economic turmoil leads to compliance
risk, reputational damage and eventually to
business risk, equally, material compliance
violations lead to serious consequences for
asset managers, which in turn, become
business risk.13
The recent cases of insider trading,
Ponzi schemes, fraud and other compli-
ance violations have had a tremendous
impact on the industry. Serious compli-
ance violations impact investors, share-
holders and are self-destructive to asset
managers themselves. No one is immune
to these trends.14
As the recent demise of Galleon
Management LP clearly shows, one of the
most significant business risks that asset
managers face today is compliance risk.
Perhaps, a better word might be ‘vaporisa-
tion’ — in the face of parallel civil and
criminal cases brought by the SEC against
Galleon, the former high-flying hedge
fund went out of business in a matter of
days.
As Robert Khuzami, Director of the
SEC’s Division of Enforcement,15
point-
edly stated in announcing the Galleon
indictments: ‘We [SEC] are developing a
variety of initiatives to do that involve
greater specialisation and expertise,
improved technological tools to track and
analyse trading, better coordination
among regulators and law enforcement,
new legislative initiatives, and other
means to address these areas. It would be
wise for investment advisers and corpo-
rate executives to closely look at today’s
case, their own internal operations, and
the increasing focus and scrutiny on
hedge fund trading activity by the SEC
and others, and consider what lessons can
be learned and applied to their own
operations.’16
REGULATORY ENFORCEMENT
Regulatory agencies clearly will enforce
non-compliance and vigorously prosecute
firms for violations. The SEC has histori-
Compliance risk: A critical business risk for asset managers
Page 182
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 182

4. cally combated fraud in the financial mar-
kets as one of its key missions.17
From fiscal year (FY) 2007 through FY
2009, the SEC opened 2,610 investiga-
tions and brought 1,991 cases charging a
variety of securities laws violations includ-
ing, and beyond, those related to the causes
of the financial crisis.18
Major recent regu-
latory enforcement actions include:
• October 2009, Galleon Group founder
is arrested along with five others for
US$20m insider trading scheme involv-
ing IBM, Intel and McKinsey;
• December 2008, Bernard L. Madoff,
who is currently serving a 150-year
sentence in federal prison, orchestrated
a multi-billion dollar Ponzi scheme that
swindled money from thousands of
investors;
• September 2009, the SEC accuses Reza
Saleh for making US$8.6m in illegal
profit, which he agreed to return in set-
tlement with the SEC;
• February 2008, Hong Kong banker and
two others paid 24 million US Dollars
to settle civil charges.
Even aside from the Galleon and Madoff
cases, this is a critical moment for asset
managers to reassess their compliance risk
management programmes. Both Congress
and the SEC have identified a need for
more rigorous risk management practices
for the financial institutions, and hedge
fund regulation as key goals of an ambitious
financial regulatory reform programme.
REGULATORY REFORMS
The SEC’s enforcement initiatives to date
in 2010 reflect the broader scope of the
pending regulatory reform. The SEC con-
siders much more aggressive enforcement
a ‘vital part of risk management and crisis
avoidance’ to restore investor confidence
and hold market participants accountable.
In her testimony concerning the state
of the financial crisis, SEC Chairman
Mary L. Schapiro stated: ‘Consistent and
vigorous enforcement is a vital part of risk
management and crisis avoidance — par-
ticularly in times and areas of substantial
financial innovation’ highlighting major
future regulatory initiatives:19
• The vital importance that vigorous
enforcement of existing laws and regu-
lations plays in the fair and proper func-
tioning of financial markets.
• Vigorous enforcement is essential to
restoring and maintaining investor con-
fidence.
• Through aggressive and even-handed
enforcement, we deter others from
engaging in wrongdoing.
• Enforcement agencies should continue
to work together to address financial
crimes.
• Large financial crimes can often involve
multiple jurisdictions and legal frame-
works making it essential for different
agencies to work closely together.
