Has your firm updated its policies and procedures to reflect substantive regulatory changes resulting from Dodd-Frank and other issues now addressed during regulatory examinations, including branch office procedures, separate account manager due diligence, outside business activities, pay-to-play, whistleblower and custody issues? The SEC is becoming adversarial relative to advisors who fail to update their written policies on an ongoing basis (at least annually). From the commission’s perspective, failure to do so is evidence of the lack of strong compliance culture within the firm. Policies for the year 2010 are no longer current, and perhaps, depending upon your operations, neither are 2011 policies. Policies prior to 2010 are most likely woefully outdated.
During recent exams, the SEC has also been asking for certain supplemental operational procedures pertaining to various issues, which can include, among others: branch office reviews; account opening procedures; processes for devising, monitoring and revising investment models or strategies used by the firm to manage client assets, and corresponding results of any ongoing model dispersion analyses; separate account and private fund due diligence procedures; and, if not GIPS verified, how the firm calculates any composite performance presentations. Still other issues can be addressed with a customized compliance calendar, which I generally prepare when conducting on-site mock exams. However, since counsel (or your compliance consultant) is generally not involved with the firm’s day-to-day operations, it is incumbent on the firm to prepare such applicable supplemental procedures for review by counsel.
For example, a new question on the exam asks about the firm’s procedures to monitor branch office activity. It is prudent to have a branch office review form that addresses various issues, including, to the extent applicable, the following:
- Review personal securities transactions
- Review emails
- Review gifts given/received
- Review marketing and entertainment activities and events attended
- Review political contributions
- Review outside business activities
- Review a sample of client files to confirm that services are being performed consistent with engagement requirements, restrictions and investment policy statements (if applicable)
- Review business continuity plan to address parameters as to how to continue to conduct business in the event that the branch office is not accessible
- Confirm that all employees or reps have executed an initial and annual acknowledgment of the firm’s policies and procedures
- Review issues regarding confidentiality, client privacy and safeguarding of confidential information issues
- Such other items or issues as determined by the firm
The firm may determine the frequency and method of review (on-site, telephonic, electronic or a combination thereof) based upon the branch operations and rep activities. Factors to be considered are:
- Is the branch a meeting office only, or are investment-related operations conducted at such office?
- Is a firm principal situated at the branch office?
- Does the firm conduct ongoing or annual compliance meetings for all personnel, including branch personnel? Do branch personnel attend in-person, telephonically or electronically?
- Can the CCO monitor branch and rep activity electronically on an ongoing basis, including incoming and outgoing emails?
- Is there a history of branch compliance-related deficiencies or client complaints?
- Are all client and firm-related records centrally maintained at the firm’s principal offices?
- Are all branch marketing and advertising activities subject to prior CCO review and approval?
Please remember that compliance is an ongoing process. What worked in the past may no longer be sufficient this year or in the years to come.