More On Legal & Compliancefrom The Advisor's Professional Library
- Risk-Based Oversight of Investment Advisors Even if the SEC had a larger budget and more resources, it is doubtful that the Commission would have the resources to regularly examine all RIAs. Therefore, the SEC is likely to continue relying on risk-based oversight to fulfill its mission of protecting investors.
- How to Avoid Sabotaging Your Compliance Exam There is much more to compliance examination survival than knowing all of the rules. It helps to understand why the rules were put in placeand to recognize that examiners are not the enemy.
Tom Giachetti doesn’t mince words. After Nexus Consulting's Tim Welsh introduced the “celebrity compliance attorney" at the first of a three-city Laserfiche and Junxure Compliance Workshop road show, Giachetti spoke bluntly, broadly and specifically. His topic? How advisors can protect themselves now from regulators, including the issues on which the SEC and state regulators are focusing their compliance exam efforts.
If you're wondering whether Giachetti (left), a frequent speaker at industry conferences (disclosure: Giachetti is a longtime Compliance Coach columnist for Investment Advisor magazine), had anything new to offer, consider what Greg Friedman, president of both wealth management firm Private Ocean and advisor CRM firm Junxure, said in his followup presentation on Wednesday. "I just took two pages of notes" on what he heard from Giachetti, who happens to be Friedman's compliance attorney.
First, the big picture. Giachetti said that over the past three years, the compliance world “has changed for advisors.” Specifically, “post-Madoff,” the SEC is focusing on two broad issues when it conducts audits of advisors: the underlying integrity of client assets, and the underlying integrity of clients information. “Are the assets where they should be?” he asked, and said that advisors need to think about and document their processes, “especially if you use third-party managers.”
One reason why the examiners want to know where client assets are: there have been increased instances of wire fraud, Giachetti says, where a fraudster has stolen client funds using purloined email credentials from clients’ advisory accounts. (For more on this troubling trend and how you can protect your firm and your clients, see Dan Skiles’s Technology Coach column in December’s Investment Advisor.)
Second, the present compliance danger. “We’re looking at a dangerous next 20-30 days; clients will be looking to get out” of many investments and the markets in general and move to all cash as the fiscal cliff nears. Advisors should ensure that they have up-to-date, signed confirmations from clients that they want to move to cash instead of staying the course on their financial and investment plans, since “clients love you until they don’t” and may well drag advisors into arbitration or court sometimes years down the road. Nutshelling the issue, Giachetti said “money management is easy; client management is difficult.”
In his presentation, Greg Friedman (further disclosure: Greg Friedman is a regular blogger for AdvisorOne) concurred that "it's not the SEC I'm afraid of, it's ticked-off clients."
Third, Giachetti on the newly aggressive state regulators. “States are becoming adversarial; they are not your friends.” The states are being “very punitive now” in their exams of advisors, Giachetti says, particularly in areas like notice filings and IAR registration filings, “because they need the money.” States are particularly focused on firms timely filing those investment advisor representative filings: “IARs must be registered in the state.” Moreover, he said the SEC has four current enforcement actions under way for SEC-registered RIA firms that “puffed up their assets” (including one against a New York-based firm with whom the SEC recently settled for its “aspirational AUM”).
Why that focus? “The SEC wants to push advisors to the states, which are bankrupt,” he argued. The states may be more aggressive, but he suggested they may not be more skilled than SEC examiners: “The states make the SEC look like Mensa members.”
Fourth, about your reported AUM and the SEC. “Assets under management is a defined term on Form ADV,” he counseled, “don’t mess around with it.” In particular, he urged advisors never to use the term “assets under advisement,” since the total might sound impressive to yourself and potential clients, but the SEC will want to know why you’re using such an ill-defined term.
Fifth, be specific on what you are offering your clients in the investing area. “Don’t use terms like ‘moderate’ or ‘aggressive’ in your investment policy statements” since he said doing so “could well come back to bite you in the ass.” Giachetti argues “you don’t need a canned questionnaire” to asses a client’s risk tolerance. Instead, clearly define the client’s long-term and short-term goals, include a percentage of losses that the client can afford to lose, and have them sign that agreement.
Sixth, Dodd-Frank's new requirements. Returning to his dictum that the “world has changed,” he listed several new requirements for advisors mandated by the Dodd Frank Act: “You need a whistleblower policy, a pay-to-play policy and to be compliant with the revised custody rules.” In addition, he warned about the dangers of inflating the services that you offer clients. “The scariest word on God’s green earth,” he said, is when he sees an advisory firm calling itself a “comprehensive planning firm.”
Seventh, don't make these mistakes. Giachetti listed several steps that some firms take that might sound wise but are in fact very unwise. For instance, “don’t keep minutes of client meetings—they’re discoverable.” Moreover, the SEC has changed its exam question referring to client meeting minutes. Now, the question asks an advisor to offer to the examiner “minutes to the extent that they are maintained,” so now they’re not required. Another move to avoid: having a low deductible on your E&O policy, and failing to understand what your policy covers. To redress that, “read your policy and make sure it covers what you do in your practice,” then “raise your deductible and increase your coverage.” Covering a low deductible of $25,000 or $50,000 “won’t put you out of business” but having a low amount of coverage—“low” being below $5 million—could easily do so.
Eighth, the DOL and FINRA for advisors. Giachetti reported several exam areas that at first glance might not seem appropriate for RIAs. For example, he said the Department of Labor is conducting ERISA exams of RIAs in New York and Los Angeles, and “they’re coming to Chicago.” Additionally, SEC examiners are now asking RIAs to explain how they supervise their branch offices, essentially “putting a FINRA question on an advisor exam.”
Ninth, your CCO. Giachetti had strong advice on the role of an RIA firm’s chief compliance officer. “CCOs better have authority in your firm” to ensure compliance well before an examiner comes to visit. CCOs with that authority, he said, "are the ones that will get you through an exam.”
(Giachetti explores the role of the CCO in more detail in his December 2012 Compliance Coach column for Investment Advisor.)
Tenth, since compliance is “all about getting you through” those exams, advisors should “take control of their businesses, making sure your CCOs have the resources they need.” And he has special words of scorn for “consultants” who provide “one size fits none” compliance documents. Returning to his advice on reading your E&O policy, he suggested principals of RIA firms read all their documents to ensure that they accurately reflect the services and structure of the individual firm.
In his followup presentation, Friedman agreed that, "compliance is all about surviving audits" and drawing on his experience of "surviving" five audits, said advisors need to demonstrate a "culture of compliance" and that "you run a tight business." Finally, he said that in preparing for an exam, make sure you use your technology, especially your CRM system, to quickly and more easily supply what examiners tell you they're looking for, since "the CRM is where all this data lives," including client lists, contact lists, important dates and account data. "Examiners don't like to be buried in paper," he said, "they prefer electronic."