The following document is an approximate, but not exact, transcript of the Operational Leaders podcast conversation between host Terrance J. O’Malley and guest Fizza Khan.

Please support the production of this podcast by downloading the Fizza Khan episode.


Narrator  0:05

Welcome to the Operational Leaders podcast featuring leaders and innovators in the investment management industry, where we discuss the business of running the business with host and top industry executive Terrance J. O’Malley.

Terrance O’Malley  0:21

My next guest is a pioneer in providing outsource compliance services to investment firms. She has extensive experience as a consultant, and as an in-house Chief Compliance Officer. She is the founder of Silver Regulatory Associates, a firm focused on delivering compliance solutions to financial services firms. Please welcome Fizza Khan.

Fizza Khan  0:44

Hi, Tery.

Terrance O’Malley  0:45

Thank you for joining us today and I appreciate you doing this remotely. So the world has changed a little bit.

Fizza Khan  0:52

Sure has.

Terrance O’Malley  0:53

How is that impacting your business? How is that impacting compliance?

Fizza Khan  0:57

Sure. So with respect to Silver Regulatory Associates, thankfully, our business has not been impacted. Prior to launching, we ensured that we had the appropriate infrastructure in place to work remotely. So I think that was the key in order to ensure that, even while traveling or being with clients on site, we had the capability to be able to access any and all files that were necessary for any particular assignment. So thankfully, again, we are operating fairly seamlessly. We have routine check ins with our team, and everything has been going quite well.

Fizza Khan  1:42

As far as the compliance landscape is concerned, I think this is something that you and I can agree on -just around the world – things are unprecedented, and compliance is no exception to that. So I think first and foremost, the biggest thing from a compliance standpoint is how do you manage direct supervisory oversight over your team and over your firm to ensure that policies and procedures are actually being adhered to. I think it’s also important for managers to recognize that there be a direct dialogue and open communication with their entire staff, but in particular, their Chief Compliance Officer and their compliance department. Because you do want to make sure that the policies and procedures are actually being adhered to and that there aren’t any hiccups along those lines.

Terrance O’Malley  2:43

What do you make of the idea of not having that face to face interaction every day, whether it be sort of an internal function at a firm or through the use of an outside compliance consulting firm like yourself, where you don’t have the ability to maybe do the travel and get inside to see what people are doing?

Fizza Khan  3:00

It should not be as big of a hiccup as one may expect, specifically, if you have the requisite infrastructure in place. So, ideally there is that face to face time and being hands on is really important when dealing with areas of compliance. But I think it’s also important to recognize that, again, going back to my earlier point, if you have the direct dialogue with your team in place already, then establishing video chats, direct communication over email, etc., should be a seamless process.

Fizza Khan  3:42

I think the bigger issue actually lies with your external third-party service providers. So compliance consultants would fall into that category. But I think importantly, if you have regular routine check ins already established prior to COVID-19 happening, then again, the process is relatively seamless. The one thing that I would recommend managers do is – right now we’re in a space where managers were informing their investors, even maybe certain of their critical third-party service providers about the institution of their business continuity plan. But they should be doing the reverse, also. They should be checking in with their compliance consultants, with their third-party service providers and finding out exactly what is it that those providers are doing, by way of their business continuity plan and what exactly is happening in reverse, because it is a two way street. It is a collaborative process. So you need to make sure that both sides know what each other is doing. It’s not just about the manager informing their investors. It’s also the business continuity plans of their critical third-party service providers informing them what’s happening on their end.

Terrance O’Malley  5:09

Is there any particular area or few areas that you worry are at heightened risk from a compliance perspective during this period of time? We had the opportunity to be on a cybersecurity panel, obviously, that’s something that is going to be elevated. Are there other areas that you’re concerned about?

Fizza Khan  5:26

I think primarily with respect to conflicts of interest with employees, specifically personal trading. We’re in, again, a market that has a lot of opportunity and volatility that certain employees may want to take advantage of, and rightfully so. I mean, if they are able to do that within the boundaries of whatever personal security trading policy their firm may have, that’s terrific. But I think by way of working remotely, oftentimes this is forgotten in terms of what the policy is, the preclearance procedures, etc.

Fizza Khan  6:06

But even just taking a step back and looking at the overall arching theme, which is, we should be focusing on their fiduciary duty, right. Their fiduciary duty right now is to ensure the funds, the firm, etc., all of those activities are happening ahead of their own interests. So managers really need to be astute, especially the chief compliance officers need to be aware that if regular and routine trading is happening, even if it’s within the lines of a personal trading policy, find out why this is happening so frequently. And again, it may not be a bad thing, but you need to be more careful about things of that nature during this time.

Terrance O’Malley  6:54

Thanks. So we’re in an obviously unusual time, but let’s take a step back a little bit and talk about how did you get involved in compliance and then maybe lead a little further into that and how you came to become the CEO and founder of Silver Regulatory Associates?