LEADING ERM AND COMPLIANCE
INDUSTRY BEST PRACTICES
Looking forward, a ‘single view across the
organisation towards the future of enter-
prise risk management’ becomes a neces-
sary response to the evolution of risk.20–22
Enterprise Risk Management practices
that ‘demonstrated a comprehensive
approach to viewing firm-wide exposures
and risks’ were cited by the Senior
Supervisory Group as differentiating fac-
tors to more effectively mitigate overall
business risks.
Enterprise Risk Management, a firm-
wide integrated risk management
approach allows financial firms to analyse
current, evolving and emerging risks
across the whole firm. Compliance and
regulatory risk management is a vital
Page 183
Pytlik and Myers
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 183

5. component to prevent compliance viola-
tions thus to mitigate significant business
risk to financial firms, banks, hedge funds,
and asset managers.
This is a critical moment for asset man-
agers to reassess their compliance risk
management programmes and take much
more proactive actions to address compli-
ance risk as a critical business risk.
There are several areas where proactive
asset managers may protect their firms and
investors: first and foremost, having a
single view across the organisation and
truly identifying in a systematic and
methodological way the highest risk across
the organisation. One of these risks is
insider trading which should be on the
agenda for boards and senior management
and executive committees.23
COMPLIANCE RISK MITIGATION
STRATEGIES
As an integral part of an enterprise risk
management strategy, financial firms
should be looking at their internal envi-
ronments and achieving a greater under-
standing as to how compliance violations
can be prevented, monitored and resolved
in a timely manner.
Having a strong governance, escalation
process and remediation strategy is critical
in mitigating compliance and business
risks. From that perspective, asset managers
need strong methodologies and standards.
The second area to be evaluated in light
of insider trading and other serious com-
pliance violations is companies’compliance
programmes across the organisation. What
types of policies are in place to address
serious compliance violations, including
insider trading and other critical regulatory
rules and laws? What kinds of procedures
and control infrastructure are in place on
the business side, and what supervision is in
place to effectively identify insider trading
and serious compliance violations?24
The compliance programme should
generate a comprehensive and timely
report for senior management and govern-
ance boards that provides current industry
‘hot topics’, emerging regulatory, business
strategic, operational, financial, and market
risks. Both qualitative and quantitative
measures of internal controls’ effectiveness
and mitigation strategies of high risks for
each business and compliance unit should
be an integral part of corporate risk gover-
nance and oversight.
CORPORATE RISK GOVERNANCE
In December 2009, the SEC adopted rule
amendments that will significantly
improve disclosure in the key areas of risk,
compensation, corporate governance and
director qualifications, including:
• Management and Boards of Directors
to be more accountable. The quality of
a board’s oversight of risk management
can make an enormous difference in
our economy, and particularly in finan-
cial markets.
• A fundamental concept underlying cor-
porate law is that a company’s board of
directors, while charged with oversight
of the company, is accountable to its
shareholders, who in turn have the
power to elect the board.
• Thus, boards are accountable to share-
holders for their decisions concerning,
among other things, executive pay, and
for their oversight of the companies’
management and operations, including
the risks that companies undertake.
• Enhanced disclosure about the deci-
sions and performance of directors will
help shareholders make informed deci-
sions about the election of directors.
• Short-term compensation incentives
can drive long-term risk. Another
lesson learned from the crisis is that
there can be a direct relationship
Compliance risk: A critical business risk for asset managers
Page 184
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 184

6. between compensation arrangements
and corporate risk taking.
• Financial institutions created asymmet-
ric compensation packages that paid
employees enormous sums for short-
term success, even if these same deci-
sions result in significant long-term
losses or failure for investors and tax-
payers.25
FIDUCIARY RESPONSIBILITIES
In addition, the SEC is focusing on asset
managers’ fiduciary standard of conduct as
part of a heightened regulatory regime
when providing services to their
clients:26–28
• Regulation should be rationalised for
broker-dealers and investment advisers,
particularly with respect to the services
they provide to retail investors.
• Investment advisers are fiduciaries to
their clients with a fundamental obliga-
tion to act in the best interests of clients
and to provide investment advice in
clients’ best interests.
• They have a duty of undivided loyalty
and utmost good faith and must not
engage in any activity in conflict with
the interest of any client.
