SEC Proposes Series of Rules Affecting Private Fund Advisers

On February 9, 2022, the SEC proposed a series of sweeping new rules and rule amendments[1] (“Proposed Rules”) under the Investment Advisers Act of 1940 (“Advisers Act”). If adopted, these rules would prohibit certain activities relating to private funds and significantly increase the reporting, disclosure and compliance requirements of private fund advisers,[2] including by:

• prohibiting certain allocations of fees and expenses, compensation arrangements and transactions involving conflicts of interest;
• prohibiting certain “preferential” redemption rights and information rights provided to investors, including by way of side letters;
• requiring the delivery of quarterly statements regarding private fund performance, fees and expenses;
• requiring the delivery of a fairness opinion in connection with certain GP-led secondaries transactions;
• requiring an annual, independent audit for each private fund;
• requiring the adoption and implementation of written policies and procedures designed to address cybersecurity risks;
• expanding the “books and records” rule relating to each of the above; and
• requiring written documentation of the adviser’s annual compliance audit.

Certain of the Proposed Rules would move U.S. securities laws applicable to private funds from a largely disclosure-based regime to a rules-based regime.

Prohibited Activities

The Proposed Rules would prohibit all private fund advisers, including those that are not registered (i.e., exempt reporting advisers), from engaging in certain practices, conflicts of interest and compensation arrangements that are, according to the SEC’s Proposing Release, “contrary to the public interest and the protection of investors.” Some of these activities are common in the private funds’ marketplace and have been accepted for years by advisers and investors in their advisory contracts as market standard. For instance, the Proposed Rules would change the decades-long accepted allocation of risks manifested in typical fund documents. These activities would be prohibited regardless of whether the private fund’s governing documents permit such activities, the adviser otherwise discloses the practices and/or the private fund’s investors (or LPAC) have consented to the activities either expressly or implicitly. The prohibited activities include:

• reducing the amount of an “adviser clawback”[3] (commonly referred to as a “GP clawback”) by actual, potential or hypothetical taxes applicable to the adviser, its related persons, or their respective owners or interest holders;
• seeking reimbursement, indemnification, exculpation or limitation of an adviser’s liability by the private fund or its investors for a breach of fiduciary duty (regardless of whether state or other law would permit an adviser to waive its fiduciary duty), willful misfeasance, bad faith, negligence or recklessness in providing services to the private fund;
• charging a portfolio investment[4] for monitoring, servicing, consulting or other fees in respect of any services the investment adviser does not, or does not reasonably expect to, provide to the portfolio investment (e.g., accelerated monitoring fees; private funds with a 100% management fee offset if the adviser retains excess transaction fees where no further management fee offset can be applied and the private fund investors are not offered a rebate or another economic benefit equal to their pro rata share of any such excess fees);
• charging a private fund for fees or expenses associated with an examination or investigation of the adviser or its related persons[5] by governmental or regulatory authorities;
• charging a private fund for regulatory or compliance expenses or fees of the adviser or its related persons (e.g., the adviser’s Form ADV);
• charging fees or expenses related to a portfolio investment on a non-pro rata basis when multiple private funds and other clients advised by the adviser or its related persons have invested (or propose to invest) in the same portfolio investment; and
• borrowing money, securities or other fund assets, or receiving an extension of credit, from a private fund client.

Preferential Treatment; Side Letters

The Proposed Rules would prohibit private fund advisers from providing certain types of “preferential” treatment (based on a facts and circumstances analysis) to private fund investors, including preferential redemption rights and preferential information rights regarding the portfolio holdings or exposures of the private fund, in each case, if the adviser reasonably expects such treatment to have a material, negative effect on other investors in that private fund or in a substantially similar pool of assets:[6]

In addition, private fund advisers would be prohibited from, directly or indirectly, providing any other preferential treatment (e.g., excuse rights, lower fees) to any private fund investor, unless the adviser provides written disclosure regarding such preferential treatment:

• with respect to a prospective investor in the same private fund, prior to the investor’s investment; and
• with respect to an existing investor in the same private fund, annually if any preferential treatment has been provided to an investor since the last notice provided.

