More On Legal & Compliancefrom The Advisor's Professional Library
- RIAs and Customer Identification Just as RIAs owe a duty to diligently protect their clients privacy and guard against theft, firms also play a vital role in customer identification. Although RIAs are not subject to an anti-money laundering rule, securities regulators expect advisors to address these issues in their policies and procedures.
- How to Avoid Sabotaging Your Compliance Exam There is much more to compliance examination survival than knowing all of the rules. It helps to understand why the rules were put in placeand to recognize that examiners are not the enemy.
Tom Giachetti is no stranger to Investment Advisor readers, nor to many advisors who have heard this securities lawyer extraordinaire speak at all manner of national conferences. A shareholder of the 110-attorney Princeton-based law firm of Stark & Stark, where he chairs the securities group, Giachetti is a plain speaker whose expertise comes from knowing not merely what the SEC or FINRA requires an advisor or broker/dealer to do to stay compliant--he's just as valuable in telling those clients, readers, or listeners what they don't need to do to stay compliant. For example, with a twinkle in his eye, at a live Giachetti session, once he determines that most of the advisors in the room are RIAs, he likes to ask how many of them have a policy to comply with the Anti-Money Laundering (AML) rules of Sarbanes Oxley. When only a few sheepishly raise their hands, Giachetti lets them know that there is no such requirement for RIAs. No blushing violet when it comes to the importance of advisory firms getting good legal advice rather than buying off-the-shelf compliance programs--"buying documents is not a program; you can't buy compliance in a box," he says, and "most of these are one-size-fits-none, just like the SEC exam," or in boasting of his firm's reach and expertise--"We represent more money managers than anyone else," and "our clients sail through examinations," he's also down to earth: "There's not a whole lot of rocket science" when it comes to compliance. His basic advice to advisors? "You have to understand your own business." That's where the AML question might come into play, as does staying current with recent SEC or FINRA actions, a task that most advisors will find extremely difficult at best.
When asked to enumerate the most common mistakes advisors make when it comes to compliance, he responds quickly. "The general issue with compliance is that we get so caught up with the noise. This stuff is not that difficult. The hardest thing for any advisor is to know what you are responsible for, and what you are not responsible for." Instead, he counsels, determine "what applies to your practice, and don't worry about the noise."
Once you understand what you are responsible for, Giachetti says you must demonstrate it to the examiners, "and if there are conflicts of interest, you disclose them."
It's a Living Thing
Since he says "compliance is a living thing," it's important that advisors not be misdirected or become complacent or think that an off-the-shelf document will be sufficient. "The documents," he says, "is where the process starts." Moreover, knowledge of how a law or regulation reads is nowhere near as necessary as knowing "how it applies to you." While networking with other advisors may be a good thing when it comes to business practices, that's not the case with compliance. "Study groups are the scariest source of compliance" misinformation, Giachetti says, followed closely by "going to an SEC CCOutreach" program sponsored by the SEC or FINRA--"you're not going to get a lot of help there, just more confusion."
It's also critical that you show some internal harmonization between how you actually conduct your business and the documents you use with clients and the regulators. "Here's the problem with disclosure and your policies and procedures manual," he says. "Your agreements say A, your policies and procedures manual says B, and your disclosures say C."
Giachetti may seem cocksure, but even when it comes to what he sees in client exams, he is quick to point out that just a few instances does not new SEC policy make. For example, in a presentation at the TD Ameritrade conference in February, Giachetti mentioned that some of his clients in the Pennsylvania-New Jersey region who were involved in advising retirement plans had heard from the Department of Labor, which was checking into those advisory firms' compliance with ERISA. Was this a sign that advisors would be facing scrutiny from yet another federal auditor? Giachetti says he doesn't have enough evidence yet of that being the case.
But what of the problems with increased scrutiny of investment advisors that could be traced to reaction to the financial crisis and the massive Madoff fraud? He laments that "regulators have made things so difficult that it takes advisors away from meeting with clients and managing assets." Moreover, "since we had Madoff, as a result we have an amended custody rule, under which the [advisor] client will have to incur additional expense to have a CPA do a surprise exam." Giachetti says that much of what the regulators are requiring now in reaction to Madoff is a "prophylactic--to confirm that the assets are where they're supposed to be."
Respect for Regulators
Giachetti also has feelings about another issue that has arisen following the exposure of the Madoff scandal--and the Commission's failure to heed the warnings about Madoff from Harry Markopolos, for instance (see page 38 for an exclusive interview with Markopolos). The issue revolves around whether the SEC has the right mix of employees at the Commission, specifically, if there are too many attorneys and not enough industry-trained people who understand the sophisticated financial products that the SEC must vet. "Many examiners are having trouble understanding what a structured note is," he says by way of example, "so sometimes it would be good to have a product specialist" to investigate those products.
While Giachetti doesn't shy away from criticizing auditors and their bosses, he also says "I have a lot of respect for regulators," as anyone who has ever seen him respectfully match wits with an SEC official like John Walsh can attest, but he says "they're stymied, too, by the minutiae." One good development that Giachetti notices the SEC beginning lately: limited-scope examinations. "They're doing sweeps in Chicago right now, asking only eight to 10 questions," especially for those RIA firms "that haven't been audited in a while."
For advisors, Giachetti says that getting through their next SEC exam "will be critical" because what those examiners find "will be the baseline on which future" treatment of the RIA firm will be based.
And for all advisory firms, Giachetti has one more suggestion when it comes to confidentiality and business continuity plans, in which he says "I'm a big, big believer." He recommends that each firm conduct an annual meeting with all employees to discuss how to proceed "in the event of a partner dying, or the office being closed" for days due to extreme weather. As for keeping client data confidential, he recommends not only that a firm's employees sign confidentiality agreements, but also any outside vendors who have access to data, or anyone "who walks into your office every night."
In the months ahead, look for further detail on how to assess your risks from regulators and clients, and how to protect yourself and your firm. Giachetti promises to keep it simple.
Beginning next month, securities law attorney nonpareil Tom Giachetti shares his prescriptions for compliance health monthly in a new column, The Compliance Coach. Stay tuned to stay compliant.
Group Editor-in-Chief Jamie Green can be reached at firstname.lastname@example.org.