Home » Posts » Hedge Fund Compliance Chapter 6: When You Need Outside Help - Compliance Consultants

Hedge Fund Compliance Chapter 6: When You Need Outside Help - Compliance Consultants

So far in this series we talked about in-house compliance. The people inside a hedge fund who make sure rules are followed. But here’s the thing. Sometimes that’s not enough. Sometimes you need to call in outside help.

Chapter 6 of Scharfman’s book is all about compliance consultants and third-party service providers. Who they are, what they do, and when it makes sense to hire them.

Not Just “Compliance Consultants” Anymore

Scharfman starts by explaining how service providers used to fall into two neat categories. The first group was compliance-focused. These were your compliance consultants, people whose whole job was advising on compliance matters. The second group was everyone else. Fund administrators, banks, auditors. They did their own thing and compliance wasn’t really their problem.

But that line has blurred. Today, many service providers who used to have nothing to do with compliance now offer compliance-related services too. A fund administrator doesn’t just handle portfolio valuation anymore. They might also help with compliance reporting. An auditor doesn’t just prepare financial statements. They ensure those statements meet regulatory accounting standards.

So Scharfman says the smarter approach is to stop thinking about who provides compliance services and start thinking about what services are actually being performed. This matters for two reasons. First, if multiple providers overlap in their compliance work, a fund can save money by consolidating. Second, investors evaluating a fund’s compliance program need to look beyond just the “compliance consultant” label. Otherwise they miss the full picture.

Hedge funds used to rely mostly on their lawyers for compliance work. Law firms handled everything from initial registration with regulators to ongoing monitoring. But over time, compliance got more complicated. More rules, more reporting requirements, more regulatory bodies across different countries.

This created a gap in the market. Enter compliance consultants. Specialized firms (or individuals) who focus specifically on compliance work. Here’s why hedge funds started hiring them more:

Compliance got more complex. Rules keep changing. New regulations pop up in different countries. You need people who track this stuff full time.

Internal teams got overwhelmed. The amount of compliance work has gone up. More reporting. More monitoring. More documentation. In-house teams need backup.

Former regulators bring inside knowledge. Many compliance consultants used to work at places like the SEC. They know how regulators think, what they look for, and how the process works from the other side.

Smaller funds can’t afford full teams. A brand new hedge fund with a small team can’t always hire a dedicated compliance department. Bringing in a consultant is cheaper.

What Compliance Consultants Actually Do

The list is pretty long. They help with registering a fund with regulators. They draft compliance policies and procedures. They handle regulatory reporting. They test and monitor whether existing compliance procedures are actually working. They help with internal audits and investigations. They run mock regulatory audits (more on that below). They do compliance training and education. And they facilitate regular compliance reviews, like the annual reviews the SEC requires.

Some bill on a contract basis. Others charge by the hour. Depends on the work.

The Outsourced CCO Debate

Here’s where things get interesting. Some compliance consultants don’t just advise on compliance. They actually serve as the fund’s Chief Compliance Officer. An outsourced CCO.

Instead of having someone on staff who fills the role, a hedge fund hires an outside person from a consulting firm to be the official CCO. This is a real debate in the industry. Both sides have valid points.

Arguments against outsourcing the CCO:

  • Lack of ownership. When a third party leads the compliance function, nobody inside the firm fully owns it.
  • They’re not there every day. An in-house CCO sits near the trading desk. They see what happens in real time. An outsourced CCO shows up periodically. Important details get missed.
  • Information barriers. Sometimes the fund deliberately limits what the outsourced CCO sees. Maybe they think the CCO is just there for minimum regulatory box-checking. Or worse, the CCO doesn’t push too hard for information because they’re afraid of losing the client. That’s a conflict of interest right there.
  • Less frequent monitoring. An outsourced CCO might only do what’s technically required (like the annual review) and nothing more.

Arguments for outsourcing the CCO:

  • More specialized knowledge. An outsourced CCO backed by a consulting firm has access to a wider range of expertise. New regulations in a foreign market? Someone at the firm probably knows about it.
  • They see patterns across many funds. Because outsourced CCOs work with multiple clients, they learn best practices from across the industry.
  • It’s cheaper. For smaller funds especially, an outsourced CCO costs a fraction of what a full-time hire would.

What the SEC Found

The SEC actually studied this in 2015. They looked at funds using outsourced CCOs and identified best practices and common problems.

The best outsourced CCOs did three things well. They communicated frequently and personally with fund employees, not just through emails and checklists. They didn’t spread themselves too thin across too many funds. And they had the authority to independently pull records instead of waiting for the fund to hand them over.

The problems were more concerning. Some funds using outsourced CCOs had missing compliance policies for critical areas. Others had policies that didn’t match their actual practices. And one of the biggest issues was the overuse of templates. Consultants would use generic, prewritten compliance manuals and not bother customizing them. This led to real problems: policies that didn’t apply to the fund’s actual business, references to employees who had already left, and missing controls in important areas like cybersecurity and client information protection.