Quarterly Statement

The Proposed Rules would require private fund advisers to provide standardized, quarterly statements to investors[7] within 45 days after each calendar quarter end detailing information about each private fund’s fees, expenses and performance (unless such quarterly statement is prepared and delivered by another person). Each statement would be required to include prominent disclosure regarding the manner in which expenses, payments, allocations, rebates, waivers and offsets are calculated, as well as cross references to the relevant sections of the private fund’s organizational and offering documents that set forth the calculation methodology.

• Private Fund-Level Table and Disclosure – a single table that would provide reporting on a fund-wide basis (as opposed to individualized investor-level reporting) allowing investors to compare costs across private funds, including line items reflecting total dollar amounts in each of the following categories:
  • all compensation, fees and other amounts allocated or paid to the adviser or any of its related persons by the private fund during the reporting period (“adviser compensation”),[8] including, but not limited to, management, advisory, sub-advisory, or similar fees or payments, and “performance-based compensation”[9] (including carried interest) (in each case, both before and after the application of any offsets, rebates or waivers);
  • all fees and expenses paid by the private fund during the reporting period other than those disclosed as adviser compensation (“fund expenses”), including, but not limited to, organizational, accounting, legal, administration, audit, tax, due diligence and travel expenses (in each case, both before and after the application of any offsets, rebates or waivers); and
  • the amount of any offsets or rebates carried forward during the reporting period to subsequent quarterly periods to reduce future payments or allocations to the adviser or its related persons.
• Portfolio Investment-Level Table and Disclosure – a single table covering all portfolio investments that allocated or paid the investment adviser or its related persons compensation, fees or other amounts during the reporting period, including line items in each of the following categories:
  • the total dollar amount of all “portfolio investment compensation” [10] allocated or paid by each “covered portfolio investment”[11] during the reporting period, including origination, management, consulting, monitoring, servicing, transaction, administrative, advisory, closing, disposition, directors, trustees or similar fees or payments by the covered portfolio investment to the investment adviser or any of its related persons (in each cases, both before and after the application of any offsets, rebates or waivers); and
  • the private fund’s ownership percentage of each covered portfolio investment (determined as of the end of the reporting period) that paid or allocated portfolio investment compensation to the adviser or its related persons during the reporting period or, if the fund does not have an ownership interest in the covered portfolio investment (e.g., where the fund holds a debt instrument), the adviser would be required to list zero percent as the fund’s ownership percentage along with a brief description of the fund’s investment in such covered portfolio investment.
• Performance Disclosure – standardized fund performance information based on the type of fund, including prominent disclosure of the criteria used and assumptions made in calculating the performance:
  • “Illiquid Funds”[12] (typically, private equity, real estate and venture capital funds) – the following performance measures, shown since inception of the illiquid fund through the end of the quarter covered by the quarterly statement and computed without the impact of any “fund-level subscription facilities”[13]:
    • gross internal rate of return[14] (“IRR”) and gross multiple of invested capital[15] (“MOIC”) for the illiquid fund;
    • net IRR and net MOIC for the illiquid fund;
    • gross IRR and gross MOIC for the realized and unrealized portions of the illiquid fund’s portfolio, with the realized and unrealized performance shown separately; and
    • a “statement of contributions and distributions”[16] for the illiquid fund.
  • “Liquid Funds”[17] (typically, hedge funds) – the following performance measures:
    • annual net total returns for each calendar year since inception;
    • average annual net total returns over the one-, five- and ten- calendar year periods; and
    • the cumulative net total return for the current calendar year as of the end of the most recent calendar quarter covered by the quarterly statement.

