Compliance

Silver Rock Capital Holdings (“SRCH”) is committed to fair dealing, investor protection, and regulatory excellence. This page summarizes our program and the practical steps we follow every day. It is informational and not legal advice; our policies may be updated as regulations evolve.

These standards apply to SRCH and its personnel, as well as contractors and vendors who access our systems or information. When SRCH operates in regulated jurisdictions, we comply with applicable laws, rules, and industry codes.



Compliance

Silver Rock Capital Holdings (“SRCH”)
is committed to fair dealing, investor protection, and regulatory excellence. This page summarizes our program and the practical steps we follow every day. It is informational and not legal advice; our policies may be updated as regulations evolve.

These standards apply to SRCH and its personnel, as well as contractors and vendors who access our systems or information. When SRCH operates in regulated jurisdictions, we comply with applicable laws, rules, and industry codes.


Compliance

Silver Rock Capital Holdings (“SRCH”) is committed to fair dealing, investor protection, and regulatory excellence. This page summarizes our program and the practical steps we follow every day. It is informational and not legal advice; our policies may be updated as regulations evolve.

These standards apply to SRCH and its personnel, as well as contractors and vendors who access our systems or information. When SRCH operates in regulated jurisdictions, we comply with applicable laws, rules, and industry codes.

1) Code of Ethics & Professional Conduct

Principles: integrity, fairness, accountability, confidentiality, and respect.
How we do it, step by step:

  1. Annual certification by all personnel to the Code.

  2. Pre-clear personal securities trading where applicable; maintain restricted lists.

  3. Disclose and pre-approve outside business activities and board seats.

  4. Record and pre-approve gifts/hospitality; decline anything that could impair judgment.

  5. Report violations immediately; enforce with proportionate discipline.

2) Conflicts of Interest

Principle: identify, disclose, manage, and monitor conflicts so clients and counterparties are treated fairly.
How we do it, step by step:

  1. Map potential conflicts (fees, valuation, research coverage, personal holdings, vendor ties).

  2. Disclose conflicts in plain English to investors/clients as required.

  3. Establish controls (information barriers, independent reviews, recusals).

  4. Document decisions in the compliance log.

  5. Monitor outcomes and refresh mitigants as facts change.

3) Material Non-Public Information (MNPI) & Insider Trading

Principle: zero tolerance for misuse of MNPI.
How we do it, step by step:

  1. Train all personnel on MNPI definitions, sources, and red flags.

  2. Maintain restricted and watch lists; suspend trading when appropriate.

  3. Use formal wall-crossing procedures and insider lists for due diligence.

  4. Segregate deal data in need-to-know folders; audit access.

  5. Escalate suspected breaches to Compliance; document remedial actions.

4) Research Independence & Transparency

Principle: analysis must be objective, reproducible, and properly disclosed.
How we do it, step by step:

  1. Publish methodology and key assumptions; cite sources.

  2. Disclose SRCH holdings/relationships relevant to the subject where required.

  3. Separate research views from marketing content; label opinions vs. facts.

  4. Pre-publish compliance review for sensitive pieces.

  5. Archive versions and backup data for reproducibility.

5) Information Barriers (“Chinese Walls”)

Principle: protect confidential and deal-sensitive information.
How we do it, step by step:

  1. Segment networks, drives, and collaboration tools by function and deal.

  2. Enforce least-privilege access with MFA and periodic access reviews.

  3. Tag confidential files; restrict forwarding/sharing and external drives.

  4. Use clean rooms and data rooms for diligence; log downloads.

  5. Perform quarterly audits; remediate exceptions.

6) AML/KYC & Sanctions Screening

Principle: prevent misuse of our platform for illicit finance.
How we do it, step by step:

  1. Collect identity, beneficial ownership, and source-of-funds documentation.

  2. Verify documents and screen against applicable sanctions/PEP/adverse-media lists.

  3. Risk-rate each relationship; obtain senior approval for higher-risk cases.

  4. Monitor transactions and update KYC periodically or on trigger events.

  5. Escalate and report suspicious activity consistent with local law.

7) Privacy & Data Protection

Principle: collect only what we need, protect it, and honor rights requests.
How we do it, step by step:

