From the December 2012 issue of Investment Advisor • Subscribe!

The Dangers of Complacency on Compliance

It's critical that an advisory firm’s CCO keep abreast of all regulatory and examination changes, but even more critical for senior management to support the compliance process.

More On Legal & Compliance

from The Advisor's Professional Library
  • Where Are We Headed? The ultimate compliance goal is to help ensure that everyone associated with an advisory firm acts ethically at all times.  Advisors and RIAs should do the right thing, even when regulators are not looking over their shoulders.
  • Conducting Due Diligence of Sub-Advisors and Third-Party Advisors Engaging in due-diligence of sub-advisors isn’t just a recommended best practice— it is part of the fiduciary obligation to a client. An RIA should be extremely reluctant to enter a relationship with a sub-advisor who claims the firm’s strategy is proprietary.

Complacency and compliance are a dangerous combination. What worked last year may not work this year. Compliance is an ever-evolving process. It is critical that an advisory firm’s chief compliance officer keep abreast of all regulatory and examination changes.

Even more critical is for the firm’s senior management to support the compliance process. They can do this in several ways. First, by example: Compliance starts at the top, not the bottom. Senior management should also provide the necessary resources to enable the CCO to effectively discharge his or her duties. If the CCO doesn’t ask, then management must inquire. Ultimately, it is ownership and senior management that will suffer the consequences of a deficient compliance process. Don’t wait until the firm receives notice that the regulators are coming to ascertain the status of the firm’s compliance processes and exam readiness. Be proactive.

Senior management should meet with the CCO on a regular basis to address compliance efforts. Moreover, the CCO should be involved in the firm management process. If advisors are leery of including the CCO, then they likely have appointed the wrong person.

There are several ways management can include the CCO in the management process. One way is to schedule a regular quarterly meeting between senior management and the CCO. Management could also have the CCO attend management meetings (of course, he or she can be excused for certain issues such as compensation, etc.). Finally, to the extent maintained by the firm, have the CCO attend standing committee meetings on investment, marketing or technology. Of course, if the CCO is already a member of senior management, then access issues are mitigated.

No other exercise can assist a firm in determining its true exam readiness than a mock exam. Note that a mock exam is not simply an intensive document review followed by a written report, but a hands-on review of how to respond to each exam issue. To do otherwise can not only prove to be both an imprudent and costly use of firm resources, but can potentially backfire because unless conducted by an attorney, the report is subject to turnover to the SEC or to plaintiffs’ lawyers.

If your compliance processes are not exam-ready, then you’re doing something wrong. Before regulators come knocking or plaintiffs’ lawyers come suing, would an advisor voluntarily engage in all of his or her current compliance efforts? Understand what the regulators and plaintiff’s lawyers will be looking for, and be ready to defend your business.

Reprints Discuss this story
This is where the comments go.