Adviser-led Secondaries

The Proposed Rules would prohibit a private fund adviser from completing an adviser-led secondary[18] transaction with respect to any private fund, unless the adviser distributes to investors in the private fund, prior to the closing of the transaction, a fairness opinion from an independent opinion provider[19] and a summary of any material business relationships[20] the adviser or any of its related persons has, or has had within the past two years, with the independent opinion provider.

Mandatory Annual Audit

The Proposed Rules would require[21] registered private fund advisers to obtain a financial statement audit[22] at least annually for each private fund (and upon a fund’s liquidation), performed by an independent public accountant[23] and prepared in accordance with U.S. GAAP.[24] Such audited financial statements would be required to be distributed to current investors[25] “promptly” (rather than pursuant to a specific deadline) after the completion of the audit. The private fund adviser would be required to enter into a written agreement with the auditor pursuant to which the auditor must notify the SEC: (i) promptly upon issuing an audit report to the private fund that contains a modified opinion and (ii) within four business days of resignation or dismissal from, or other termination of, the engagement, or upon removing itself or being removed from consideration for being reappointed.

Cybersecurity

The SEC also proposed new cybersecurity risk management rules and amendments to enhance cybersecurity preparedness and improve the resilience of investment advisers and investment companies[26] against cybersecurity threats and attacks. The Proposed Rules would require:

• Policies and Procedures – investment advisers to adopt and implement written policies and procedures that are reasonably designed to address cybersecurity risks, in each case, tailored to the adviser based on its business operations, including its complexity, and attendant cybersecurity risks. The Proposed Rules list certain general elements that advisers would be required to address in their cybersecurity policies and procedures, including the following:
  • Risk Assessment – periodic assessments of cybersecurity risks associated with adviser information systems and adviser information residing therein, including requiring the adviser to: (i) categorize and prioritize cybersecurity risks based on an inventory of the components of their information systems, the information residing therein, and the potential effect of a cybersecurity incident on the adviser; and (ii) identify their service providers that receive, maintain or process adviser information, or that are permitted to access their information systems, including the information residing therein, and identify the cybersecurity risks associated with the use of these service providers;
  • User Security and Access – controls designed to minimize user-related risks and prevent the unauthorized access to information and systems; related policies and procedures must include: (i) requiring standards of behavior for individuals authorized to access adviser information systems and any adviser information residing therein, such as an acceptable use policy; (ii) identifying and authenticating individual users, including implementing authentication measures that require users to present a combination of two or more credentials for access verification; (iii) establishing procedures for the timely distribution, replacement, and revocation of passwords or methods of authentication; (iv) restricting access to specific adviser information systems or components thereof and adviser information residing therein solely to individuals requiring access to such systems and information as is necessary for them to perform their responsibilities and functions on behalf of the adviser; and (v) securing remote access technologies used to interface with adviser information systems;
  • Information Protection – monitoring of information systems and protecting information from unauthorized access or use, based on a periodic assessment of their information systems and the information that resides on the systems, taking into account: (i) the sensitivity level and importance of adviser information to its business operations; (ii) whether any adviser information is personal information; (iii) where and how adviser information is accessed, stored and transmitted, including the monitoring of adviser information in transmission; (iv) adviser information systems access controls and malware protection; and (v) the potential effect of a cybersecurity incident involving adviser information on the adviser and its clients, including the ability for the adviser to continue to provide investment advice; oversight of service providers that receive, maintain or process adviser information, or are otherwise permitted to access adviser information systems and any adviser information residing;
  • Cybersecurity Incident Response and Recovery – measures to detect, respond to and recover from a cybersecurity incident, including policies and procedures that are reasonably designed to ensure: (i) continued operations of the adviser; (ii) the protection of adviser information systems or adviser information residing therein; (iii) external and internal cybersecurity incident information sharing and communications; and (iv) reporting of significant cybersecurity incidents to the SEC; and
  • Threat and Vulnerability Management – the ability to detect, mitigate, and remediate cybersecurity threats and vulnerabilities with respect to adviser information and systems.
• Proposed Form ADV-C – Advisers would be required to report “significant adviser cybersecurity incidents”[27] to the SEC on proposed Form ADV-C on a confidential basis, including on behalf of a private fund client. An adviser would be required to submit Form ADV-C promptly, but in no event more than 48 hours, after having a reasonable basis to conclude that a significant adviser cybersecurity incident or a significant fund cybersecurity incident had occurred or is occurring. Form ADV-C would include both general and specific questions related to the significant cybersecurity incident, such as the nature and scope of the incident as well as whether any disclosure has been made to any clients and/or investors. Advisers would be required to amend any previously filed Form ADV-C promptly, but in no event more than 48 hours, after information reported on the form becomes materially inaccurate; if new material information about a previously reported incident is discovered; and after resolving a previously reported incident or closing an internal investigation pertaining to a previously disclosed incident.
• Form ADV Part 2A – Enhanced adviser disclosures would be required on Form ADV Part 2A related to cybersecurity risks and incidents that could materially affect[28] the advisory services they offer and how they assess, prioritize and address cybersecurity risks created by the nature and scope of their business relationship. Advisers would be required to describe any cybersecurity incidents that occurred within the last two fiscal years that have significantly disrupted or degraded the adviser’s ability to maintain critical operations, or that have led to the unauthorized access or use of adviser information, resulting in substantial harm to the adviser or its clients. An adviser would be required to deliver interim brochure amendments to existing clients promptly if the adviser adds disclosure of a cybersecurity incident to its brochure or materially revises information already disclosed in its brochure about such an incident. The timing of the brochure amendment delivery should take into account the exigent nature of cybersecurity incidents which would generally militate toward swift delivery to clients.