  1. Data minimization: define purpose, limit fields, set retention.

  2. Encrypt data in transit and at rest; apply role-based access.

  3. Sign Data Processing Agreements with vendors; assess cross-border transfers.

  4. Maintain procedures for data subject requests (access, deletion, correction).

  5. Conduct privacy impact assessments for new tools and datasets.

8) Cybersecurity

Principle: defense-in-depth to safeguard systems and research.
How we do it, step by step:

  1. MFA everywhere; endpoint protection and device encryption.

  2. Patch management SLAs; vulnerability scans and penetration tests.

  3. Network segmentation; continuous logging and anomaly detection.

  4. Off-site encrypted backups; defined RTO/RPO for critical systems.

  5. Incident Response Plan (IRP): detect → contain → eradicate → recover → post-mortem.

9) Investment Due Diligence & Investment Committee

Principle: rigorous, documented, repeatable decision-making.
How we do it, step by step:

  1. Build an IC memo covering market, moat, unit economics, legal/regulatory, ESG, and risks.

  2. Obtain third-party QoE/financial diligence as appropriate; validate data pipelines.

  3. Independently test valuation sensitivities and downside cases.

  4. Record IC debate and vote; capture conditions precedent and monitoring KPIs.

  5. Set a 100-day plan and reporting cadence for portfolio oversight.

10) Valuation & Fair Value

Principle: fair, supportable, and consistently applied methodologies.
How we do it, step by step:

  1. Select approach(es): market (comps), income (DCF), or cost—justify selection.

  2. Normalize EBITDA/cash flows; document key assumptions (WACC, growth, multiples).

  3. Cross-check across methods; analyze calibration to prior transactions.

  4. Use independent reviews or third-party specialists where appropriate.

  5. Reassess at defined intervals and upon impairment triggers.

11) Fees, Expenses & Side Letters

Principle: transparent, accurate, and fairly allocated.
How we do it, step by step:

  1. Disclose fee mechanics and chargeable expenses up-front and in offering docs.

  2. Allocate shared costs via documented methodology; no retroactive changes without consent.

  3. Pre-approve any unusual charges; capture in the ledger with descriptions.

  4. Track side-letter obligations and ensure equal-treatment clauses are respected.

  5. Include fees/expenses in investor reporting with variances explained.

12) Marketing, Performance, and Communications

Principle: fair, balanced, and not misleading. No promises of future returns.
How we do it, step by step:

  1. Substantiate all claims; avoid cherry-picking and hypothetical performance unless permitted and clearly labeled.

  2. Include relevant risks and limitations; keep tone factual.

  3. Pre-clear materials with Compliance; maintain version control.

  4. Use approved disclaimers; include conflict disclosures where relevant.

  5. Archive all external communications in accordance with recordkeeping rules.

13) Gifts, Entertainment & Political Activity

Principle: prevent undue influence and comply with applicable “pay-to-play” and ethics rules.
How we do it, step by step:

  1. Pre-clear gifts/entertainment above de-minimis thresholds; record everything.

  2. Prohibit cash or equivalents; refuse anything that creates an obligation.

  3. Pre-clear political contributions where applicable; maintain logs.

  4. Train annually on local restrictions and firm limits.

  5. Review reports quarterly; remediate as needed.

14) Third-Party & Vendor Risk Management

Principle: trust but verify.
How we do it, step by step:

  1. Perform due diligence (security, financial, compliance, sanctions).

  2. Use contracts with confidentiality, data-protection, and performance clauses.

  3. Request SOC/ISO attestations where appropriate; map sub-processors.

  4. Monitor SLAs and incidents; maintain exit/transition plans.

  5. Re-assess vendors annually or upon material change.

15) Recordkeeping & Retention

Principle: keep the right records, for the right time, in the right place.
How we do it, step by step:

  1. Classify records (investment, research, communications, governance).

  2. Apply retention schedules; use immutable storage where required.

  3. Ensure searchability and prompt retrieval for audits/exams.

  4. Secure destruction after retention expires.

  5. Audit samples periodically; fix gaps.

16) Business Continuity & Disaster Recovery

Principle: resilience for investors, employees, and counterparties.
How we do it, step by step:

  1. Identify critical processes/systems and set RTO/RPO targets.

  2. Maintain alternate work locations and secure remote access.

  3. Test backups and failovers; conduct tabletop exercises annually.

  4. Crisis communications plan for stakeholders and regulators.

  5. Post-incident review with corrective actions.

17) ESG & Responsible Investment

Principle: consider financially material ESG factors where relevant to risk-adjusted returns.
How we do it, step by step:

  1. Apply an ESG materiality screen during diligence; avoid box-ticking.

  2. Include ESG risks/opportunities and KPIs in IC memos and 100-day plans.

  3. Engage portfolio management on practical improvements (safety, compliance, efficiency).

  4. Monitor and report progress where agreed with investors.

  5. Update positions as regulations and stakeholder expectations evolve.

18) Complaints & Inquiries

Principle: respectful, timely resolution.
How we do it, step by step:

  1. Log every complaint/inquiry with date, parties, and summary.

  2. Acknowledge receipt promptly with a target timeline.

  3. Investigate facts; obtain documents/interviews as needed.

  4. Provide a written response and remedy where appropriate.

  5. Track themes and implement preventive measures.

19) Training, Testing & Culture

Principle: compliance is a daily habit, not a checklist.
How we do it, step by step:

  1. Onboarding training plus annual refreshers (ethics, MNPI, AML, cyber, privacy).

  2. Quarterly micro-trainings tied to real scenarios.

  3. Phishing simulations and incident tabletop drills.

  4. Annual attestations to key policies.

  5. Anonymous pulse surveys; leadership sets the tone from the top.

20) Whistleblowing & Non-Retaliation

Principle: speak up safely.
How we do it, step by step:

  1. Maintain anonymous reporting channels (hotline/email/portal).

  2. Prohibit retaliation; violations are cause for discipline.

  3. Triage by Compliance; escalate to independent reviewers where needed.

  4. Protect confidentiality to the extent permitted by law.

  5. Track outcomes and communicate lessons learned.

21) Governance & Oversight

Principle: clear ownership and accountability.
How we do it, step by step:

  1. Designate a Chief Compliance Officer (CCO) with authority and resources.

  2. Quarterly reports from Compliance to senior leadership/board or equivalent body.

  3. Annual independent review of the compliance program’s design and effectiveness.

  4. Document remedial plans and deadlines; track to closure.

  5. Update policies for regulatory changes and exam feedback.

Disclosures

  • Silver Rock Capital Holdings "SRCH" operates subject to the laws and regulations of the jurisdictions in which it conducts business. Registrations, licenses, and affiliations, if and where applicable, are disclosed to investors/clients and regulators.

  • Nothing on this page constitutes investment, legal, tax, or accounting advice, or a solicitation to buy or sell any security. Past performance is not indicative of future results.

Contact

Compliance & Ethics: raizer@silverrockcapitalholdings.com
Mailing Address: 16901 Collins Avenue, Unit 2001, Sunny Isles 33160

Version Control

Effective date: September 22, 2025
Last review: September 22, 2025
Next scheduled review: March 22, 2026

1) Code of Ethics & Professional Conduct

Principles: integrity, fairness, accountability, confidentiality, and respect.
How we do it, step by step:

  1. Annual certification by all personnel to the Code.

  2. Pre-clear personal securities trading where applicable; maintain restricted lists.

  3. Disclose and pre-approve outside business activities and board seats.

  4. Record and pre-approve gifts/hospitality; decline anything that could impair judgment.

  5. Report violations immediately; enforce with proportionate discipline.

2) Conflicts of Interest

Principle: identify, disclose, manage, and monitor conflicts so clients and counterparties are treated fairly.
How we do it, step by step:

  1. Map potential conflicts (fees, valuation, research coverage, personal holdings, vendor ties).

  2. Disclose conflicts in plain English to investors/clients as required.

  3. Establish controls (information barriers, independent reviews, recusals).

  4. Document decisions in the compliance log.

  5. Monitor outcomes and refresh mitigants as facts change.

3) Material Non-Public Information (MNPI) & Insider Trading

Principle: zero tolerance for misuse of MNPI.
How we do it, step by step:

  1. Train all personnel on MNPI definitions, sources, and red flags.

  2. Maintain restricted and watch lists; suspend trading when appropriate.

  3. Use formal wall-crossing procedures and insider lists for due diligence.

  4. Segregate deal data in need-to-know folders; audit access.

  5. Escalate suspected breaches to Compliance; document remedial actions.

4) Research Independence & Transparency

Principle: analysis must be objective, reproducible, and properly disclosed.
How we do it, step by step:

  1. Publish methodology and key assumptions; cite sources.

  2. Disclose SRCH holdings/relationships relevant to the subject where required.

  3. Separate research views from marketing content; label opinions vs. facts.

  4. Pre-publish compliance review for sensitive pieces.

  5. Archive versions and backup data for reproducibility.

5) Information Barriers (“Chinese Walls”)

Principle: protect confidential and deal-sensitive information.
How we do it, step by step:

  1. Segment networks, drives, and collaboration tools by function and deal.

  2. Enforce least-privilege access with MFA and periodic access reviews.

  3. Tag confidential files; restrict forwarding/sharing and external drives.

  4. Use clean rooms and data rooms for diligence; log downloads.

  5. Perform quarterly audits; remediate exceptions.

6) AML/KYC & Sanctions Screening

Principle: prevent misuse of our platform for illicit finance.
How we do it, step by step:

  1. Collect identity, beneficial ownership, and source-of-funds documentation.

  2. Verify documents and screen against applicable sanctions/PEP/adverse-media lists.

  3. Risk-rate each relationship; obtain senior approval for higher-risk cases.

  4. Monitor transactions and update KYC periodically or on trigger events.

  5. Escalate and report suspicious activity consistent with local law.

7) Privacy & Data Protection

Principle: collect only what we need, protect it, and honor rights requests.
How we do it, step by step:

  1. Data minimization: define purpose, limit fields, set retention.

  2. Encrypt data in transit and at rest; apply role-based access.

  3. Sign Data Processing Agreements with vendors; assess cross-border transfers.

  4. Maintain procedures for data subject requests (access, deletion, correction).

  5. Conduct privacy impact assessments for new tools and datasets.

8) Cybersecurity

Principle: defense-in-depth to safeguard systems and research.
How we do it, step by step:

  1. MFA everywhere; endpoint protection and device encryption.

  2. Patch management SLAs; vulnerability scans and penetration tests.

  3. Network segmentation; continuous logging and anomaly detection.

  4. Off-site encrypted backups; defined RTO/RPO for critical systems.

  5. Incident Response Plan (IRP): detect → contain → eradicate → recover → post-mortem.

9) Investment Due Diligence & Investment Committee

Principle: rigorous, documented, repeatable decision-making.
How we do it, step by step:

  1. Build an IC memo covering market, moat, unit economics, legal/regulatory, ESG, and risks.

  2. Obtain third-party QoE/financial diligence as appropriate; validate data pipelines.

  3. Independently test valuation sensitivities and downside cases.

  4. Record IC debate and vote; capture conditions precedent and monitoring KPIs.

  5. Set a 100-day plan and reporting cadence for portfolio oversight.

10) Valuation & Fair Value

Principle: fair, supportable, and consistently applied methodologies.
How we do it, step by step:

  1. Select approach(es): market (comps), income (DCF), or cost—justify selection.

  2. Normalize EBITDA/cash flows; document key assumptions (WACC, growth, multiples).

  3. Cross-check across methods; analyze calibration to prior transactions.

  4. Use independent reviews or third-party specialists where appropriate.

  5. Reassess at defined intervals and upon impairment triggers.

11) Fees, Expenses & Side Letters

Principle: transparent, accurate, and fairly allocated.
How we do it, step by step:

