The Investment Advisers Act of 1940 requires advisers to have written policies and procedures to prevent the misuse of material nonpublic information (MNPI) by the adviser and its associated persons. A recent SEC settlement order clarifies that an investment adviser must ensure that its policies and procedures extend to reach third-party consultants. Unbeknownst to the investment adviser in this case and its compliance department, an outside consultant that provided investment research and recommendations on biotech companies to the adviser’s portfolio managers also served as a director of some of those very companies. This article summarizes the facts that led up to the SEC’s allegations, alleged violations by the investment adviser and the settlement. For discussion of an SEC enforcement action involving the misuse of MNPI by an investment consultant, see “SEC Action Demonstrates the Potential Risks of Insider Trading by Investment Consultants Hired by Private Fund Managers” (Mar. 29, 2012). For other SEC actions involving failure to adopt appropriate policies and procedures, see “Steps All Investment Advisers – and Their Compliance Officers – Should Take in Light of the SEC’s Risk Alert on Outsourced CCOs (Part Two of Two)” (Mar. 10, 2016).