Private Equity Compliance Archiving & Monitoring
In summer 2010, the Dodd-Frank Act completely transformed the regulatory environment for Private Equity Funds. The Dodd-Frank Act requires Private Equity Funds to register with the SEC under the Investment Advisors Act. In accordance with the 'written communications' rules under the Act, Private Equity Funds must retain all internal and external electronic business communications.
Global Relay Archive and Compliance Reviewer are specifically engineered to provide a total compliance and mail management solution for Private Equity Funds in connection with electronic business communications.
Recordkeeping (SEC Rule 204-2)
Global Relay Archive, Global Relay's message archiving and compliance system, captures and archives an authentic and complete record of all electronic business communications in a secure but easily accessible offsite storage system. Compliance features include:
- Message Capture of email, attachments, Instant Messaging (AOL, MSN, Yahoo, Google Talk etc.), Bloomberg®, Thomson Reuters, BlackBerry, Social Media and more
- Archives messages for 5 year SEC term (or as defined by deletion policies)
- Access includes web-based instant access for all employees to their messages
- Tamperproof protection of data on dedicated WORM (Write Once, Read Many) drives
- Offsite, mirrored, single instance storage in East/West Coast Data Centers
- Indexes & serializes messages, Bcc & Distribution Lists, metadata & audit trails
- Search & retrieval of any message in seconds
- Security & encryption of systems, networks & messages
- Migration of legacy data (.pst files, backup tapes) & to archive with new messages
- SEC Third Party Downloader engagement for independent SEC and FINRA mandated access
- SEC Filings & annual audit reviews by Global Relay's in-house compliance lawyers
- Retention Term flexibility for Litigation Holds & SEC investigations
How does Global Relay Archive work? All email, attachments, Instant Messaging (AOL, MSN, Yahoo, GoogleTalk, etc.), Bloomberg, Thomson Reuters, BlackBerry, Social Media, etc. are securely captured and centrally unified together with imported legacy email and .pst files, in Global Relay Archive for rapid online search, retrieval & monitoring. With secure web-based access and real-time indexing powered by search engine technology, every employee and Compliance Officer has the ability to find any current or historical message in seconds.
Supervision (SEC Rule 206(4)-7)
The Compliance Reviewer, Global Relay's monitoring system, provides Private Equity Funds with a turn-key, flexible, online supervisory system with advanced monitoring, filtering and eDiscovery features enabling enforcement of your firm's email & IM policies for compliance, proper usage and corporate governance. Compliance features include:
- Scan & Monitor email, attachments, Instant Messaging (AOL, MSN, Yahoo, Google Talk etc.), Bloomberg®, Thomson Reuters, BlackBerry, Social Media and more from Global Relay Archive
- Content Filtering with company-defined rules to identify prohibited content
- Advanced Analysis with Boolean logic, criteria lists, proximities & action alerts
- Random Sampling of each rep's messages customized by percentage & user
- Keyword Search results are highlighted within the message for quick discovery
- Full Review of messages & attachments, or bulk review of headers only
- Reviewer approval, rejection, escalation based on action icons & defined notes
- Multi-tiered Review structure for review escalation to Super Reviewers
- Wizard Commands for pre-defined, single-click compliance using folders, flags, priorities & labels
- Exclude Words, phrases or email accounts (e.g. disclaimers, attorney-client privileged mail, newsletters) from Flagging Rules
- Access Rights of authorized Reviewers governed by customized security rules
- Notifications of compliance violations by email
- Audit Trail with detailed time history of reviews and related actions taken
- Web-based Control Center to modify surveillance & monitoring procedures
- Compliance Dashboard and reporting tools
How does the Compliance Reviewer work? Using powerful search engines, the Compliance Reviewer is able to retrieve your firm's messages from Global Relay Archive and apply easy-to-use, company-defined filters and Wizard Commands for efficient review and monitoring of all archived email, IM, and Bloomberg messages. Messages of any user are analyzed on import and flagged for review if violations are detected as follows:
- Real time filtering for keyword or phrase violations (start-up list provided)
- Specific query using flexible search criteria
- Advanced rule-based keyword & phrase proximity analysis
- Random sampling (by User, User Group, or firm-wide, using percentages).
