More On Legal & Compliancefrom The Advisor's Professional Library
- Whistleblowers A whistleblower is any individual providing the SEC with original information related to a possible violation of federal securities law. The Dodd-Frank Act established a whistleblower program that enables the SEC to reward individuals who voluntarily provide such information.
- Privacy Policies and Rules Whether an RIA is SEC or state-registered, the firm must have policies and procedures in effect to protect clients privacy. Policies and procedures should explicitly require an RIA to send out its privacy notice each year.
While the chief compliance officer (CCO) should of necessity be the main player in the compliance review process, whenever possible I strongly recommend that at least one other firm officer be substantively involved in the review. It is imperative for senior management (an individual other than the CCO) to have a working understanding of the compliance processes and exam-related issues in the event of the CCO's absence or resignation or termination. The SEC is not likely to postpone an exam in the event of a CCO's extended absence or resignation/termination. Ultimately, senior management is responsible, and must be sufficiently prepared to step in if necessary. For these reasons, I strongly encourage senior management's participation in the compliance review process.