  1. Disclose fee mechanics and chargeable expenses up-front and in offering docs.

  2. Allocate shared costs via documented methodology; no retroactive changes without consent.

  3. Pre-approve any unusual charges; capture in the ledger with descriptions.

  4. Track side-letter obligations and ensure equal-treatment clauses are respected.

  5. Include fees/expenses in investor reporting with variances explained.

12) Marketing, Performance, and Communications

Principle: fair, balanced, and not misleading. No promises of future returns.
How we do it, step by step:

  1. Substantiate all claims; avoid cherry-picking and hypothetical performance unless permitted and clearly labeled.

  2. Include relevant risks and limitations; keep tone factual.

  3. Pre-clear materials with Compliance; maintain version control.

  4. Use approved disclaimers; include conflict disclosures where relevant.

  5. Archive all external communications in accordance with recordkeeping rules.

13) Gifts, Entertainment & Political Activity

Principle: prevent undue influence and comply with applicable “pay-to-play” and ethics rules.
How we do it, step by step:

  1. Pre-clear gifts/entertainment above de-minimis thresholds; record everything.

  2. Prohibit cash or equivalents; refuse anything that creates an obligation.

  3. Pre-clear political contributions where applicable; maintain logs.

  4. Train annually on local restrictions and firm limits.

  5. Review reports quarterly; remediate as needed.

14) Third-Party & Vendor Risk Management

Principle: trust but verify.
How we do it, step by step:

  1. Perform due diligence (security, financial, compliance, sanctions).

  2. Use contracts with confidentiality, data-protection, and performance clauses.

  3. Request SOC/ISO attestations where appropriate; map sub-processors.

  4. Monitor SLAs and incidents; maintain exit/transition plans.

  5. Re-assess vendors annually or upon material change.

15) Recordkeeping & Retention

Principle: keep the right records, for the right time, in the right place.
How we do it, step by step:

  1. Classify records (investment, research, communications, governance).

  2. Apply retention schedules; use immutable storage where required.

  3. Ensure searchability and prompt retrieval for audits/exams.

  4. Secure destruction after retention expires.

  5. Audit samples periodically; fix gaps.

16) Business Continuity & Disaster Recovery

Principle: resilience for investors, employees, and counterparties.
How we do it, step by step:

  1. Identify critical processes/systems and set RTO/RPO targets.

  2. Maintain alternate work locations and secure remote access.

  3. Test backups and failovers; conduct tabletop exercises annually.

  4. Crisis communications plan for stakeholders and regulators.

  5. Post-incident review with corrective actions.

17) ESG & Responsible Investment

Principle: consider financially material ESG factors where relevant to risk-adjusted returns.
How we do it, step by step:

  1. Apply an ESG materiality screen during diligence; avoid box-ticking.

  2. Include ESG risks/opportunities and KPIs in IC memos and 100-day plans.

  3. Engage portfolio management on practical improvements (safety, compliance, efficiency).

  4. Monitor and report progress where agreed with investors.

  5. Update positions as regulations and stakeholder expectations evolve.

18) Complaints & Inquiries

Principle: respectful, timely resolution.
How we do it, step by step:

  1. Log every complaint/inquiry with date, parties, and summary.

  2. Acknowledge receipt promptly with a target timeline.

  3. Investigate facts; obtain documents/interviews as needed.

  4. Provide a written response and remedy where appropriate.

  5. Track themes and implement preventive measures.

19) Training, Testing & Culture

Principle: compliance is a daily habit, not a checklist.
How we do it, step by step:

  1. Onboarding training plus annual refreshers (ethics, MNPI, AML, cyber, privacy).

  2. Quarterly micro-trainings tied to real scenarios.

  3. Phishing simulations and incident tabletop drills.

  4. Annual attestations to key policies.

  5. Anonymous pulse surveys; leadership sets the tone from the top.

20) Whistleblowing & Non-Retaliation

Principle: speak up safely.
How we do it, step by step:

  1. Maintain anonymous reporting channels (hotline/email/portal).

  2. Prohibit retaliation; violations are cause for discipline.

  3. Triage by Compliance; escalate to independent reviewers where needed.

  4. Protect confidentiality to the extent permitted by law.

  5. Track outcomes and communicate lessons learned.

21) Governance & Oversight

Principle: clear ownership and accountability.
How we do it, step by step:

  1. Designate a Chief Compliance Officer (CCO) with authority and resources.

  2. Quarterly reports from Compliance to senior leadership/board or equivalent body.

  3. Annual independent review of the compliance program’s design and effectiveness.

  4. Document remedial plans and deadlines; track to closure.

  5. Update policies for regulatory changes and exam feedback.

Disclosures

  • Silver Rock Capital Holdings "SRCH" operates subject to the laws and regulations of the jurisdictions in which it conducts business. Registrations, licenses, and affiliations, if and where applicable, are disclosed to investors/clients and regulators.

