Are you a federally regulated RIA? If so, have you received The Letter? If not, you certainly will be getting one soon.

I am talking about the 11-page missive, called the “List of Books and Records Requested for Review,” that the Securities & Exchange Commission will send you prior to conducting an audit of your practice. The letter is so new that even leading compliance consultants were surprised when it began to hit advisors’ mailboxes a few weeks ago. An RIA in California, who was recently audited and asked to remain anonymous, sent me a copy. To download a copy of the letter, click here. But let me highlight it now.

The letter asked the advisor to produce documents going back over more than two years, but it left room to request other data going back to the founding of the firm in the 1990s. This shows how the SEC is shining a broadening searchlight on RIAs in the wake of the mutual fund and brokerage house scandals. Indeed, while the SEC asked for many specific items, such as e-mails or trade blotters, it also allowed examiners to ask for other documents that they–or you–might suggest. After you receive the letter, you’ll have just two or three days to get your records together for the examiners.

For example, you’ll need to demonstrate your “overall commitment to establish an effective system of controls and compliance,” something the SEC calls “tone at the top.” This could include your written compliance procedures and manual, a code of ethics for your firm and any affiliates, and your anti-money laundering policies and procedures, updated to conform with the latest regulations. In addtion, you will also be asked to produce a wealth of trading and client data. Included is your trade blotter or journal, which you’ll need to produce as a computer file, but also every securities position you have, broken down by client, and a list of every client you have signed up or lost for a specified period. Be prepared to document how you obtained clients, including payments to third parties for referrals, as well why any clients departed. If you have any soft-dollar agreements with brokers, you’ll have to lay them out, as well as how you pay for securities quotations and portfolio accounting systems.

Expect the unexpected. The SEC will want to see, for instance, your firm’s proxy voting policies and procedures. Some advisors have Institutional Shareholder Services vote for clients. If you do, spell this out and show who–you or your client–pays the ISS fees. If you leave proxy voting to your clients, you must spell that out in writing as well.

What about e-mail? You’ll need to be able to get to all your firm’s messages and attachments, both on your server and your staffers’ computers. The examiners will tell you, at the outset of your audit, whose e-mails they want to view. You will also have to be able to search through e-mails electronically (Google recently released a free tool at desktop.google.com that lets you search for e-mail in Microsoft’s Outlook 2000 or Outlook Express 5).

The advisor who sent me the SEC letter told me that he had what the examiners needed, and that he emerged from his exam with only four minor infractions. He said that was because he has made “a culture of compliance” an integral part of his business strategy since he opened his RIA practice. If anything, the SEC letter should serve as a wakeup call to those who are not nearly as diligent.

This article also appears in the November 2004 issue of Investment Advisor.