Books and Records; Annual Compliance Review

The SEC proposed amending Rule 204-2 under the Advisers Act (the “books and records rule”) to require private fund advisers to retain records related to each of the above proposals. The SEC also proposed amending Rule 206(4)-7 under the Advisers Act (the “compliance rule”) to require all registered investment advisers to document the annual review of the adequacy of their compliance policies and procedures in writing.

Next Steps

The public comment period will remain open for 60 days following publication of the Proposed Rules on the SEC’s website or 30 days following publication of the Proposed Rules in the Federal Register, whichever is longer. If adopted, the SEC is proposing a one-year transition period for advisers to come into compliance with the Proposed Rules (other than the cybersecurity rules, which appear to become effective upon adoption).

*       *       *

[1]        See SEC Fact Sheet: Private Fund Advisers; Documentation of Registered Investment Adviser Compliance Reviews and Proposed Rule; see SEC Fact Sheet: Cybersecurity Risk Management for Investment Advisers, Registered Investment Companies, and Business Development Companies and Proposed Rule.

[2]        Section 202(a)(29) of the Advisers Act defines the term “private fund” as an issuer that would be an investment company, as defined in Section 3 of the Investment Company Act of 1940, but for Section 3(c)(1) or 3(c)(7) of that Act.

[3]        “Adviser clawback” is defined as any obligation of the adviser, its related persons, or their respective owners or interest holders to restore or otherwise return performance-based compensation to the private fund pursuant to the private fund’s governing agreements, and “performance-based compensation” is defined as allocations, payments or distributions of capital based on the private fund’s (or its portfolio investments’) capital gains and/or capital appreciation.

[4]        “Portfolio investment” is defined as any entity or issuer in which the private fund has invested directly or indirectly. This definition is designed to capture any entity or issuer in which the private fund holds an investment including through holding companies, subsidiaries, acquisition vehicles, special purpose vehicles, and other vehicles through which investments are made or otherwise held by the private fund. The Proposing Release indicates that the SEC believes that the term “portfolio company” would be too narrow given that some private funds do not invest in traditional operating companies.

