Regulatory compliance is an increasingly significant challenge for private equity firms. New rules can be expensive, time-consuming, and require extensive training.
US federal laws and the rules of self-regulatory organizations impose numerous yearly reporting and compliance obligations on investment advisers, including private equity firms. This blog post reviews some of these compliance-related requirements.
Conducting Due Diligence
Conducting due diligence in private equity law is crucial to any investment and can reveal potential compliance issues that are not easily spotted. However, with the high stakes and tight timeframes of many PE transactions, completing a due diligence process is often tricky. This can result in some of the most fundamental compliance and regulatory issues being overlooked, leading to unforeseen risks for the PE firm once the transaction closes.
For example, reviewing the entity’s compliance program and any pending or consequential governmental investigations is essential while conducting due diligence in a healthcare purchase. Failure to do so can lead to significant liability for the PE firm, especially if allegations of fraud and abuse are made post-acquisition.
Other critical elements of due diligence include verifying the company’s physical assets, human resources information, org chart structure, and legal areas such as contracts and procurement. Additionally, it is essential to conduct due diligence on the company’s financials, including assessing its working capital cycle and debt/equity ratio.
Due diligence can be highly complex and arduous, and planning for it well before the closing date is essential. One way is to utilize a relationship intelligence platform that identifies the right expert from your network in minutes, freeing managers’ time to focus on other critical business priorities.
Creating a Compliance Program
Creating and maintaining compliance programs is essential to business if a private equity firm is publicly traded or non-public. These programs are typically required for any company that wants to maintain its status as a certified public accountant; for example, they must follow specific reporting requirements set forth by the Securities and Exchange Commission (SEC).
Having a formal compliance program also shows credibility with organizational stakeholders, including investors, partners, employees, and vendors. A well-developed compliance program should include clear, written policies distributed to employees and a mechanism for reporting issues and concerns. It should also include a hotline system that allows individuals to report misconduct without fear of retaliation and a way for employees to learn about new laws and regulations affecting the organization.
For private equity firms, especially those focusing on health care, having a comprehensive compliance program is key to operating with integrity and making a legitimate profit. An effective compliance program can also mitigate the risks of governmental investigations and audits that are a common source of liability for these types of investments. This is why private equity needs to understand and appreciate a target healthcare entity’s compliance requirements before investing, implementing, overhauling, or updating the existing compliance program once acquired.
Establishing a Compliance Committee
A compliance committee handles many essential functions, including determining policy, assessing risk, overseeing training, and preparing required reports. It should comprise leaders from all areas that create or manage risk and the chief compliance officer.
The committee should meet at least quarterly and be formally established, with an agenda, meeting minutes, and a written compliance committee charter defining its responsibilities. The committee may also include subcommittees focusing on specific risk areas in larger organizations.
The committee should be a clearinghouse for compliance issues so that all managers can hear about them and offer their perspectives on responding. For example, if the company is about to launch a new service that requires parental consent for children, the legal team would note that this presents a risk. At the same time, marketing and business strategy might weigh whether it’s worth taking that additional step in light of the benefits.
The committee should also periodically review ways the organization detects and reports suspicious activity. This will help reduce the risk of money laundering, bank fraud, and other financial crimes. It’s a good idea to have an outside consultant conduct this review. The committee should also review internal officers who are charged with submitting suspicious activity reports to ensure that they’re doing so correctly. The committee should also be involved in the hiring process for these officers, as they must have the requisite skills.
Engaging with Regulatory Authorities
Private equity firms must remain vigilant about the risk of being slapped with sanctions or other penalties for violating regulations. This includes a strong commitment to keeping accurate records and a clear understanding of the requirements for each type of investment, transaction, or other activity.
The complexities of private equity law require the help of experienced legal counsel. A qualified attorney can help you stay abreast of regulatory standards and best practice changes, including creating compliance policies, due diligence and monitoring procedures, and regular reporting and disclosures to regulatory agencies.
For example, federal and state authorities are receiving intense attention from healthcare fraud and abuse laws. Private equity firms with a majority interest in healthcare practices should include this scrutiny in their due diligence checklist. Additionally, it is critical to negotiate robust indemnity provisions or obtain representation and warranty insurance that addresses healthcare regulatory violations.
Private equity firms must also consider the impact of European Union laws such as the General Data Protection Regulation (GDPR). EU competition law could impact private equity firms that process the personal data of European Union citizens, even if those firms aren’t located in Europe. Additionally, the new European rules for market participants could lead to additional scrutiny of private equity firms and their portfolio companies.