Hedge Fund Compliance Chapter 11 Part 1: Inside a Compliance Consulting Firm
Chapter 11 is different from everything before it. Instead of explaining rules and frameworks, Scharfman sits down with real people who do compliance work every day. He interviews two compliance service providers and lets them talk about what they actually see in the field.
This chapter is long. So I’m splitting it into two parts. Part 1 covers the interview with Kent Wegrzyn from ACA Compliance Group. Part 2 will cover cybersecurity and compliance technology interviews.
Let’s get into it.
Who Is Kent Wegrzyn?
Kent Wegrzyn is a Managing Director at ACA Compliance Group. He leads their hedge fund practice from the Chicago office. Before joining ACA in 2007, he worked at the SEC as a compliance examiner. He led or participated in over 50 examinations of investment advisers and hedge funds. Some of those exams led to enforcement referrals.
So this is a person who has been on both sides. He examined hedge funds as a regulator, and now he helps hedge funds prepare for those same exams. That combination gives him a very practical perspective.
What Does a Compliance Consultant Actually Do?
Here’s how it works. When a hedge fund is getting ready to launch, the compliance consultant helps with the whole setup. They figure out which regulators the fund needs to register with. That depends on location, AUM, strategies, and marketing activities. Could be the SEC, the FCA, FINRA, the NFA, or several of these at once.
Then comes paperwork. Registration documents like Form ADV. The compliance manual. Employee training on rules and responsibilities.
After launch, the consultant stays on for ongoing support. Daily compliance questions, marketing material reviews, regulatory filings, email surveillance, and annual compliance program reviews. These annual reviews are required by law for registered investment advisers.
Testing: More Than Just Checking Boxes
One thing Wegrzyn is very clear about. Testing your compliance program is not optional. You need to know if your policies actually work in practice.
A good testing program has a matrix. For each compliance risk, it lists the control policy, the testing procedure, how often tests happen, who is responsible, and what happens when something fails. Some areas need testing more often. Personal trading surveillance, for example, should be checked at least every quarter.
And here’s the thing. Wegrzyn warns against a “check the box” attitude. It’s not enough to test once and say you’re done. The testing program itself should be updated regularly as the business changes and new rules come out.
Why Every Fund Should Use a Consultant
Do all hedge funds need a compliance consultant? Wegrzyn says yes.
Small and mid-size funds often can’t do serious compliance work internally. Their CCO is usually also the CFO or COO. Stretched thin. A consultant does the heavy lifting. Even large funds benefit from outside help for focused projects like mock SEC audits.
Here’s another factor. Consultants track regulatory changes as part of their job. They know what the SEC focuses on, what best practices look like, and what issues come up in exams. A busy internal CCO might miss those developments.
Working Across Borders
Hedge funds that operate in multiple countries face extra complexity. Different regulators, different rules, different filings. Wegrzyn says the market has shifted. Funds used to hire separate local consultants for each country. Now most prefer a single consultant that can handle multiple jurisdictions. Simpler, fewer things falling through the cracks.
If a fund does use multiple consultants, the key is clear scope definitions and transparent communication. Someone internal should manage the relationships to keep everything coordinated.
Governance and the Outsourced CCO Question
In smaller hedge funds, the CCO is often a partner or senior manager with natural influence over governance. In larger firms, the CCO reports to senior management but doesn’t sit at the governance table directly. Wegrzyn notes a positive trend: offshore fund directors are asking more questions about compliance, and senior management is starting to take it more seriously.
On outsourced CCOs, Wegrzyn is cautious. For a very small, simple fund it might work. But generally, there’s no real substitute for an internal person who knows the firm’s operations inside and out. The SEC seems to agree. They’ve released risk alerts highlighting concerns with the outsourced CCO practice.
Regulatory Reporting Pitfalls
Regulatory reporting is where funds get tripped up. Wegrzyn breaks it into three parts: knowing which reports to file, tracking deadlines, and getting the data right.
Some filings are routine. Form ADV is due within 90 days of fiscal year end. But other triggers are event-based. Short sell certain EU securities past a threshold, and you need to file under European Short Selling Regulation. The deadline depends on when you crossed the threshold, not a calendar date.
The most common mistake? Not realizing that a new activity triggers a new reporting requirement.
Mock Audits: Practice for the Real Thing
Wegrzyn is a big advocate for mock SEC examinations. ACA was founded by former SEC examiners, so they know how real exams work.
A mock audit tests everything. Document production, staff interviews, regulatory expectations, conflicts of interest management, and compliance gaps. He recommends doing one every one to three years. Regulatory expectations keep changing, the SEC is getting better at targeting exam candidates using data analytics, and investors increasingly expect regular independent compliance reviews.
Technology and Social Media Challenges
Hedge funds now use software for personal trading monitoring, email reviews, trade surveillance, and regulatory filings. The SEC has its own tool called NEAT (National Exam Analytics Tool) that analyzes massive trading data to find insider trading, front running, and misconduct.
Funds still using paper-based processes are at a disadvantage. Paper brokerage statements submitted quarterly mean a policy violation in January won’t be flagged until March.
Social media adds another layer. Even if employees can’t use it for marketing, casual messages to business contacts may still need to be recorded and monitored.
Top Priorities Going Forward
Wegrzyn closes with what he thinks hedge funds should focus on most:
Fund expenses. The SEC has been scrutinizing how funds allocate expenses. Policies need to be clear and actually followed.
Trade surveillance. With the SEC using data tools like NEAT, funds need their own surveillance systems to catch problems before regulators do.
Valuation. Recent enforcement cases have targeted valuation practices. Funds need solid procedures for pricing investments, especially illiquid ones.
Cybersecurity. Both the SEC and FCA stress that firms need strong IT controls and incident response plans.
Political contributions. The Pay-to-Play Rule carries harsh consequences. A single improper donation to a government official can ban a fund from collecting fees from that government entity for two years.
My Take
This interview format works well. Instead of abstract theory, you get a practitioner who has sat on both sides of the table explaining how things really work.
The biggest takeaway? Compliance is not something you set up once and forget. It requires ongoing testing, regular updates, and someone paying attention to how the regulatory landscape shifts. A good consultant is not a luxury. It’s a necessity.
Part 2 continues with more interviews covering cybersecurity and compliance technology.
Previous: Chapter 10 - Common Compliance Mistakes