More On Legal & Compliancefrom The Advisor's Professional Library
- Regulatory Oversight of Investment Advisors Although the regulatory environment is in a state of flux, it is imperative that RIAs adhere to their compliance obligations. To ensure compliance, RIAs and IARs must fully understand what those obligations are.
- Privacy Policies and Rules Whether an RIA is SEC or state-registered, the firm must have policies and procedures in effect to protect clients privacy. Policies and procedures should explicitly require an RIA to send out its privacy notice each year.
Complacency and compliance are a dangerous combination. What worked last year may not work this year. Compliance is an ever-evolving process. It is critical that an advisory firm’s chief compliance officer keep abreast of all regulatory and examination changes.
Even more critical is for the firm’s senior management to support the compliance process. They can do this in several ways. First, by example: Compliance starts at the top, not the bottom. Senior management should also provide the necessary resources to enable the CCO to effectively discharge his or her duties. If the CCO doesn’t ask, then management must inquire. Ultimately, it is ownership and senior management that will suffer the consequences of a deficient compliance process. Don’t wait until the firm receives notice that the regulators are coming to ascertain the status of the firm’s compliance processes and exam readiness. Be proactive.
Senior management should meet with the CCO on a regular basis to address compliance efforts. Moreover, the CCO should be involved in the firm management process. If advisors are leery of including the CCO, then they likely have appointed the wrong person.
There are several ways management can include the CCO in the management process. One way is to schedule a regular quarterly meeting between senior management and the CCO. Management could also have the CCO attend management meetings (of course, he or she can be excused for certain issues such as compensation, etc.). Finally, to the extent maintained by the firm, have the CCO attend standing committee meetings on investment, marketing or technology. Of course, if the CCO is already a member of senior management, then access issues are mitigated.
No other exercise can assist a firm in determining its true exam readiness than a mock exam. Note that a mock exam is not simply an intensive document review followed by a written report, but a hands-on review of how to respond to each exam issue. To do otherwise can not only prove to be both an imprudent and costly use of firm resources, but can potentially backfire because unless conducted by an attorney, the report is subject to turnover to the SEC or to plaintiffs’ lawyers.
If your compliance processes are not exam-ready, then you’re doing something wrong. Before regulators come knocking or plaintiffs’ lawyers come suing, would an advisor voluntarily engage in all of his or her current compliance efforts? Understand what the regulators and plaintiff’s lawyers will be looking for, and be ready to defend your business.