[5]        For these terms, the Proposed Rules use the same definitions as Form ADV: “related persons” are defined as (i) all officers, partners or directors (or any person performing similar functions) of the adviser; (ii) all persons directly or indirectly controlling or controlled by the adviser; (iii) all current employees (other than employees performing only clerical, administrative, support or similar functions) of the adviser; and (iv) any person under common control with the adviser; and “control” is defined as the power, directly or indirectly, to direct the management or policies of a person, whether through ownership of securities, by contract or otherwise.

[6]        “Substantially similar pool of assets” is defined as a pooled investment vehicle (other than an investment company registered under the Investment Company Act of 1940 or a company that elects to be regulated as such) with substantially similar investment policies, objectives, or strategies to those of the private fund managed by the adviser or its related persons. Whether a pool of assets managed by the adviser is “substantially similar” to the private fund requires a facts and circumstances analysis.

[7]        In circumstances where an investor is itself a pooled vehicle that is controlling, controlled by, or under common control with the adviser or its related persons (a “control relationship”), the adviser must look through that pool (and any pools in a control relationship with the adviser or its related persons, such as in a master-feeder fund structure), and send the quarterly statement to the investors in those pools.

[8]        “Adviser compensation” includes compensation, fees, or other amounts allocated or paid by the fund to the adviser or its related persons to provide services to the fund, such as consulting, legal or back-office services.

[9]        “Performance-based compensation” is defined as allocations, payments or distributions of capital based on the private fund’s (or its portfolio investments’) capital gains and/or capital appreciation. According to the SEC’s Proposing Release, this includes cash or non-cash compensation, including, for example, in-kind allocations, payments or distributions of performance-based compensation. The broad scope of the definition would capture carried interest, incentive fees, incentive allocations or profit allocations, among other forms of compensation.

[10]       “Portfolio investment compensation” is defined as any compensation, fees, and other amounts allocated or paid to the investment adviser or any of its related persons by the portfolio investment attributable to the private fund’s interest in such portfolio investment.

[11]       “Covered portfolio investment” is defined as a portfolio investment that allocated or paid the investment adviser or its related persons portfolio investment compensation during the reporting period.

[12]       “Illiquid fund” is defined as a private fund that: (i) has a limited life; (ii) does not continuously raise capital; (iii) is not required to redeem interests upon an investor’s request; (iv) has as a predominant operating strategy the return of the proceeds from disposition of investments to investors; (v) has limited opportunities, if any, for investors to withdraw before termination of the fund; and (vi) does not routinely acquire (directly or indirectly) as part of its investment strategy market-traded securities and derivative instruments.

[13]       “Fund-level subscription facilities” is defined as any subscription facilities, subscription line financing, capital call facilities, capital commitment facilities, bridge lines, or other indebtedness incurred by the private fund that is secured by the unfunded capital commitments of the private fund’s investors. The Proposing Release indicates that the SEC would generally interpret the phrase computed without the impact of fund-level subscription facilities to require advisers to exclude fees and expenses associated with the subscription facility, such as the interest expense, when calculating net performance figures and preparing the statement of contributions and distributions. This approach would cause the net returns for many funds to be higher than would be the case if such amounts were included. The SEC believes that this approach is appropriate, however, because it is consistent with the policy goal of this aspect of the Proposed Rules (i.e., requiring advisers to show private fund investors the returns the fund would have achieved if there were no subscription facility).

[14]       “Internal rate of return” is defined as the discount rate that causes the net present value of all cash flows throughout the life of the private fund to be equal to zero.

[15]       “Multiple of invested capital” is defined as (i) the sum of: (A) the unrealized value of the illiquid fund; and (B) the value of all distributions made by the illiquid fund; (ii) divided by the total capital contributed to the illiquid fund by its investors.