The takeaway is clear. If you outsource the CCO, that person still needs to be actively involved and engaged. Just checking boxes is not enough.

Email Monitoring

One common task for outsourced CCOs (or in-house compliance staff) is monitoring electronic communications. Emails, instant messages, Bloomberg chats. The compliance team reviews these to catch potential violations.

There are two main approaches. The keyword method searches for specific flagged words like “guarantee” or “gift.” The problem? False positives. Around the holidays, people write about actual gifts. Every mention gets flagged.

The other approach is random sampling. Review, say, 5% of all firm emails each month. Or rotate between departments, checking 10% of one team’s emails one quarter and another team the next. There are no strict rules about what percentage is “right.” It depends on the firm’s resources and risk profile.

Mock Regulatory Audits

This is one of the most valuable services compliance consultants provide. A mock audit simulates what would happen if a regulator like the SEC showed up at your door.

Think of it like a fire drill. You practice before the real thing happens.

A full mock audit usually has three stages. First, document collection. The consultant sends the fund a document request list similar to what regulators would send. Second, an on-site visit to review systems, additional documents, and interview key people. Third, reviewing findings and fixing any problems.

That document collection phase alone is massive. The SEC’s typical request list covers everything: organization charts, employee lists, compliance manuals, cybersecurity plans, trading records, marketing materials, investor lists, fee calculations, audit reports, and much more. Scharfman includes a detailed list in the chapter that runs across ten categories.

The benefit is obvious. You find problems before the regulator does. You fix them on your own terms instead of under regulatory pressure. And the process itself often helps a fund organize its compliance documentation better.

Some funds object to mock audits because of the cost and time involved. Larger funds with strong in-house teams sometimes do their own internal version. There’s also debate about how often you need them. Some say only when something big changes at the fund. Others say on a regular schedule, like every three years, regardless.

Chapter Summary

Scharfman’s message in this chapter is practical. Compliance is too complex for most hedge funds to handle entirely on their own. Service providers, especially specialized compliance consultants, fill important gaps. Whether it’s drafting policies, running mock audits, monitoring communications, or serving as an outsourced CCO, outside help has become a normal part of the compliance picture.

But outside help comes with its own risks. Template-based compliance manuals that don’t fit. Information barriers between the fund and its consultant. Reduced oversight frequency. The key is active engagement. Whether compliance is in-house or outsourced, it only works when the people involved actually care about doing it right.

Next chapter gets into the specific documents that hedge funds need to have in order. Should be useful if you want to see what regulators actually ask for when they come knocking.

Previous: Chapter 5 - Compliance Technology

Next: Chapter 7 - Key Compliance Documents

#hedge-fund-compliance #jason-scharfman #book-retelling #hedge-funds #compliance #finance #compliance-consultants

About

About BookGrill

BookGrill.org is your guide to business books that sharpen leadership, refine strategy and build better organizations.

Know More

Category

Tags View all tags

Book-Retelling Behavioral-Finance Larry-Harris Market-Microstructure Trading-and-Exchanges Investing Investing-Psychology Paul-Wilmott Quantitative-Finance Finance Hedge-Funds Michael-Pompian Investing-Biases Financial-Markets Trading Wealth-Management Cyril-Demaria Private-Equity Tim-Richards Investor-Psychology Market-Efficiency Psychology Edwin-Burton Sunit-Shah Frank-J-Travers Hedge-Fund-Analysis Investor-Types Due-Diligence Compliance Personal-Finance Private-Banking Thorsten-Hens Economics Free-to-Choose Milton-Friedman Money-Management Hedge-Fund-Compliance Jason-Scharfman Hedge-Fund-Book Hft Richard-C-Wilson Flash-Boys High-Frequency-Trading Michael-Lewis Stock-Market Wall-Street Risk-Management Exotic-Options Asset-Allocation Book-Review Regulation Black-Scholes Capital-Raising Loss-Aversion Private-Debt Prospect-Theory Real-Assets Venture-Capital Cognitive-Bias Iex Interest-Rates Interviews Investor-Behavior Mental-Accounting Risk-Tolerance Volatility Anchoring-Bias Bid-Ask-Spread Bonds Brokers Case-Studies Case-Study Confirmation-Bias Debiasing Derivatives Education Entrepreneurship Financial-Advisory Fixed-Income Goldman-Sachs Hedge-Fund-History History Inflation Ltcm Market-Anomalies Market-Structure Options-Pricing Overconfidence Portfolio-Construction Structured-Products Transaction-Costs Yield-Curve Adam-Smith Algorithmic-Trading American-Options Arbitrage Attribution-Analysis Availability-Bias Best-Practices Binomial-Model