As a registered investment adviser, Ativo Capital Management must comply with SEC Regulation S-P (or other applicable regulations), which requires registered advisers to adopt policies and procedures to protect the “nonpublic personal information” of natural person consumers and customers and to disclose to such persons policies and procedures for protecting that information.
Further, as an investment advisory firm, our firm must comply with new SEC Regulation S-AM, to the extent that the firm has affiliated entities with which it may share and use consumer information received from affiliates. Ativo Capital Management must also comply with the California Financial Information Privacy Act (SB1) if the firm does business with California consumers.
The purpose of these Reg S-P requirements and privacy policies and procedures is to provide administrative, technical and physical safeguards which assist employees in maintaining the confidentiality of nonpublic personal information (“NPI”) collected from the consumers and customers of an investment adviser. All NPI, whether relating to an adviser’s current or former clients, is subject to these privacy policies and procedures. Any doubts about the confidentiality of client information must be resolved in favor of confidentiality.
For Reg S-P purposes, NPI includes nonpublic “personally identifiable financial information” plus any list, description or grouping of customers that is derived from nonpublic personally identifiable financial information. Such information may include personal financial and account information, information relating to services performed for or transactions entered into on behalf of clients, advice provided by Ativo Capital Management to clients, and data or analyses derived from such NPI.
Red Flags Rule
In January 2001 the Federal Trade Commission’s (“FTC”) FACT Act / Red Flags Rule became effective covering “financial institutions” and “creditors.” The Rule defines “financial institution” as any state or federal bank or any person that directly or indirectly holds a “transaction account” belonging to a consumer. A “creditor” includes a broad category of businesses or organizations that regularly defer payment for goods or services which are billed later. The FTC clarified that any person that provides a product or service for which the consumer pays after delivery is a creditor under the Red Flags Rule.
In response to financial industry concerns regarding the applicability of the rule to various segments of the financial markets, the FTC repeatedly extended the rule’s compliance date. On December 9, 2010, Congress sent the President the “Red Flag Program Clarification Act of 2010,” excluding certain providers that deliver service before payment; which President Obama signed into law on December 18, 2010. The legislation amended the Fair Credit Reporting Act to redefine the term “creditor.” Because the definition now includes one who uses or reports to consumer reporting agencies in connection with its transactions, and excludes one who “advances funds…for expenses incidental to a service provided by the creditor to that person,” the definition is narrower and excludes many professionals, including most investment advisers.