Fizza Khan  7:09

Sure. So compliance was an area that I think was a natural fit for me. I started off working as a lawyer in the investment management space, primarily with registered funds and then transition to alternative investment funds. And then I realized that there is this whole realm behind fund formation and informing the managers of how they should be set up, which is post that. And now they’re involved in their investment activity, what type of regulatory obligations do they have?

Fizza Khan  7:45

So I naturally started segwaying into compliance. And then serendipitously, and ironically in 2008, after being the CCO of a multi strat hedge fund that, unfortunately got affected by the 2008 crisis, I was fortunate enough to be a part of a group called CounselWorks that really led the model with respect to compliance consulting. The model had not really been fleshed out at that point. And I too was not familiar with how this would work. And quite frankly, I just thought it would be something I would transition out of and back into being in house. But now 10 plus years later, I absolutely love it. I think it’s a model that a lot of firms, regardless of size, can benefit from. And in so doing, I recognize that because of the passion I have with this area, it only made sense for me to segue and dovetail this into a firm of my own. So back in June of 2018, back in 2018, I had a soft launch of Silver Regulatory Associates, whereby I was fortunate to have certain of the associates that worked for me previously at CounselWorks and subsequently at Duff and Phelps, follow me to build out this endeavor. And now we are in 2020, almost two years in, and I’m proud to say we’re doing very well. 10 people strong with two offices, one in New York and one in LA, and a strong client base.

Terrance O’Malley  9:32

So what did you find is the biggest challenge to starting your own firm?

Fizza Khan  9:36

I think the biggest challenge is with respect to understanding the delegation of responsibilities. As a business owner and a founder, you cannot do everything. It’s just next to impossible. Nor do you have the expertise to do everything. I have the expertise to provide advice to the investment management  community in the financial services space. What I do not have the expertise in is perhaps accounting or bookkeeping, for example. So I think where a lot of mistakes with any sort of business happens is the owner thinking that they can do it all, when in fact, they cannot, and they should not. There has to be checks and balances in place. And I learned that thankfully from the very beginning, and realize that dedicating a certain amount of resources to the capital required, human capital required to run the business is essential. And once you have that down, then you are able to build out the platform in a way that your vision is basically put to fruition. But if you try to do it all yourself, you will be stuck.

Terrance O’Malley  10:55

So you build out the platform. How big can that platform get? Or do you feel there is a certain point this is a personal services business, and does that create certain limitations on how big you can grow?

Fizza Khan  11:08

I think it’s really all about the individual business model. This can grow exponentially if you want it to. I personally am in a position at this point in time and in the foreseeable next five years, where I do want to keep the firm in a boutique model. I think the client benefits from that because they get direct one on one consistent team interaction. I think once the model starts to get rather large, you attract a different type of client base, and you also provide a different type of service. It’s not to say one is better than the other. It just depends on what it is that you’re trying to accomplish. So what we are trying to accomplish at Silver Regulatory Associates is not just providing compliance advice, but also being integrated as a part of a firm’s compliance program and compliance team, should they need that level of assistance, I think once you get to be a bit larger than that, direct interaction and capability may somewhat be last.

Terrance O’Malley  12:21

So the role of the compliance consulting firm, does that vary from client to client? Does it vary from consulting firm to consulting firm? What is your view on that?

Fizza Khan  12:30

I do believe it’s both Tery. I think with respect to our model at Silver, we definitely take the approach that it needs to be customized for each client. We have services that fall within either ongoing maintenance retainer services, or project by project-based services. We find that both models work well for our clients. Typically, larger institutional type of firms tend to want the project-based work because they already have a solid built-out compliance team. And they want an independent assessment of the work that they’re doing. So oftentimes, we’re asked to do project work for our larger base clients, perhaps do forensic testing or to be involved in conducting mock audit or SEC preparedness assessments.

Fizza Khan  13:28

For example, we can take those types of projects and apply it to our ongoing maintenance clients as well. But typically, our ongoing client are those clients that require hands-on assistance with their day to day compliance requirements. So typically, they do not have a built-out team or they are limited on resources in compliance. Oftentimes, the CCO is dual hatted so they carry both the CCO title as well as maybe a CFO or COO title. And that’s where we come in to support them. So that’s how we structure the model and what the trends we are seeing at Silver tend to be with our client base.

Fizza Khan  14:16

I think to your other point with respect to client services as it relates to the different consulting firms, that is also at play because we take a much more qualitative approach to compliance consulting, taking in much more of a 360 holistic view of how compliance is being implemented throughout the firm. What are the business implications outside of just the regulatory impact? Other firms are much more quantitative and much more methodical, and very strict in their approach. Like the rule says x, you need to follow x. And again, it’s not to say that one is better than the other. It’s just to say that, depending on what the manager strategy is and what their approach to compliance is, and what their goals are with respect to compliance, that could often drive the type of compliance consultant you’re looking for.

Terrance O’Malley  15:12

So, before Coronavirus changed our world, where was the demand coming from in terms of hiring compliance consultants.