Global Relay Archive & Compliance Reviewer Audit Tools are designed to facilitate efficient responses to regulatory Audits and evidentiary requests. Global Relay has successfully assisted hundreds of SEC-regulated firms during their Audits and regulatory investigations. Currently, Global Relay participates in approximately 4 to 6 customer Audits, examinations or subpoenas per day.
- Search and retrieve any message in seconds using Google-like search engine
- Audit Request response within minutes using online search and eDiscovery tools
- Statistics & reporting on Compliance Officer reviews & related actions taken
- Retention Term flexibility for Litigation Holds & SEC investigations
- Legal Compliance in-house specialists to assist during Audits
- Case Management via folder system with shared folders (e.g. external attorney review)
How do Global Relay's Audit Tools assist with an Audit? Global Relay provides flexible and efficient methods to produce records according to the specific criteria of the Audit request. Messages are made readily available for examination either by:
Online review of messages via an "Auditor account"" in Global Relay Archive
- Create online access based on Audit request, restricted access to the exact scope of the Audit (by date, user, subject etc.)
- Assign Auditors temporary online review privileges
- Block Attorney-Client privileged, personal or restricted messages
Compilation of data for delivery to SEC
- Professional Team can be engaged to assist with complex discoveries
- Fast discovery, consolidation and organization of data for export & delivery
- PST file export capability
- Compile requested information on regulator-qualified media such as disc, FTPS or portable hard drive
Frequently Asked Questions
- What are the Email & IM Compliance Requirements for Private Equity Funds?
Despite the recent US Court of Appeals ruling against registration, Private Equity Funds remain subject to SEC regulations and enforcement under antifraud, civil liability, and other provisions of the federal securities laws. Additionally, the SEC is moving aggressively to re-introduce regulations ensuring that Private Equity Fund investors are given the same protections afforded to investors under the Investment Advisors Act (1940).
- What are the repercussions of non-compliance?
Increasingly, regulatory investigations focus on business records and on stricter enforcement of electronic records in particular. Fund Managers cannot afford to have a casual attitude toward electronic record management. Consequences of non-compliance include internal and/ or regulatory disciplinary actions, civil liability, damaged corporate reputation, loss of goodwill and customers.
- Who must comply?
As of July 2011, under the Dodd-Frank Act, many Private Equity Fund managers are required to register with the SEC under the Investment Advisers Act. Specifically, Private Equity Funds with more than $100m AUM must register, unless they are advising only private funds.
- Where can this Legislation be found?
Performing comprehensive due diligence on Software-as-a-Service vendors is a responsibility and a best practice for Registered Investment Advisors.
Global Relay can assist with the due diligence process. Global Relay's internal controls are verified by KPMG in a document entitled, "KPMG Report on Global Relay's Business, Operational & Security Controls". The report provides assurances and transparency into the high standards of Global Relay's internal controls, and how these truly differentiate Global Relay.
Specifically, the KPMG Report provides unique and extensive validation of Global Relay's security, business and operational controls related to:
- Physical Security - and safeguards governing data protection and data center controls.
- Change Management - Frameworks for guiding software development releases, operations and change control.
- Network Security & Availability - System architecture, redundancy, access and security.
- Global Relay Archive & Compliance Reviewer - Inbound message processing, secure storage, data center replication and end-user access.
- Data Import, Extraction & Destruction - Policies, procedures and methodologies for securely handling customer data.
- Security Policies & Standards – Policies & standards governing privacy and confidentiality.
- Personnel Policies & Procedures - Employee life-cycle management.
To learn more about this report and how Global Relay can assist your firm with due diligence, contact us today.