Search By Practice Area
No financial advisor wants to land in hot water with the SEC or state regulators. Advisors can get clues about regulators’ top concerns by looking at the SEC’s examination priorities for the coming year, which are published in January of each year by the SEC’s Office of Compliance Inspections and Examination (OCIE). As in past years, the 2018 examination priorities identified areas where there is increased risk of potential harm to investors, in particular, to seniors and retirement savers. Since January, OCIE has been targeting these risk areas during its examinations of SEC-registered investment advisors.
This article provides an overview of the potential regulatory implications of OCIE’s examination priorities on an RIA firm. Depending on the amount of its regulatory assets under management, an RIA firm is regulated either by the SEC, or in general, any state where the firm has six or more clients. While this article refers to the findings of the SEC in relation to SEC-registered firms, the findings are in most cases applicable to state-registered firms as well. State-registered RIA firms should invest the time to know their state’s regulations, which may impose additional requirements on the firm.
Insufficient policies and procedures
Following its analysis of OCIE’s examination results of RIA firms during the period 2015 to 2017, the SEC determined that its most frequently cited violations of federal securities laws and regulations were for insufficient compliance policies and procedures, incomplete/untimely regulatory filings, misinterpretation of the custody rule, insufficient Code of Ethics, and books and records errors. Such compliance failures are often attributable to inadequate policies and procedures.
For example, the SEC found the following shortcomings in firms’ policies and procedures:
- Firms purchasing “off-the-shelf” template policies and procedures, and not taking the time to tailor them to reflect the firm’s actual investment strategies (or failing to update changes to the firm’s investment strategies), types of clients, fees, and other aspects of the firm’s business
- Firms not complying with the SEC requirement to conduct an annual review of the firm’s policies and procedures, or conducting an annual review but not assessing the adequacy and effectiveness of the policies and procedures, or not correcting problems identified during the annual review
- Firms having policies and procedures that, while accurately reflecting the firm’s business, are not followed by the advisors who work for the firm, most often with respect to the policies and procedures that pertain to a firm’s marketing, its expenses, and its employees’ conduct
With respect to the custody rule, it is easy to understand how firms are confused in completing Form ADV, especially if they’re exposed to information about both SEC and state registration. Withdrawal of advisory fees from a client’s account is treated differently by the SEC than by state regulators. For example, the SEC has provided guidance that an SEC-registered firm that withdraws its advisory fee from a client’s account, and does not otherwise have custody of a client’s assets, may respond “no” to the question on Form ADV asking whether the firm has custody of its clients’ assets. A state-registered RIA firm, on the other hand, must respond “yes” to this same question. At least, a “yes” response by these state-registered RIA firms does not require the firm to undergo the surprise exam conducted by an independent public accounting firm in instances where the firm actually maintains custody of its clients’ assets.
Code of Ethics, books and records
As for Code of Ethics, common mistakes include a firm not identifying as an “access person” an employee, partner, or director who has access to client accounts, and failing to include the Code of Ethics in Part 2A of Form ADV, or not stating in the ADV that the Code of Ethics is available upon request.
Common errors in books and records are attributable to insufficient, inaccurate, and/or inconsistent information, such as the omission of one or more of the firm’s advisory agreements, outdated fee schedules and client lists, or contradictory information relating to a firm’s business model as described on the firm’s website, in its advertisements, and in its disclosures.
In addition to the common compliance failures mentioned above, the SEC announced that it will continue to pay attention in 2018 to the following areas:
- Risks to retail investors. Here, the SEC is paying close attention to the increasingly popular electronic investment advice platforms, i.e., robo-advice, offered by many firms.Risks to retirement accounts of public employees and the conflicts of interest sometimes associated with these accounts, such as pay-to-play, undisclosed gifts, and entertainment practices. Related to this is the SEC’s focus on senior investors, who historically have been particularly susceptible to manipulation and fraud. To prevent such abuses, the SEC has been examining services that are directed at seniors and assessing whether the firm has implemented processes to prevent the financial exploitation of seniors.
- Market-wide risks. The SEC has a mandate to not only protect investors but to protect the fair, orderly, and efficient operation of the markets. Here, the SEC is interested in reviewing a firm’s policies and procedures that are intended to prevent a cyber-attack and, if the firm were to become the victim of a cyber-attack, how the firm would respond.
- Share class recommendation. The SEC has stated publicly that an advisory firm fails to uphold its fiduciary duty when it causes a client to purchase a more expensive share class of a fund when a less expensive share class is available. Here, the SEC has been focusing on policies and procedures regarding the mutual fund share class selection process, the due diligence conducted by the advisor before recommending a share class, and the firm’s compliance oversight of share class recommendations.
Firms should take advantage of the SEC’s stated examination priorities to conduct an ongoing review of their compliance programs to identify deficiencies and gaps, then revise its policies and procedures to address the deficiencies and gaps before the firm undergoes a regulatory examination. Firms would also benefit from taking any client complaint seriously and doing everything within reason to prevent a client who files a complaint with the firm from escalating that complaint to the SEC or a state securities regulator.
For additional information about how SEC or state regulations may impact your firm’s operations, contact Michael P. Shaw. He advises RIAs and broker-dealers on legal, compliance and enforcement matters.see all Business and Corporate Law articles »
The Maryland legislature may soon be considering legislation that would require Maryland-licensed…read more »
In a bid to provide a reliable source of funding for an affordable housing trust, Baltimore City Council…read more »
Cybersecurity is an issue that every company, of every size, must address as part of standard risk…read more »
Several changes in Maryland condominium and HOA laws will affect the operation of condo and homeowners…read more »
Maryland has implemented new standards for public adjusters that will be applied and enforced by…read more »