• Fiduciary obligations mandate reason-
able care to avoid misleading clients and
to provide full and fair disclosure of all
material facts to clients and prospective
clients, including conflicts of interests.
Generally, facts are ‘material’ if a reason-
able investor would consider them to be
important.
• Departure from fiduciary standards may
constitute ‘fraud’.
Registered investment companies and
registered investment advisers must have
effective compliance programmes29
to
prevent, detect and promptly correct com-
pliance violations.
The Chief Compliance Officer should
be empowered with full responsibility and
authority to develop and enforce appro-
priate policies and procedures for the firm.
GUIDING PRINCIPLES FOR
COMPLIANCE RISK MANAGEMENT
According to the SEC Rules, a compli-
ance programme should be reasonably
designed to ensure compliance with fed-
eral securities laws, including the follow-
ing key components:30–35
• Corporate governance with clearly
defined accountabilities and responsibil-
ities for compliance programme;
• ‘Tone at the Top’ and a strong compli-
ance culture should be established
through senior management commit-
ment and partnership with compliance;
• Enterprise risk assessment and manage-
ment to properly identify systematic
risks and mitigation strategies across an
organisation;
• Appropriate oversight committees as a
forum for the business to raise its con-
cerns with Compliance and Legal
should be in place and meet regularly;
• A high awareness level of compliance
issues, including developing regulatory
trends, should be established;
• A risk assessment methodology and
risk-based compliance programme,
including compliance audits, reviews
and testing, and service provider over-
sight should be in place;
• A ‘global view’ on compliance and
regulatory requirements should be
extended to encompass all relevant
business activities and regions globally.
BUILDING AN EFFECTIVE
COMPLIANCE PROGRAMME
The Chief Compliance Officer should
have a position of sufficient seniority and
Page 185
Pytlik and Myers
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 185

7. authority within the organisation to
compel others to adhere to the compli-
ance policies and procedures:36–38
• Written compliance policies and proc-
edures should be reasonably designed
and implemented to prevent, detect and
promptly correct any violation of the
federal securities laws.
• Comprehensive compliance monitor-
ing, surveillance programmes and foren-
sic testing over regulatory requirements
should be established.
• Training should be regularly provided
by Compliance and Legal to business
personnel so they are aware of and may
properly supervise compliance with
regulatory requirements.
• Regular management reporting of
standing compliance/legal issues and
open audit points should be in place to
ensure accountability and expedient
resolution of compliance issues.
• Open communication and escalation of
compliance matters and issues to invest-
ment company boards should be estab-
lished.
• Compliance issues should be effectively
resolved and business groups should
take responsibility for addressing areas
identified for improvement.
COMPLIANCE RISK ASSESSMENT
METHODOLOGY
A compliance risk assessment is an integral
part of a compliance programme, guiding
the allocation of compliance resources,
assisting in the development of compli-
ance monitoring surveillance programmes,
and testing activities for those areas that
pose the greatest potential risks to asset
managers and their clients.
Because regulatory, economic, industry
and operating conditions will continue to
change, regulatory and market risk moni-
toring should be built into the risk assess-
ment methodology to ensure that the
identification and evaluation of compli-
ance risks is a proactive and dynamic
process.
Asset managers should consider estab-
lishing a disciplined compliance risk
assessment methodology for identifying,
measuring and mitigating compliance
risks.
ANNUAL RISK-BASED REVIEW AND
TESTING PROGRAMME
The review and testing programme is a
robust process to validate key infrastruc-
ture supporting the compliance pro-
gramme requirements in place, to identify
potential conflicts of interest within the
organisation and to identify compliance
risk ‘trigger events’. The review and test-
ing programme should encompass an
evaluation of the adequacy of the policies
and procedures and an assessment of the
effectiveness of their implementation,
supervisory controls, existence and evi-
dence of supervision, training and moni-
toring programmes by asset managers in
connection with complying with federal
securities laws.
COMPLIANCE AND SURVEILLANCE
MONITORING, FORENSIC TESTING
Asset managers should have a comprehen-
sive on going compliance programme for
monitoring, surveillance and testing of
business activities to prevent, detect and
promptly correct violations of federal
securities laws.