[16]       A “statement of contributions and distributions” is defined as a document that presents: (i) all capital inflows the private fund has received from investors and all capital outflows the private fund has distributed to investors since the private fund’s inception, with the value and date of each inflow and outflow; and (ii) the net asset value of the private fund as of the end of the reporting period covered by the quarterly statement.

[17]       “Liquid fund” is defined as any private fund that is not an illiquid fund.

[18]       “Adviser-led secondaries” is defined as transactions initiated by the investment adviser or any of its related persons that offer the private fund’s investors the choice to: (i) sell all or a portion of their interests in the private fund; or (ii) convert or exchange all or a portion of their interests in the private fund for interests in another vehicle advised by the adviser or any of its related persons. The Proposing Release indicates that the SEC generally would consider a transaction to be initiated by the adviser if the adviser commences a process, or causes one or more other persons to commence a process, that is designed to offer private fund investors the option to obtain liquidity for their private fund interests.

[19]       “Independent opinion provider” is defined as one that (i) provides fairness opinions in the ordinary course of its business and (ii) is not a related person of the adviser.

[20]       Whether a business relationship would be “material” under the Proposed Rules would require a facts and circumstances analysis; however, for purposes of the Proposed Rules, the SEC believes that audit, consulting, capital raising, investment banking and other similar services would typically meet this standard.

[21]       Where an adviser does not control the private fund and is neither controlled by nor under common control with the fund, such adviser would be required to take all reasonable steps, depending on the facts and circumstances, to cause its private fund client to undergo an audit that would satisfy the Proposed Rule.

[22]       The audit must meet the definition of audit in Rule 1-02(d) of Regulation S-X, the professional engagement period of which shall begin and end as indicated in Regulation S-X Rule 2-01(f)(5).

[23]       The audit must be performed by an independent public accountant that meets the standards of independence in Rule 2-01(b) and (c) of Regulation S-X that is registered with, and subject to regular inspection as of the commencement of the professional engagement period, and as of each calendar year-end, by, the Public Company Accounting Oversight Board in accordance with its rules.

[24]       In the case of “foreign private funds” (defined as private funds organized under non-U.S. law or that have a general partner or other manager with a principal place of business outside the United States), audited financial statements must contain information substantially similar to statements prepared in accordance with U.S. GAAP and material differences with U.S. GAAP must be reconciled.

[25]       In circumstances where an investor is itself a pooled vehicle that is in a control relationship with the adviser or its related persons, it would be necessary to look through that pool (and any pools in a control relationship with the adviser or its related persons, such as in a master-feeder fund structure), in order to send to investors in those pools.

[26]       The SEC also proposed Rule 38a-2 under the Investment Company Act of 1940, which would require investment companies that are registered or required to be registered with the SEC to implement cybersecurity policies and procedures addressing a number of elements. This proposed rule is not discussed in this memorandum.

[27]       “Significant adviser cybersecurity incident” is defined as a cybersecurity incident, or a group of related incidents, that significantly disrupts or degrades the adviser’s ability, or the ability of a private fund client of the adviser, to maintain critical operations, or leads to the unauthorized access or use of adviser information, where the unauthorized access or use of such information results in: (i) substantial harm to the adviser, or
(ii) substantial harm to a client, or an investor in a private fund, whose information was accessed.

[28]       A cybersecurity risk, regardless of whether it has led to a significant cybersecurity incident, would be material to an adviser’s advisory relationship with its clients if there is a substantial likelihood that a reasonable client would consider the information important based on the total mix of facts and information. The facts and circumstances relevant to determining materiality in this context may include, among other things, the likelihood and extent to which the cybersecurity risk or resulting incident: (i) could disrupt (or has disrupted) the adviser’s ability to provide services, including the duration of such a disruption; (ii) could result (or has resulted) in the loss of adviser or client data, including the nature and importance of the data and the circumstances and duration in which it was compromised; and/or (iii) could harm (or has harmed) clients (e.g., inability to access investments, illiquidity, or exposure of confidential or sensitive personal or business information).