AML; The danger of overreliance on consultants; You may be closer to California than you think

A venture capitalist calls out for more GP DD; You need to get your lawyer to hire your compliance consultant; California’s privacy law extends well beyond the state.

AML/KYC: We wrote recently about Neuberger Berman COO Brien Smith’s opinion that not only will European-style anti-money laundering and know-your-client regulations come to the US in the not-too-distant future, but that they also should make their way to the states. “We’re getting close to getting full European compliance,” Smith said. “It’s a lot of regulation but really I think it’s best practices,” he said. (We’ll have more on what he said at the CFOs & COOs Forum in our March edition).

The conversation about AML and KYC in private funds is getting louder. Yesterday, DealBook pointed to some tweets from venture capitalist Chamath Palihapitiya, former Facebook executive and founder of Social Capital, in which he essentially called for more rigorous due diligence on the AML/KYC front. And in a way it links back to my email yesterday, in which I argued that an increased transparency in private funds, whether retail investors end up getting access or not, is pretty much inevitable. Similarly, I agree with Smith, it’s pretty unlikely the US market will be able to avoid these kinds of regulations and transparency requirements for long. I’ll be writing soon about the Cayman Islands, which was meant to have passed AML regulations or face potential blacklisting from Europe (anyone care to comment/update me on the status of the regulation?). So, there’s certainly some regulation creep already happening.

Compliance consultants: Sister title Regulatory Compliance Watch brings us this article on why you need your attorney to be the one to hire a compliance consultant. Basically, if the consultant gets it wrong, or doesn’t do enough, you could be on the hook with the Securities and Exchange Commission. It’s happened before.

California is everywhere: Again from RCW, a little showcase of what IA’s are doing with regard to the infamous California privacy law. Yet another example of a law that follows the lead set by Europe’s GDPR, and one that many compliance professionals expect to spread to other states. When states enact their own regulations, they are usually, well, different than similar regulations in other states. So even though the California rule is already complex and “not terribly clear”, as one CCO says in the article – while also affecting many who may think they have nothing to do with the state – you can expect these waters to get further muddied (Colorado may be next).

Email prepared by Graham Bippart