The Securities and Exchange Commission (the “SEC”) continued its rapid rulemaking pace in the first quarter of 2023 with three developments discussed below: proposing watershed amendments to the Custody Rule under the Investment Advisers Act of 1940, as amended (the “Advisers Act”); adopting amendments to Form PF proposed in January 2022; and reopening comments on its proposed cybersecurity rule. Looking ahead, we anticipate that sometime in the early summer, the SEC will adopt the so-called “Private Funds Rules” proposed in February 2022—the most consequential rulemaking applicable to private fund advisers since Dodd-Frank—and later this year adopt new cybersecurity rules, rules relating to ESG disclosure and service provider outsourcing rules applicable to private fund advisers.

In Watershed Move, the SEC Proposes to Replace the Custody Rule with New “Safeguarding Rule”

In February 2023, the SEC proposed new rule 223-1 (the “Safeguarding Rule”) under the Advisers Act, which would replace the long-standing rule 206(4)-2 (the “Custody Rule”) and would impose substantial compliance burdens on registered investment advisers. As proposed, the Safeguarding Rule would broaden the application of the current Custody Rule to cover a wider range of assets and would also regulate more acutely the relationship between an adviser and a custodian.

The Safeguarding Rule also introduces a number of significant amendments that, according to the SEC, account for changes in technology, advisory services and custodial practices that have occurred since the Custody Rule was last amended in 2009 and that the SEC predicts will enhance investor protections. Among other things, the Safeguarding Rule would:

• Expand custody beyond “funds and securities” to all client “assets.” Covered assets would include real estate and other physical assets, (presumably) loan agreements and digital assets, such as cryptocurrency (in line with the SEC’s broader efforts to regulate this asset class).
• Discretionary authority would result in “custody.” The amendments would specifically include “discretionary authority” within the definition of custody, a change that could have implications for SMA relationships and CLO collateral managers. This development is contrary to existing interpretations of the Custody Rule, which do not consider discretionary trading of delivery-versus-payment (“DVP”) assets to result in custody. Under the Safeguarding Rule, DVP trading could qualify for limited relief from the rule’s requirements, but only if an adviser’s discretionary authority is limited to trading DVP assets, in which case the adviser can avoid a surprise examination (but would otherwise be subject to the Safeguarding Rule’s requirements).
• Expand the scope of privately offered securities but narrow the exception. The amendments would expand the exception to include privately offered securities and physical assets. However, the exception that would allow an adviser to avoid holding such assets with a qualified custodian and undergoing a surprise examination of those assets would depend on the adviser’s ability to demonstrate that such assets cannot be recorded and maintained by a custodian in the manner that would be required by the new rule. In that case, the adviser would need to, among other things, safeguard the assets and enter into an agreement with an independent public accountant to verify the purchase or sale of any such asset within one business day of such transaction. The SEC explicitly stated that (i) crypto securities transferred via a public, permissionless blockchain evidenced through public keys or wallet addresses would not qualify for the exception, and (ii) crypto assets that are not securities would not qualify because they are neither privately offered securities nor physical assets.
• Require written agreements for new qualified custodians. All registered investment advisers would be required to enter into agreements with qualified custodians and would need to obtain, in writing, reasonable assurances from those custodians that the custodian will, principally:
  • exercise due care in discharging its duty as a custodian and will implement appropriate measures to safeguard client assets from theft, misuse, misappropriation or other similar types of loss;
  • indemnify the client against the risk of loss in the event of the custodian’s own negligence, recklessness or willful misconduct (and will have the necessary insurance arrangements in place to protect the client);
  • clearly identify the client’s assets as such, hold them in a custodial account and segregate them from the qualified custodian’s proprietary assets and liabilities; and
  • not subject client assets to any right, charge, security interest, lien or claim in favor of the qualified custodian or its related persons or creditors, except to the extent agreed to or authorized in writing by the client.
• Require segregated accounts for banks and savings associations. The above segregation of client assets would require custodians to hold client assets in a special account designated to protect such assets from creditors of the bank or savings association in the event of insolvency or failure of the bank or savings association. Although there was initially fiery pushback from the banking industry regarding this aspect of the rule proposal, the SEC is unlikely to entertain those objections in light of recent high-profile bank failures.

Additionally, the Safeguarding Rule would (i) amend Form ADV to align investment advisers’ reporting obligations with the new requirements under the proposed Safeguarding Rule and (ii) amend the recordkeeping rule to require advisers to keep additional, more detailed records of trade and transaction activity and position information for each client account of which it has custody.

Adoption of the Safeguarding Rule as proposed would mean substantial new compliance costs for both registered investment advisers and qualified custodians. In addition, model custodian agreements would need substantial revisions in order to reflect the increased regulatory burdens on custodians and to introduce registered advisers as parties to the agreement. This aspect of the Safeguarding Rule continues the SEC’s trend of requiring registered investment advisers to rewrite existing agreements with third-party service providers. Finally, it is unclear whether existing Custody Rule guidance could be applied to the new Safeguarding Rule.

The SEC is seeking comment from the public on the proposal, including responses to nearly 300 specific questions included in the Release. The proposed compliance transition period following adoption of the rule would be one year for large advisers with more than $1 billion in regulatory assets under management and 18 months for advisers with under $1 billion in regulatory assets under management.

SEC Adopts Amendments to Form PF

On May 3, 2023, in the first of what may be a number of new rules that will reshape the regulatory framework applicable to private fund advisers, the SEC adopted amendments to Form PF applicable to private equity fund advisers (and other private fund advisers). On a positive note, the final version of the rule relaxed many of the more onerous proposed requirements.

Notable aspects of the new rule applicable to private equity fund managers include an obligation for all private equity fund advisers to report specific events on a quarterly basis, including adviser-led secondary transactions, removal of a fund’s general partner and investor elections to terminate a fund or an investment period. As originally proposed, these events would have been required to be reported with one day of occurrence.

The final rule also requires large private equity fund advisers to report specific information on an annual basis, including GP and LP clawbacks, certain fund-level borrowings, events of default, fund strategy by percentage of deployed capital and bridge financing to controlled portfolio companies. Notably, the final rule did not amend the definition of “large private equity fund adviser” to include advisers with more than $1.5 billion AUM, as proposed. Instead, the SEC chose to maintain the current threshold of $2.0 billion AUM.

The compliance dates for the new reporting requirements differ. Current event reporting will be required six months after publication of the final rules in the Federal Register, while the new annual reporting obligations begin one year after publication of the final rules in the Federal Register.

SEC Reopens Cybersecurity Rule Proposal Comment Period

Additionally, on March 15, 2023, the SEC reopened the comment period for the proposed cybersecurity risk management and cybersecurity-disclosure rules for registered investment advisers. If adopted as proposed, the rules would include a requirement to confidentially report certain cybersecurity events to the SEC.

The initial comment period ended on April 11, 2022. The new comment period expires on May 22, 2023. For more information on this proposal, please see our Four Takeaways from the rule proposal here.

Looking Ahead

We anticipate sustained regulatory activity for the second half of 2023, with the SEC slated to propose additional rules affecting the private fund industry, including amendments to Regulation D and Form D (presumably to require issuers and sponsors to provide additional information about their offerings) and changes to the determination of “holders of record” for purposes of counting investors in private issuers. We also expect increased examination of private fund marketing as a result of the new Marketing Rule and continued private fund examination and enforcement efforts.

Private Equity Report Spring 2023, Vol 23, No 1