Fizza Khan  15:20

I think the trend that we were seeing in terms of just managers generally were primarily startups, or those firms that were spinning out of a larger firm and recognized the importance of having a compliance team in place, whether it be through a compliance consultant, internally or a combination thereof. I think that was the trend that we were seeing. From a strategy standpoint, even prior to Corona, I think we were seeing an upswing in private equity and private credit. I think even more so now for the obvious reasons.

Fizza Khan  16:03

But the other thing that we were seeing in terms of understanding different types of strategies, interestingly enough, and I think we’re going to see this again, in light of what we’re experiencing in this environment, is crypto. We were seeing quite a few crypto clients come our way. And as I’m sure you can imagine, Tery, people who are in the crypto space typically do not know much about financial services or the regulations behind them. So it was very much a reciprocal learning arrangement whereby they’re teaching us about this vast and amorphous world called cryptocurrency and digital assets. And in return we’re teaching them, okay, what are the basics behind securities regulation and investment advisor regulation. So I think those areas have been on the uptick as far as compliance consulting is concerned. And we’re continuing to see that trend happening even now.

Terrance O’Malley  17:09

Tell me, what are some of the biggest misconceptions that you think that people have in the manager side in terms of what a compliance consulting firm can or cannot do?

Fizza Khan  17:17

That’s an excellent question. I think primarily, the biggest misconception is that if you already have an internal team in place, you do not need a compliance consultant. I think that the benefit of a compliance consultant can do for a group that already has compliance infrastructure in place is to provide that level of independent review. Oftentimes, once you start to get comfortable with how your program is running, you just take a lot of things for granted. So for example, with your annual review requirements, as an investment adviser, you would probably think that, “okay, I can easily with a team of four or five compliance professionals, of course we can easily test out these areas, review our compliance program in light of what the rules require.” And sure you definitely can. But I think what changes is your level of independence and your level of understanding of whether or not you’re actually doing these policies, procedures in line with your program requirements. So I think oftentimes, we just assume being in house that “Oh, yeah, I’m definitely doing XYZ, for sure, check the box,” But there’s no documentation to support it, no testing to support it, nothing to really give a regulator, should they come in, concrete evidence that this is actually being done correctly. So that’s where compliance consultants can come in because they can be an independent, objective view. You have an already established program. So I think that’s important to recognize.

Terrance O’Malley  19:06

Do you ever worry particularly with some of your newer clients, startup clients that they get the sense of, “Hey, I hired a compliance consulting firm. I’m off the hook, anything happens, not my problem.”

Fizza Khan  19:18

Yes, oftentimes, we get that false sense of security and we gently, and sometimes firmly, remind them that the reason why we are there is so that they can better understand and be educated with respect to their program. And it’s much more favorable in the eyes of the SEC that a manager, a CCO at a manager can own a program. And they actually can say they fully understand and can execute on this compliance program under their supervision as the CCO. I think further credit is given to them by having the support of a compliance consultant to guide them and ensure that that is actually happening.

Fizza Khan  20:09

Oftentimes managers do have that misconception that if everything is on our consultant’s plate, then they can take the hit for anything going wrong. And that’s actually not true because what we do at Silver is any time we work on behalf of the client with respect to any aspect of their compliance program, we make sure to educate the CCO and their team with respect to any sort of work product we generate for them, and they have to sign off on it saying that they’ve understood it. And this is not just for our benefit, and this is not just for us to feel comfortable with in terms of a CYA aspect. It’s much more to ensure that the CCO can speak to not only the regulators but investors when investors are conducting due diligence.

Terrance O’Malley  21:05

So Fizza, I know the world goes on. And we talked a lot about ESG over the past year or two, and I know you have some wonderful capabilities there. Do you want to mention a few things about that?

Fizza Khan  21:18

Certainly. So ESG is actually paramount right now in light of COVID. Because not only is there climate change, but you need to ensure that there’s social governance matters that are being addressed, and managers are being asked more than ever, with respect to investor due diligence, what if any parameters can be put into place with respect to ESG. We at Silver have an ESG strategy line whereby we help managers build out their ESG program, help them diligence ESG matters as it relates to portfolio companies that they may be acquiring, even look into public companies for those hedge fund managers. And we think as it relates to what is happening in the world right now, and going forward, it will just grow that much more important. So managers really need to be hyper aware of what exactly is going on in this space and how it affects their portfolio.

Terrance O’Malley  22:19

Thanks. Do you have any thoughts about the future?

Fizza Khan  22:21

I do. I think just with respect to overall how we operate as a firm with respect to Silver Regulatory Associates, and managing our clients, I think there is going to be a lot more electronic communication by way of video chatting. I think the idea of coming on site will somewhat change as a result of our now working remotely. But I don’t think what will change is the quality of service. I think we will be inevitably there in every aspect for our clients and I think the reliance on us consultants will be that much better, because we will be that much more integrated with the firm as a result of this situation.

Terrance O’Malley  23:09

Thank you very much for joining us today. This has been a great conversation. Very interesting to hear about your firm how you started, some of your thoughts on the industry. And we wish you guys the best of luck.

Fizza Khan  23:19

Thank you so much, Tery. I appreciate the time.

Terrance O’Malley  23:22

Thank you.