In this, my initial column, I will begin to address compliance and practice protection-related issues important to both SEC and state registered investment advisors. My intent is to inform RIAs on current and ever-changing regulatory requirements, prepare them for regulatory examinations, and to help them avoid adverse regulatory/client/employee events.
Investment Advisers Act Rule 206(4)-7 requires SEC RIAs to implement and maintain appropriate policies and procedures. Some states have correspondingly adopted the same requirement. Rule 206(4)-7 remains a central focus of SEC exams, which continue to grow more complex. A ripe area for SEC deficiencies is failure to have policies and procedures that appropriately reflect your business operations or failure to follow them.
This is particularly important because the SEC has replaced its five-year examination cycle with a risk-based program (to be the subject of my next column). As a result, SEC examiners are focusing on advisors and issues that represent the greatest potential threat to investors.
The one area that had caused the most confusion for advisors is electronic recording keeping and e-mail retention.
An advisor can generally determine to retain electronically those records that he creates electronically. However, if an RIA chooses to do so, it should have policies and procedures pertaining to electronic record retention. The procedures should provide for maintaining, preserving, and accessing the records to ensure that the records are accurate, complete, and safe from loss, destruction, or tampering. Compling with Advisers Act Rule 204-2(g) requires that records stored in an electronic format be maintained on some micrographic medium (such as microfilm or microfiche) or other electronic storage medium (e.g., tape backup, DVD, or compact disc). Advisors should use a medium that does not allow the information to be altered or edited in any capacity.
In addition, the information contained in that medium must be organized in a manner that permits easy location, access, and retrieval. RIAs must be capable of producing legible copies of any particular record in response to regulatory requests in a short period of time. A firm may be required to produce the means by which records are accessed in their electronic, digital, or film format. For example, RIAs with microfilm versions of their records must have the facilities to access the microfilm and produce legible reproductions of firm records. As such, it may be beneficial for the advisory firm to retain the recordkeeping infrastructure on site. Records retained electronically must also be retained in duplicate form and stored in a separate location from the original.
Understandably, few advisors want to file and retain any more hard copy documents than those required under the Act. However, consider retaining original executed hard copies of substantive documents and correspondence, including advisory agreements, investment policy statements, and any correspondence to a client confirming that the client has determined to take (or not to take) substantive actions independent of, or contrary to, the advisor's advice. Nothing will serve an advisor better, especially in a court or arbitration proceeding, than the "original" executed document.
What About E-mails?
Electronic correspondence (e.g., e-mail, instant messaging, etc.) must be maintained by SEC registered investment advisors pursuant to recordkeeping Rule 204-2, and by state registered advisors pursuant to similar state recordkeeping requirements. An advisor should be prepared to produce electronic correspondence during a regulatory examination. During an exam, it is SEC practice to initially request electronic correspondence of certain advisory firm members for a limited period of time (generally three months to one year), and then to subsequently enlarge the review period based on its findings. The substantive nature of the electronic correspondence will include both client correspondence and internal firm correspondence relative to the firm's advisory clients and operations. Consequently, investment advisors should develop a written policy with respect to electronic mail retention and deletion.
Unless the advisor has previously implemented a written policy on the retention and deletion of electronic correspondence before the commencement of the regulatory examination, and follows that policy on a regular and ongoing basis, the SEC will object to the filtering (i.e., the omission or deletion of certain records) of electronic correspondence at the time of examination, even though the retention of which does not fall under Rule 204-2 recordkeeping requirements.
So is a retention/deletion policy sufficient? How do you defend your procedure in the event that the SEC asks how you can be sure that your employees are not deleting e-mails that are required to be maintained? There are two potential solutions. First, if you do not have the ability or desire to save all e-mails to a central server, make sure that you define for your employees, as specifically as possible, those items that can be deleted (e.g., unsolicited electronic correspondence like spam and personal e-mails), and inform them that all other e-mails must be retained. Alternatively, save all e-mails to a server. By so doing, the firm will be in a much better position to timely produce e-mails during an inspection and to ensure that substantive e-mails are not being deleted. In either case, as part of the policy, the chief compliance officer should, on a regular basis (no less frequent than quarterly): (1) review a random sample of e-mails; and (2) type certain key words into the system (e.g., fraud, losses, misappropriation, etc.) to discern whether the firm or any of its employees has been party to any client complaints or threats of an adversarial proceeding.
Again, exercise discretion when sending and responding to client e-mails. E-mails should be given the same degree of attention and diligence as if you were sending a hard copy responsive letter to a client. Investment advisors have become much too cavalier about the use of e-mails, especially with the advent of Treos and Blackberrys, and the perceived need for immediate responses. Rarely can or should substantive client issues posed in an e-mail be answered with a one word "Yes" or "No" response. Rather, depending upon the scope of the issues presented, the better course of action is to respond to the client by acknowledging receipt of the e-mail and indicating you will either: (1) respond over the next few days; or, (2) call him to either discuss the issue or to schedule a meeting. Clients retain responsive e-mails. All too often when defending advisors in client litigation or arbitration proceedings, a client will produce responsive e-mails that he believes support his position, but which at the time the advisor did not appreciate the potential gravity therof.
In addition, exercise the same degree of attention and diligence when sending internal e-mails pertaining to firm operations, client matters, or personnel matters. With the advent of e-mail we have forgotten about the "old fashioned" method of sitting down and conversing with each other about firm-related issues. If, like many advisory firms, your firm is automatically saving all e-mails to a central server, when you address sensitive issues in an e-mail you have created a historical record that may be required to be produced during a regulatory examination or during client or employee litigation or arbitration.
Discretion, Discretion, Discretion
How long should you retain documents? Except with respect to performance-related advertising, both SEC and state registered investment advisors are generally required to maintain books and records for a period of not less than five years from the end of the advisor's fiscal year during which the last entry was made. Books and records must be retained at he advisor's office during the first two years, and then may be maintained off-site for the subsequent three year period, provided that they are maintained in an easily accessible location for production if requested by the SEC or a state regulatory authority.
Finally, I can't say it often enough: exercise discretion. Consider retaining original executed hard copies of substantive documents and correspondence, including advisory agreements, investment policy statements, and any correspondence to a client confirming that the client has determined to take or not to take substantive actions independent of, or contrary to, your advice. Nothing, especially in a court or arbitration proceeding serves, will serve an advisor better than the "original" executed document. Moreover, although an advisor is only required to maintain documents for five years pursuant to regulatory requirements, it has and continues to be my strong recommendation that an advisor retain the original executed hard copies of these substantive documents for the duration of the client relationship, and for a period of six years thereafter (i.e., the "maximum" statute of limitations provided by the vast majority of states to initiate an adversarial proceeding).
In summary, exercise discretion and diligence regarding your electronic record retention and communication procedures. When in doubt, retain the hard copy original or make a phone call.
Thomas D. Giachetti is chairman of the Securities Practice Group of Stark & Stark, a 100-attorney firm with offices in Princeton, New York, and Philadelphia that represents investment advisors, financial planners, broker/dealers, CPA firms, registered reps, and public and private investment companies throughout the U.S. He can be reached at email@example.com.