Amy Kadomatsu is CEO of a global compliance solutions provider and we caught up with her to discuss the rise of artificial intelligence, cybersecurity risks and other forces transforming the regulatory environment.
Her company, COMPLY, is a global provider of compliance software, consulting and education solutions for the financial services sector, combines technology with hands-on support to help its clients understand and navigate a highly complex and fast evolving regulatory landscape.
Headquartered in New York City, COMPLY has particular expertise in serving private equity firms, private credit firms, hedge funds and other alternative asset management firms focused on serving institutional clients, including strategic allocators at large pension plans and endowments.
The company, previously known as ComplySci, received a $120 million growth capital investment from private equity firm K1 Investment Management in 2021 and has since then grown organically and via acquisitions on an accelerated trajectory.
Looking ahead, Kadomatsu sees continued rising regulatory, legal and compliance complexities as a key opportunity and challenge for institutional alts firms to proactively manage.
Q: What do you see as the top three compliance risks that institutional firms specializing in alternative assets face these days? How can these firms best anticipate and minimize such risks?
Kadomatsu: First, cybersecurity continues to be a top concern. During a recent webinar, 60% of our polled audience stated proposed SEC cybersecurity regulations were the most concerning for their firm.
Next, every firm is closely examining the changes to Form PF under Rule 204(b)-1 to understand how operations need to be adjusted to enable timely reporting, an especially important initiative given the window for reporting on relevant events is as short as 72 hours for large hedge fund advisers.
And third, ChatGPT and generative AI burst onto the scene to dominate discussions. At a recent PE industry conference, this was the topic du jour, with relevant conversation woven into each session. Every firm is grappling with how to form their policies and procedures, while also encouraging innovation and managing the inherent risk regarding IP and technology, both for themselves and their portfolio companies.
This balancing act of support for finding alpha vs. protection of the firm, which compliance professionals must skillfully navigate, is what makes me admire and empathize with the position.
Q: Are there employee compliance sensitivities that are unique to private equity firms and hedge funds in particular, and if so, what are they?
Kadomatsu: Employees at private equity firms and hedge funds often have greater access to MNPI through due diligence, M&A activities or trading activities, necessitating the implementation of deliberate protections.
Policies and procedures and regular certifications are helpful, but they must be augmented with strong trade and communications surveillance systems.
For example, employee trade monitoring must cover appropriate asset classes and interface with all brokers. COMPLY’s Control Room and Conflict Check enables firms to actively monitor for instances of market abuse and other potential conflicts, ultimately protecting the firm and its reputation.
Additionally, many private equity firms must carefully monitor political contributions made by employees and their household members per regulations such as SEC Rule 206(4)-5, especially if the funds have politically controlled investors like public pension plans.
Given the launch of the 2024 presidential campaign season and recent headline indictments, private equity firms would be wise to focus on this sensitivity if they haven’t already done so. COMPLY’s Political Contribution product scours municipal, state and federal sources to enable such tracking and verification at scale.
Q: What are the regulatory and compliance offerings that are most important to private equity firms, hedge funds and other institutional alts managers?
Kadomatsu: As a partner to many of the largest and most successful institutional alts firms, COMPLY has witnessed tremendous growth in this space. As just one out of many data points, we saw the number of private funds grow by over 10% in 2022 alone.
In support of the continued growth, and the compliance challenges which often accompany this kind of growth, COMPLY offerings include:
- Employee trade monitoring/personal account dealings supported by the most robust (300+) system of global broker feed integrations.
- MNPI monitoring and risk mitigation.
- Managed services and consulting backed by industry experts with decades of experience as ex-regulators, CCOs, etc.
- Pay-to-play monitoring and verification to ensure covered employees and household members don’t violate regulations including SEC Rule 206(4)-5, as well as FINRA, state and local regulations.
- Manual data management and administration to relieve the burden of manual tasks and allow CCOs to focus on strategic priorities and ever-changing regulations.
Q: Any high-level thoughts on how the employee compliance functions at institutional alternative asset management firms should ideally be structured to enable scalable growth on a fully compliant basis?
Kadomatsu: There are typically three components/functions which enable a successful employee compliance program: First, there’s strategy and administration. Second, compliance operations. And third, compliance technology.
These three pillars work collaboratively to interpret, incorporate and implement changes and new regulations in an organization. For institutional alts firms, the synergy between these three pillars is paramount to successfully scaling the business while maintaining a functional compliance program. The good news is, technology has proven to help such firms scale effectively.
However, during a recent webinar, 53% of our audience stated they were unsure whether their current tech stack could support their program in meeting heightened SEC regulation and scrutiny. In line with that concern, we also found that 71% of firms will be reevaluating their compliance provider within the next 24 months.