Compliance Officer Spotlight: Dov Lando
Updated: Sep 21, 2020
How did you find yourself working in a compliance role?
I began my career as an associate at the law firm Schulte Roth & Zabel, focusing on hedge funds and other alternative asset managers. I initially left private practice to go in-house at a large financial institution for several years before taking my first role as General Counsel at an independent alternative asset manager. That was in 2003, shortly before the SEC's adoption of Rule 206(4)-7, which formalized the need to establish a compliance program, perform an annual compliance review, and appoint a Chief Compliance Officer. Adoption of that rule was an early milestone in the strong trend toward increased focus on compliance in the industry, by the SEC and other regulatory agencies in the U.S. and worldwide.
I subsequently transitioned to another alternative manager for several years before joining Crawford Lake Capital in August 2018. At each firm, I served as General Counsel and head of the legal and compliance function. That sometimes involved my also serving as Chief Compliance Officer, while at other periods someone else on my team held that title. Regardless of who bore the official CCO title, I was always aware of being ultimately accountable for my firm meeting its global compliance deliverables, and I was consistently involved with the increasing complexity of the compliance function. This element of my responsibility grew as new laws and regulations were adopted, and regulatory expectations increased. Since joining Crawford Lake, I have officially held both the General Counsel and Chief Compliance Officer titles. Thankfully, our firm has a strong culture of compliance and a collaborative environment, so I have firm-wide support in ensuring all compliance obligations are met. I further benefit from having external resources that are of tremendous assistance, including Titan Regulation as outside compliance consultant. Though it is daunting to know that I bear the personal liability that comes with being Chief Compliance Officer, in many ways I prefer it to the alternative. Holding the CCO title keeps my focus sharp and leaves no ambiguity within the firm of my personal accountability; and correspondingly with my authority over compliance-related matters. I don't take this position lightly, and before joining Crawford Lake it was important for me to confirm that the principals had a healthy respect for the compliance function and would empower me to act as I felt necessary. Thankfully, our principals set the right tone from the top, and as a result I have been able to remain confident of our high level of compliance and overall integrity.
What does your typical day-to-day look like?
As both General Counsel and Chief Compliance Officer, I have a broad range of responsibilities, and the nature of my daily tasks varies significantly due to active projects at any time. However, I consistently focus a material portion of my week on compliance-related matters. When I first joined the firm, I spent a significant amount of time enhancing our compliance function to develop robust tracking tools and methods of documenting deliverables appropriately. On an ongoing basis thereafter, I make time to ensure that all deliverables are met on schedule. One of my most important tools is an extensive and tailored compliance matrix that I developed with the assistance of Titan Regulation, within which I have captured most of our ongoing deliverables. This is a living document, and I add to it regularly to reflect new items as they arise.
Additionally, I regularly spend time building additional compliance tools, whether to address new requirements or just to further enhance the function. An example of responding to new requirements arose from the Cayman Data Protection Law that came into effect on September 30 of this year, which required generating and distributing a new privacy notice, updating applicable service contracts, and enhancing our vendor due diligence review process. A different example reflecting work to enhance an existing function is our ongoing focus on data integrity and cybersecurity, for which we recently engaged a new vendor, migrated to a new platform, and enhanced applicable policies and procedures. My general approach is to try capturing in a written workflow any process that is likely to be repeated, that has multiple elements that would be difficult to recall from memory, and that warrants written documentation. I also believe that time and effort spent in building a strong process up front is well-spent, and will actually save time and hassle in the long run.
What are some of the more challenging aspects of your role as a compliance officer?
During my time in the industry, I have worked at firms with very different staffing
configurations. On one end of the spectrum, I worked at a large financial institution with thousands of employees, including legal and compliance departments that operated separately from each other, and that each had multiple teams and group leaders. Some of the greatest challenges in that environment arose from conflicting perspectives between members of the legal and compliance functions, which often required significant effort and negotiation to reach a mutually acceptable conclusion. In the middle of the spectrum, I spent the majority of my career at independent alternative advisers with 100+ employees, multiple offices in different countries, and dedicated teams for each operational function (each with its own group leader). That structure provides a benefit due to the ability to allocate responsibility based on specialization, with focused oversight, and I was fortunate to work with many dedicated and capable professionals. However, there often arose ambiguity of "decision rights", which required coordination among group heads to reach consensus, or at least clarity on who had the final say on a particular matter. On the other end of the spectrum, my current firm has fewer employees and less formal division between functions. This allows people to get involved in areas outside their primary function, and serve multiple roles within the firm. For example, as part of a cybersecurity enhancement, we recently migrated our IT infrastructure to the cloud, and engaged a new MSP to help with implementation. Though we have a strong IT manager, we don't have a dedicated IT team or Chief Technology Officer. This allowed me to serve in more of a leadership role on the project: selecting a vendor; overseeing implementation; and continuing to serve as the primary point person. It was interesting and exciting to get deeper into the applicable technology and systems, and doing so facilitated my work on related policies and data mapping exercises. I appreciated the opportunity to take on this project, which was consistent with our firm culture of promoting personal and professional growth. Thankfully, we also have a very collaborative environment, and I could always count on my colleagues to support the effort and cooperate with its implementation. Though I remain acutely aware of my ultimate responsibility for the firm's legal and compliance obligations, it is comforting to know that I have the support and assistance of my fellow employees, and that I can rely on them to help out whenever needed.
How do you leverage Titan Regulation to assist with your duties as a compliance officer?
Titan Regulation has been incredibly helpful in facilitating all of our regulatory filings. They have robust systems to help track applicable deadlines and ensure we stay well ahead of schedule. Another area where Titan has been particularly additive is our annual compliance review. Specifically, we worked together to schedule four quarterly on-site sessions each year, over the course of which all relevant areas are subject to review. Titan helps maintain a discipline to stay on schedule, and also brings an independent, outside perspective to the reviews. For these functions, as well as other matters that arise from time to time, the Titan consultants are experienced and responsive, and able to provide helpful guidance when questions arise.
What tools have you used that have helped you gain efficiencies in fulfilling your compliance duties? Do you have any advice you wish you could give your past self?
The compliance function is too complex, and the implications of a failure too great, to rely on memory. For this reason, I find it essential to develop tools to help ensure that all appropriate steps are taken, and that applicable deadlines are met. The nature of such tools can vary greatly, including use of Outlook calendars, Excel spreadsheets, compliance tracking systems, or even just charts of action items. When faced with time pressure to complete a particular task, it may be tempting to simply focus on the immediate demands, failing to consider the fact that you will likely need to repeat the same task many times in the future. However, I have found it worthwhile to spend some additional time up front to develop a tool that can be used both in the present, and then again when the task recurs. Just to give an example, many things need to be done whenever a new employee joins a firm, and that list will vary depending on the new person's function. There is great value in building a tool (e.g., a checklist) that can be enhanced over time for comprehensiveness, and tailored as appropriate to on-board specific individuals. Thinking back to the many times when I was forced to "reinvent the wheel" because I failed to build a repeatable tool the first time I completed a task, this is something I wish that I had better appreciated earlier in my career.