  • Nothing on this page constitutes investment, legal, tax, or accounting advice, or a solicitation to buy or sell any security. Past performance is not indicative of future results.

Contact

Compliance & Ethics: raizer@silverrockcapitalholdings.com
Mailing Address: 16901 Collins Avenue, Unit 2001, Sunny Isles 33160

Version Control

Effective date: September 22, 2025
Last review: September 22, 2025
Next scheduled review: March 22, 2026

1) Code of Ethics & Professional Conduct

Principles: integrity, fairness, accountability, confidentiality, and respect.
How we do it, step by step:

  1. Annual certification by all personnel to the Code.

  2. Pre-clear personal securities trading where applicable; maintain restricted lists.

  3. Disclose and pre-approve outside business activities and board seats.

  4. Record and pre-approve gifts/hospitality; decline anything that could impair judgment.

  5. Report violations immediately; enforce with proportionate discipline.

2) Conflicts of Interest

Principle: identify, disclose, manage, and monitor conflicts so clients and counterparties are treated fairly.
How we do it, step by step:

  1. Map potential conflicts (fees, valuation, research coverage, personal holdings, vendor ties).

  2. Disclose conflicts in plain English to investors/clients as required.

  3. Establish controls (information barriers, independent reviews, recusals).

  4. Document decisions in the compliance log.

  5. Monitor outcomes and refresh mitigants as facts change.

3) Material Non-Public Information (MNPI) & Insider Trading

Principle: zero tolerance for misuse of MNPI.
How we do it, step by step:

  1. Train all personnel on MNPI definitions, sources, and red flags.

  2. Maintain restricted and watch lists; suspend trading when appropriate.

  3. Use formal wall-crossing procedures and insider lists for due diligence.

  4. Segregate deal data in need-to-know folders; audit access.

  5. Escalate suspected breaches to Compliance; document remedial actions.

4) Research Independence & Transparency

Principle: analysis must be objective, reproducible, and properly disclosed.
How we do it, step by step:

  1. Publish methodology and key assumptions; cite sources.

  2. Disclose SRCH holdings/relationships relevant to the subject where required.

  3. Separate research views from marketing content; label opinions vs. facts.

  4. Pre-publish compliance review for sensitive pieces.

  5. Archive versions and backup data for reproducibility.

5) Information Barriers (“Chinese Walls”)

Principle: protect confidential and deal-sensitive information.
How we do it, step by step:

  1. Segment networks, drives, and collaboration tools by function and deal.

  2. Enforce least-privilege access with MFA and periodic access reviews.

  3. Tag confidential files; restrict forwarding/sharing and external drives.

  4. Use clean rooms and data rooms for diligence; log downloads.

  5. Perform quarterly audits; remediate exceptions.

6) AML/KYC & Sanctions Screening

Principle: prevent misuse of our platform for illicit finance.
How we do it, step by step:

  1. Collect identity, beneficial ownership, and source-of-funds documentation.

  2. Verify documents and screen against applicable sanctions/PEP/adverse-media lists.

  3. Risk-rate each relationship; obtain senior approval for higher-risk cases.

  4. Monitor transactions and update KYC periodically or on trigger events.

  5. Escalate and report suspicious activity consistent with local law.

7) Privacy & Data Protection

Principle: collect only what we need, protect it, and honor rights requests.
How we do it, step by step:

  1. Data minimization: define purpose, limit fields, set retention.

  2. Encrypt data in transit and at rest; apply role-based access.

  3. Sign Data Processing Agreements with vendors; assess cross-border transfers.

  4. Maintain procedures for data subject requests (access, deletion, correction).

  5. Conduct privacy impact assessments for new tools and datasets.

8) Cybersecurity

Principle: defense-in-depth to safeguard systems and research.
How we do it, step by step:

  1. MFA everywhere; endpoint protection and device encryption.

  2. Patch management SLAs; vulnerability scans and penetration tests.

  3. Network segmentation; continuous logging and anomaly detection.

  4. Off-site encrypted backups; defined RTO/RPO for critical systems.

  5. Incident Response Plan (IRP): detect → contain → eradicate → recover → post-mortem.

9) Investment Due Diligence & Investment Committee

Principle: rigorous, documented, repeatable decision-making.
How we do it, step by step:

  1. Build an IC memo covering market, moat, unit economics, legal/regulatory, ESG, and risks.

  2. Obtain third-party QoE/financial diligence as appropriate; validate data pipelines.

  3. Independently test valuation sensitivities and downside cases.

  4. Record IC debate and vote; capture conditions precedent and monitoring KPIs.

  5. Set a 100-day plan and reporting cadence for portfolio oversight.

10) Valuation & Fair Value

Principle: fair, supportable, and consistently applied methodologies.
How we do it, step by step:

  1. Select approach(es): market (comps), income (DCF), or cost—justify selection.

  2. Normalize EBITDA/cash flows; document key assumptions (WACC, growth, multiples).

  3. Cross-check across methods; analyze calibration to prior transactions.

  4. Use independent reviews or third-party specialists where appropriate.

  5. Reassess at defined intervals and upon impairment triggers.

11) Fees, Expenses & Side Letters

Principle: transparent, accurate, and fairly allocated.
How we do it, step by step:

  1. Disclose fee mechanics and chargeable expenses up-front and in offering docs.

  2. Allocate shared costs via documented methodology; no retroactive changes without consent.

  3. Pre-approve any unusual charges; capture in the ledger with descriptions.

  4. Track side-letter obligations and ensure equal-treatment clauses are respected.

  5. Include fees/expenses in investor reporting with variances explained.

12) Marketing, Performance, and Communications

Principle: fair, balanced, and not misleading. No promises of future returns.
How we do it, step by step:

  1. Substantiate all claims; avoid cherry-picking and hypothetical performance unless permitted and clearly labeled.

  2. Include relevant risks and limitations; keep tone factual.

  3. Pre-clear materials with Compliance; maintain version control.

  4. Use approved disclaimers; include conflict disclosures where relevant.

  5. Archive all external communications in accordance with recordkeeping rules.

13) Gifts, Entertainment & Political Activity

Principle: prevent undue influence and comply with applicable “pay-to-play” and ethics rules.
How we do it, step by step:

  1. Pre-clear gifts/entertainment above de-minimis thresholds; record everything.

  2. Prohibit cash or equivalents; refuse anything that creates an obligation.

  3. Pre-clear political contributions where applicable; maintain logs.

  4. Train annually on local restrictions and firm limits.

  5. Review reports quarterly; remediate as needed.

14) Third-Party & Vendor Risk Management

Principle: trust but verify.
How we do it, step by step:

  1. Perform due diligence (security, financial, compliance, sanctions).

  2. Use contracts with confidentiality, data-protection, and performance clauses.

  3. Request SOC/ISO attestations where appropriate; map sub-processors.

  4. Monitor SLAs and incidents; maintain exit/transition plans.

  5. Re-assess vendors annually or upon material change.

15) Recordkeeping & Retention

Principle: keep the right records, for the right time, in the right place.
How we do it, step by step:

  1. Classify records (investment, research, communications, governance).

  2. Apply retention schedules; use immutable storage where required.

  3. Ensure searchability and prompt retrieval for audits/exams.

  4. Secure destruction after retention expires.

  5. Audit samples periodically; fix gaps.

16) Business Continuity & Disaster Recovery

Principle: resilience for investors, employees, and counterparties.
How we do it, step by step:

