Lessons Learned from SEC Actions against Chief Compliance Officers
Question: What are the lessons learned from SEC actions against Chief Compliance Officers?
Answer: The Securities and Exchange Commission (“SEC”) does not typically bring enforcement actions against compliance officers unless redlines have clearly been crossed, for example when a compliance officer provides false information to the regulators or otherwise knowingly misleads them. Several actions were brought in 2025 by SEC against Chief Compliance Officers(“CCO”) under the Investment Advisers Act of 1940 (the “Adviser’s Act”).The Adviser’s Act requires investment advisers registered with the SEC to designate a CCO to administer and enforce compliance policies and procedures.
While the enforcement actions were brought in the context of compliance function of the registered investment advisers, they do highlight the importance of compliance officers and provide lessons as to their critical responsibilities in the context of corporate compliance in general. For example, in one of the cases, when the SEC conducted its investigation and requested to provide documents related to annual compliance review and testing, the CCO created, signed and backdated such documents for the three years. The CCO was found to be willfully aiding and a betting violations of recordkeeping and compliance obligations.
In another case, the company’s Code of Ethics required CCO’s approval for purchasing or selling securities in the personal accounts of certain access persons. Upon SEC’s review it transpired that the relevant forms were often not completed until after the transactions were completed and that the CCO retroactively modified previously completed forms and created forms for prior transactions, where no forms existed. In engaging in this conduct, the CCO failed to keep true and accurate records required by the company’s policies and procedures and failed to provide to the SEC true and accurate records in response to the SEC’s examination.
In general, it is important to keep true, accurate, and current books and records, also with respect to compliance policies and implementation. The policies need to take into account the nature of your company’s operations and specific compliance needs. We advise to review the adequacy of your compliance policies and procedures and the effectiveness of their implementation at least annually. Your compliance officer should have responsibility and authority to develop and enforce the policies and be senior enough within your organization to ensure that the procedures are properly followed.
*The contents of this message, current at the date of publication, are for reference and general informational purposes only and do not constitute legal advice. You should contact your attorney to obtain advice with respect to any particular legal matter. You should not act or refrain from acting on the basis of information in this publication without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.
Question: What are the lessons learned from SEC actions against Chief Compliance Officers?
Answer: The Securities and Exchange Commission (“SEC”) does not typically bring enforcement actions against compliance officers unless redlines have clearly been crossed, for example when a compliance officer provides false information to the regulators or otherwise knowingly misleads them. Several actions were brought in 2025 by SEC against Chief Compliance Officers(“CCO”) under the Investment Advisers Act of 1940 (the “Adviser’s Act”).The Adviser’s Act requires investment advisers registered with the SEC to designate a CCO to administer and enforce compliance policies and procedures.
While the enforcement actions were brought in the context of compliance function of the registered investment advisers, they do highlight the importance of compliance officers and provide lessons as to their critical responsibilities in the context of corporate compliance in general. For example, in one of the cases, when the SEC conducted its investigation and requested to provide documents related to annual compliance review and testing, the CCO created, signed and backdated such documents for the three years. The CCO was found to be willfully aiding and a betting violations of recordkeeping and compliance obligations.
In another case, the company’s Code of Ethics required CCO’s approval for purchasing or selling securities in the personal accounts of certain access persons. Upon SEC’s review it transpired that the relevant forms were often not completed until after the transactions were completed and that the CCO retroactively modified previously completed forms and created forms for prior transactions, where no forms existed. In engaging in this conduct, the CCO failed to keep true and accurate records required by the company’s policies and procedures and failed to provide to the SEC true and accurate records in response to the SEC’s examination.
In general, it is important to keep true, accurate, and current books and records, also with respect to compliance policies and implementation. The policies need to take into account the nature of your company’s operations and specific compliance needs. We advise to review the adequacy of your compliance policies and procedures and the effectiveness of their implementation at least annually. Your compliance officer should have responsibility and authority to develop and enforce the policies and be senior enough within your organization to ensure that the procedures are properly followed.
*The contents of this message, current at the date of publication, are for reference and general informational purposes only and do not constitute legal advice. You should contact your attorney to obtain advice with respect to any particular legal matter. You should not act or refrain from acting on the basis of information in this publication without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.
