Home Alternative guide The SEC’s examinations division is (finally) talking about alternative data | ...

The SEC’s examinations division is (finally) talking about alternative data | Akin Gump Strauss Hauer & Feld LLP


Key points

  • The SEC’s Review Division issued a Risk Alert which, as part of a focus on MNPI, highlighted observed shortcomings related to the use of alternative data by private money managers and other investment advisers. investment.
  • While the discussion of alternative data is brief, these findings are notable — and important — given the Division’s emphasis on alternative data in recent reviews and the SEC’s enforcement action against App Annie in 2021.


In recent years, staff of the Divisions of Examinations and Enforcement of the United States Securities and Exchange Commission have engaged in several alternative data-focused efforts. The Reviews Division, for example, has conducted numerous (and often lengthy) reviews of private fund managers who use alternative data in their research processes, producing non-public deficiency letters.

In a similar vein, the Enforcement Division, with the assistance of review staff, filed and settled a high-profile lawsuit against an alternative data aggregator.1 This 2021 lawsuit against App Annie, Inc., a leading provider of alternative data for the mobile app industry, marked a turning point in the alternative data industry.2 In the settlement order, the SEC found that App Annie had misrepresented the nature of the data it sold to investment firms, which relied on that data to make investment decisions; as a result, the SEC charged App Annie with securities fraud.

After AppAnnieprivate fund managers wondered if the SEC could or would assert that the managers themselves may commit wrongdoing with respect to their alternative data processing. Many have identified Section 204A of the Investment Advisers Act of 1940, which requires investment advisers to maintain policies and procedures designed to prevent the misuse of material nonpublic information (MNPI), such as a potential risk area.

Risk Alert

This question was answered on April 26, 2022, when the Examinations Division issued a risk alert highlighting a wide range of MNPI-related deficiencies found in recent examinations, all of which were deemed to be related to the section 204A and rule 204A-1 thereunder.3 This risk alert placed alternative data and its use (or misuse) squarely within the scope of liability of Section 204A and Rule 204A-1.

Private fund managers who use alternative data have been waiting for some time for a risk alert or similar guidance from the Review Division that would detail staff observations and highlight what staff consider to be examples of best practice. (and deficient) in terms of accessing alternative data. This risk alert provides initial, albeit very brief and high-level, guidance from the Review Division on expectations and alternative best practices for data policy.

The following advice was incorporated into the risk alert:

advisers who have used [alternative data] …did not appear to adopt or implement reasonably designed written policies and procedures to address the potential risk of receiving and using MNPI through other data sources[,]

which was supplemented with three specific examples of shortcomings and weaknesses observed in recent reviews:

  • Advisors who “did not appear to adequately memorize due diligence processes or follow them consistently and instead engaged in ad hoc and inconsistent due diligence of alternative data service providers.”
  • Advisors who “did not appear to have policies and procedures regarding data assessment, including when advisors became aware of red flags regarding the sources of this alternative data.”
  • Advisors who “did not appear to consistently implement their policies and procedures relating to other data service providers. For example, advisors did not apply their due diligence process to all alternative data sources. Additionally, staff observed advisors who had an onboarding process for alternative data service providers, but lacked a system to determine when due diligence should be rerun based on elapsed time or changes in data collection practices. Staff also observed advisors who could not demonstrate, for example by producing documentation, that their policies and procedures had been implemented consistently. »

At the outset, the risk alert describes alternative data as covering “many types of information increasingly used in financial analysis, beyond traditional financial statements, corporate filings, and press releases. hurry”.4 Due to the breadth of the SEC’s description, private money managers may want to interpret the term “alternative data” broadly when reviewing their own policies and practices.


We expect the SEC to continue to focus on how investment advisers handle and use alternative data. We also expect additional, non-public deficiency letters resulting from reviews and other public directives and/or enforcement actions regarding alternative data.

Going forward, the SEC may find that the use of alternative data involves not only Section 204A, but also potentially Rule 10b-5, the primary anti-fraud authority under which the SEC controls insider trading on securities markets. Indeed, the risk alert goes out of its way to state that “[a]alternative data does not necessarily contain MNPI,” suggesting that the SEC believes a situation could arise when alternative data Is contain MNPI, and an insider trading action could be based on additional evidence of breach of legal duty or deception and required mental, or “scientific” condition.

Implications and Takeaways

Taken together, the staff findings suggest that advisors should implement or review policies and procedures associated with alternative data. Since this area of ​​focus can be boiled down to a discrete list of tasks requested by the risk alert, that list would likely include things like the following:

  1. Carefully review the due diligence requirements to be performed under a manager’s policies and procedures and assess whether they need improvement.
  2. Confirm that there is a process designed to ensure due diligence efforts are commemorated.
  3. Review control policies and procedures to determine if there are appropriate guidelines on the nature and degree of due diligence expected; assess whether there is support or guidance for tracking ‘red flags’.
  4. Assess whether due diligence efforts are sufficiently consistent across alternative data sources.
  5. Confirm that due diligence is not limited to a subset of “alternative data” providers.
  6. Consider how often the diligence should be “re-subscribed”.

For many managers, these results will align with their practices and give them confidence that they are doing the right thing. For others, this risk alert could provide impetus for changes in personnel, resources, policies and procedures in this developing area of ​​the investment research process.

1 App Annie Inc. and Bertrand Schmitt – SEC.gov.

2 SEC brings first-ever ‘alternative data’ enforcement action.

3 Investment Advisor MNPI Compliance Issues. The Risk Alert further addresses capital management on behalf of so-called “value-added investors”, shortcomings associated with advisors’ use of expert networks, and trading-related issues affecting requirements of the code of ethics rule.

4 The risk alert included examples of “alternative data”, including “information gleaned from satellite and drone images of crop fields and retailer parking lots, analyzes of global credit card transactions, social media and internet search data, geolocation data from consumer cell phones, and email data obtained from apps and tools that consumers may use.”