Close Close

Regulation and Compliance > Federal Regulation > SEC

Are You Prepared for a Regulatory Exam?

Your article was successfully shared with the contacts you provided.

Is your firm adequately prepared for a regulatory exam? The scope of the regulatory examination process continues to become increasingly complex. However, if your firm is adequately prepared to answer all of the issues that will be raised by the SEC during the examination process, the exam should not at all be a painful or worrisome experience.

Some of the items requested that have caused the most confusion for investment advisory firms include questions regarding the “risk management process.” Most investment advisors tend to think about risk in terms of investments and portfolio management. However, the SEC also requires that advisors assess risk relative to operational and compliance risks. We advise investment advisory firms to perform an annual risk assessment as part of its annual CCO review, each of which should be provided to the SEC during a regulatory examination. We address these risk assessment matters (and prepare a risk assessment and CCO review) as part of performing mock audits.

For SEC-registered investment advisors, the frequency and scope of compliance inspections is, for the most part, determined by the Commission’s perception of an advisor’s compliance risk profile. Examiners will focus reviews on issues that represent the greatest potential threat to investors, and the corresponding frequency of examinations will be based upon the scope of an advisor’s operations and the results of previous exams. In order to be prepared, the firm should be familiar with both the examination process and the issues that will be raised during the examination. By conducting a mock examination, advisors are better able to address and correct current deficiencies, enhance current procedures and, most importantly, recognize and avoid those issues that could result in potentially adverse regulatory determinations or enforcement matters.

Please note: Mock audits conducted by non-law firms are subject to disclosure and/or turnover


to state and federal regulatory authorities (including the SEC) and plaintiff’s attorneys. Only audits and written/verbal communications provided by a law firm are privileged and thereby excluded from such turnover.

Although the result of our examinations vary between firms, common deficiencies include:

  • Substantive contradiction between key documents (ADV vs. advisory agreements vs. policies and procedures)
  • Failure to address custody issues
  • Failure to adequately document annual CCO review
  • Failure to demonstrate a risk-based review (although there is no rule that specifically requires a risk assessment, as indicated above we generally prepare a risk assessment for our clients as part of a mock audit. There are specific questions on the exam that address the risk assessment process.)
  • Failure to update the firm’s business continuity plan
  • Failure to demonstrate best-execution review/process
  • Recordkeeping violations
  • Privacy and confidentiality issues
  • Inadequate billing practices
  • Questionable advertising practices
  • Composite performance violations
  • Failure to adequately address previous exam deficiencies
  • Insufficient or incomplete personal securities transactions documentation
  • Violations of codes of ethics
  • Inaccurate Form ADV disclosure
  • Insufficient or obsolete policies and procedures, or investment advisory agreements
  • Inability to demonstrate client suitability
  • Inadequate due diligence processes for separate account managers and private funds
  • Weak internal controls that could lead to liability or regulatory exposure
  • Failure to demonstrate compliance with solicitor/referral fee rule

The SEC’s latest examination document request list requires the production of many items that are unfamiliar or inapplicable to most investment advisors. While many of these items are not required by the Investment Advisers Act, an advisor should be appropriately prepared to respond to all items that are applicable to its practice, and more importantly, know which items are neither applicable nor required. Otherwise, the firm could face the possibility of substantially longer or more frequent SEC inspections.