Dual-Hatted CEO and CCO Named Individually in SEC Settlement for Compliance Violations

On December 5, 2022, the SEC filed a settled action against investment advisory firm Two Point Capital Management Inc. (the Firm) and its chief executive officer, who also served as the Firm’s chief compliance officer until February 2021 (TPCM CEO/CCO). The Firm and TPCM CEO/CCO agreed to pay $100,000 collectively to settle the matter, with the SEC charging the TPCM CEO/CCO individually for causing the Firm’s violations.

The SEC alleged the Firm failed to meet the requirements of Section 206(4) of the Investment Advisers Act of 1940 (Advisers Act) and Rule 206(4)-7 thereunder when it did not adopt and implement appropriate compliance policies and procedures. Specifically, the Firm used a compliance handbook published by a professional trade organization without any tailoring to its client base or investment advisory business, did not conduct compliance training, and, from at least 2012 through 2021, did not conduct annual reviews of its compliance program.

The SEC also alleged the Firm violated Section 204A of the Advisers Act and Rule 204A-1 thereunder when it did not establish, maintain, and enforce a written code of ethics containing certain necessary provisions — these included the requirement to comply with applicable federal securities laws and to report code-of-ethics violations, and the requirement for select personnel to report, and the investment adviser to review, securities transactions and holdings.¹ According to the SEC, the Firm’s written code of ethics was adopted wholesale from a professional organization’s code of ethics, without the addition of any of the above provisions.

The Firm did receive credit, however, for appointing a new chief compliance officer and retaining a third-party compliance consulting firm.

This settlement and the individual charges provide several important reminders. First, the SEC, when appropriate, will investigate and charge compliance professionals and, if further deemed appropriate to do so, name them individually. Second, the multi-hatted chief compliance officer (CCO) can be at an increased risk for scrutiny by the SEC. Finally, as firms evolve they need to devote appropriate resources to the CCO role and the compliance functions, including the utilization of outside resources as may be appropriate.