A comprehensive compliance pro-
gramme should monitor the following key
regulations:
• Insider trading and Chinese walls, con-
flicts of interests, portfolio management
— investment guidelines and restric-
tions monitoring;
Compliance risk: A critical business risk for asset managers
Page 186
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 186

8. • Portfolio trading monitoring, cross-
trade activity, trade allocation and
bunching, trading with affiliates, soft
dollars, insider trading, and personal
trading monitoring;
• Gifts and entertainment monitoring;
• Code of Ethics, proxy voting, conflicts
of interests; sales practices, licensing and
registration, disclosures, marketing
materials review;
• Anti-money laundering review and
monitoring.
An asset manager’s goal should be to
develop and implement system-based
compliance monitoring, surveillance pro-
grammes and forensic testing with a max-
imum level of automation.
CORPORATE OVERSIGHT AND
ESCALATION REPORTING
The compliance programme should gen-
erate a comprehensive and timely report
for senior management and investment
governance boards. These reports typically
provide current industry ‘hot topics’ and
emerging enterprise-wide risks, including:
business strategic, regulatory compliance,
operational, financial, credit and market
risks. The qualitative and quantitative
measurements of internal controls effec-
tiveness and mitigation strategies of high
risks should encompass each business and
compliance unit across an organisation.
FORWARD-LOOKING RISK
MANAGEMENT AND COMPLIANCE
The current economic and business envi-
ronment is forcing a fundamental change
in the regulatory landscape, organisational
culture, corporate governance and compli-
ance oversight of asset managers, and is
moving the industry towards a holistic
view of enterprise risk management.39–41
The choice facing asset managers is not
whether to implement these changes but
what approach to take in implementing
them. As the business and regulatory envi-
ronment continues to evolve, asset man-
agers that succeed will be those that can
demonstrate the ability to drive business
performance and achieve regulatory com-
pliance by strategically aligning risk man-
agement and business strategies.
One central mechanism for reducing
systemic risk and pro-actively manage
avoiding future crises as well as achieving
regulatory compliance is to ensure the
same rules apply to economically equiva-
lent asset managers globally. Asset managers
should ensure that risk for similar products
and asset classes are mitigated similarly.
CONCLUSION
Enterprise risk management is set to be on
regulatory authorities, boards, investors,
shareholders and asset managers’ agendas
for some time to come. As asset managers
seek the right enterprise risk management
approaches, there is a clear need in the
financial services industry for more proac-
tive, leading practice toward the ‘future of
enterprise risk management’. A strategic
enterprise risk management approach can
help asset managers to navigate and
develop a more forward-looking approach
to effectively manage increasing compli-
ance risk as a critical business risk.
An effective compliance programme
across the organisation is a critical compo-
nent of business stability and success.
References
(1) Schapiro, M. L. (2010) ‘Testimony
Concerning the State of the Financial
Crisis’, SEC, Before the Financial Crisis
Inquiry Commission, 14th January,
http://www.sec.gov/news/testimony/20
10/ts011410mls.htm.
Of the 1,991 cases, 519 (over 26 per
Page 187
Pytlik and Myers
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 187

9. cent) involved financial fraud or public
company reporting violations; 511 (over
25 per cent) involved fraud or other
misconduct by broker-dealers,
investment advisers, or transfer agents;
330 (over 16 per cent) involved
fraudulent or unregistered offerings; and
272 (over 13 per cent) involved insider
trading or market manipulation. Other
traditional programme areas include
delinquent filings and municipal
offerings. As part of these cases, the SEC
has sued among others, public
companies, corporate officers, auditors
and audit firms, attorneys,
broker-dealers, investment advisers, and
self-regulatory organisations under the
SEC’s purview.
(2) Khuzami, R. (2009), Speech by SEC
Staff: Remarks at Press Conference, SEC
Division of Enforcement, SEC, 16th
October. http://www.sec.gov/news/
speech/2009/spch101609rk.htm.
(3) Rodier, M. ‘Insider Trading — Can
Insider Trading Be Stopped’,Wall Street
and Technology. In what has been
termed the biggest insider trading ring
in a generation, the SEC recently
brought cases against the founder of the
Galleon Group hedge fund and former
directors at a Bear Stearns hedge fund.