  1. Identify critical processes/systems and set RTO/RPO targets.

  2. Maintain alternate work locations and secure remote access.

  3. Test backups and failovers; conduct tabletop exercises annually.

  4. Crisis communications plan for stakeholders and regulators.

  5. Post-incident review with corrective actions.

17) ESG & Responsible Investment

Principle: consider financially material ESG factors where relevant to risk-adjusted returns.
How we do it, step by step:

  1. Apply an ESG materiality screen during diligence; avoid box-ticking.

  2. Include ESG risks/opportunities and KPIs in IC memos and 100-day plans.

  3. Engage portfolio management on practical improvements (safety, compliance, efficiency).

  4. Monitor and report progress where agreed with investors.

  5. Update positions as regulations and stakeholder expectations evolve.

18) Complaints & Inquiries

Principle: respectful, timely resolution.
How we do it, step by step:

  1. Log every complaint/inquiry with date, parties, and summary.

  2. Acknowledge receipt promptly with a target timeline.

  3. Investigate facts; obtain documents/interviews as needed.

  4. Provide a written response and remedy where appropriate.

  5. Track themes and implement preventive measures.

19) Training, Testing & Culture

Principle: compliance is a daily habit, not a checklist.
How we do it, step by step:

  1. Onboarding training plus annual refreshers (ethics, MNPI, AML, cyber, privacy).

  2. Quarterly micro-trainings tied to real scenarios.

  3. Phishing simulations and incident tabletop drills.

  4. Annual attestations to key policies.

  5. Anonymous pulse surveys; leadership sets the tone from the top.

20) Whistleblowing & Non-Retaliation

Principle: speak up safely.
How we do it, step by step:

  1. Maintain anonymous reporting channels (hotline/email/portal).

  2. Prohibit retaliation; violations are cause for discipline.

  3. Triage by Compliance; escalate to independent reviewers where needed.

  4. Protect confidentiality to the extent permitted by law.

  5. Track outcomes and communicate lessons learned.

21) Governance & Oversight

Principle: clear ownership and accountability.
How we do it, step by step:

  1. Designate a Chief Compliance Officer (CCO) with authority and resources.

  2. Quarterly reports from Compliance to senior leadership/board or equivalent body.

  3. Annual independent review of the compliance program’s design and effectiveness.

  4. Document remedial plans and deadlines; track to closure.

  5. Update policies for regulatory changes and exam feedback.

Disclosures

  • Silver Rock Capital Holdings "SRCH" operates subject to the laws and regulations of the jurisdictions in which it conducts business. Registrations, licenses, and affiliations, if and where applicable, are disclosed to investors/clients and regulators.

  • Nothing on this page constitutes investment, legal, tax, or accounting advice, or a solicitation to buy or sell any security. Past performance is not indicative of future results.

Contact

Compliance & Ethics: raizer@silverrockcapitalholdings.com
Mailing Address: 16901 Collins Avenue, Unit 2001, Sunny Isles 33160

Version Control

Effective date: September 22, 2025
Last review: September 22, 2025
Next scheduled review: March 22, 2026

Get in touch

Ready for the next step?

Contact us

Get in touch

Ready for the next step?

Contact us

Get in touch

Ready for the next step?

Contact us

Institutional

Home

The Firm

Solutions

About

Autimations & Data

Compliance

Careers & Partnerships

Insights

Blog

Theses & Cases


Contact

Contact us

Location

Press

Legal

Privacy Policy

Terms of Use

Cookies

Social Media

Instagram:
@silverrockcapitalholdings

X:
@SilverRockCap


Institutional

Home

The Firm

Solutions

About

Autimations & Data

Compliance

Careers & Partnerships

Insights

Blog

Theses & Cases


Contact

Contact us

Location

Press

Legal

Privacy Policy

Terms of Use

Cookies

Social Media

Instagram:
@silverrockcapitalholdings

X:
@SilverRockCap


Institutional

Home

The Firm

Solutions

About

Autimations & Data

Compliance

Careers & Partnerships

Insights

Blog

Theses & Cases


Contact

Contact us

Location

Press

Legal

Privacy Policy

Terms of Use

Cookies

Social Media

Instagram:
@silverrockcapitalholdings

X:
@SilverRockCap