In a series of interviews, Senior Editor
Melanie Rodier spoke with Larry Tabb,
founder and CEO of TABB Group, and
Yvonne Pytlik, managing partner, Global
Compliance Risk Management Corp.,
about what processes and technology
financial firms can use to stop insider
trading. http://www.globalcompliance
risk.com/index.php/news.
(4) President’s Obama ‘Financial Regulatory
Reform’ and the US Regulators are
further imposing higher regulatory
standards and best practices to guide
‘Financial Services Industry in
implementing Risk Management and
Compliance Programs’. President
Obama’s Plan for Financial Regulatory
Reform. See generally, Draft of the
Restoring American Financial Stability
Act, as introduced to the US Senate on
15th March, 2010, and predecessor drafts.
(5) See ref. 3.
(6) Ibid.
(7) See ref. 1.
(8) Ibid.
(9) See ref. 2.
(10) See ref. 3.
(11) October 2009, Senior Supervisors Group
issued the ‘Risk Management Lessons
from the Global Banking Crisis of
2008’, which concludes that there are
four risk practices critical to achieve a
balance of the effective enterprise risk
management and banks performance in
the financial crisis: Effective firm-wide
risk identification and analysis;
Consistent application of independent
and rigorous valuation practices across
the firm; Effective management of
funding liquidity, capital, and the balance
sheet; and Informative and responsive
risk measurement and management
reporting, http://www.sec.gov/news/
press/2009/report102109.pdf.
(12) See ref. 4.
(13) See ref. 3.
(14) Ibid.
(15) See ref. 2.
(16) Ibid.
(17) Litigation Release No. 21407/4th
February, 2010. Securities and Exchange
Commission v. Bank of America
Corporation, Civil Action Nos. 09-6829,
10-0215 (S.D.N.Y). Bank Of America
Agrees to Pay US$150m to Settle SEC
Charges. SEC Charges State Street for
‘Misleading Investors About Subprime
Mortgage Investments’. Boston-Based
Firm to Settle Charges by Repaying
Fund Investors More Than US$300m.
‘The Securities and Exchange
Commission today charged
Boston-based State Street Bank and
Trust Company with misleading its
investors about their exposure to
subprime investments while selectively
disclosing more complete information to
specific investors’, http://www.sec.gov/
litigation/litreleases/2010/lr21407.htm.
(18) See ref. 2.
(19) See ref. 1.
Compliance risk: A critical business risk for asset managers
Page 188
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 188

10. Page 189
Pytlik and Myers
(20) Ibid.
(21) See ref. 2.
(22) See ref. 3.
(23) Ibid.
(24) Ibid.
(25) President’s Working Group on Financial
Markets (PWG) (2008) The Asset
Management Committee (‘AMC’)
released best practices for Hedge Fund
Industry (‘AMC Report’),
http://amaicmte.org/Public/AMC%20
Report%20-%20Final.pdf.
(26) Managed Funds Association (2009),
‘Sound Practices for Hedge Funds’,
released 31st March, http://www.
managedfunds.org/mfas-sound-practices
-for-hedge-fund-managers.asp.
(27) See ref. 25.
(28) President’s Working Group on Financial
Markets (PWG) (2008) Investors
Committee (‘IC Report’) issued
Principles and Practices for Hedge Fund
Investors, http://amaicmte.org/Public/
Investors%20Report%20-%20Final.pdf.
(29) ‘2010 and Beyond — Chief Compliance
Officer Compliance Programme’ —
New Regulatory Requirements and
Best Practices, http://www.global
compliancerisk.com/pdfs/PytlikAuthor
September2009F.pdf.
(30) See ref. 1.
(31) See ref. 2.
(32) See ref. 3.
(33) See ref. 26.
(34) See ref. 25.
(35) See ref. 28.
(36) See ref. 1.
(37) See ref. 2.
(38) See ref. 3.
(39) See ref. 1.
(40) See ref. 2.
(41) See ref. 3.
Pytlik:JSC page.qxd 26/04/2010 13:56 Page 189