Close Close

Regulation and Compliance > Cybersecurity

SEC to CCOs: Don’t Ignore These Issues

Your article was successfully shared with the contacts you provided.

Three top regulators at the Securities and Exchange Commission told compliance officers Thursday what issues they’ll be scrutinizing when examining investment advisory firms this year, as well as potential rulemakings and guidance that are in the works.

At the SEC’s Compliance Outreach Program National Seminar held at SEC headquarters in Washington, Drew Bowden, an associate director that leads the National Investment Adviser/Investment Company Examination Program within the Office of Compliance Inspections and Examinations; Norm Champ, director of the Division of Investment Management; and Andrew Ceresney, director of the Enforcement Division, laid out for the 800 attendees, mainly compliance officers, the issues that will be on their radar in 2014 — some of which spill over from last year.

Top issues include compliance with the custody rule, insider trading, exams to include firms’ policies on cybersecurity; dually register advisors’ or BDs’ shifting of client accounts from broker to advisory accounts; failure to correct compliance deficiencies; conflicts of interest, private funds and cherry picking.


Bowden noted that OCIE’s focus last year on making sure advisors were complying with the custody rule will also be a focus this year. The “No. 1 [exam] item was custody and safekeeping of assets in 2013,” Bowden said. “I hope nobody missed this message coming out in 2013,” because it will continue in 2014. “We’re going to closely assess your compliance with appropriate reporting of client assets.”

Bowden also mentioned OCIE scrutiny of qualified plan rollovers this year, as well as alternative mutual funds, which he said are the “largest growing” new fund sector.

Jane Jarcho, National Associate Director of OCIE’s National Exam Program, noted on a separate panel that OCIE’s exams will include assessing firms’ cybersecurity policies. Examiners will be looking at resources going into information security, policies on cybersecurity risk, what policies are in place to prevent and respond to cyberattacks, lost information and identity threft,” Jarcho said. Examiners will also ask about internal and external cyberattacks that may have occurred at advisory firms as well, and will look at a firm’s policies on IT training, vendor access and vendor due diligence, she said.

David Grim, deputy director of the Investment Management division added that “cybersecurity is a big issue that people are worried about — take a look at the policies and procedures you have around this issue and make sure they are current.”

Investment Management Division

Champ noted the significant movement by dually registered advisors and broker-dealers of client accounts from brokerage to advisory accounts. “We get why this is going on…because with advisory accounts you get an [ongoing] advisory fee, and that is good for revenue.” However, Champ warned compliance officers to think about “where the advisor’s fiduciary duty occurs” when “recommending to move a client from a brokerage account that costs nothing to an advisory account that can cost 1% per year.”

With insider trading having “been a big deal” in the fund industry, Champ urged firms to make sure they have procedures to prevent the misuse of nonpublic information. “Think about what you are doing to prevent this,” he said, “and talk to us about a violation before we find it. If you detect a violation, it’s important that you talk to us.”

Champ also noted the guidance updates on various issues that were started in 2013 will continue this year. Fourteen such updates “on areas where we’ve seen an issue” were issued last year, he said. The most recent one released in January looks at changes in the bond markets, in which “dealers — the big wirehouses — are holding less inventory in bonds, 20% less,” Champ said, “so there are much fewer people out there making markets in bonds.” Look for more of these guidance updates this year, he said, as well as further guidance on Rule 506 (c) private offerings.

Grim added the division is also looking at rulemakings this year around ETF registration and target date funds. Enforcement Division

Ceresney noted the cases the agency brought last year related to firms’ failure to correct deficiencies that were pointed out by the agency. “We had nine such cases last year, with more in the queue,” he said. “We worry that those [unaddressed] issues will lead to bigger issues.”

Noting the “critical” importance of the commission to enforce the custody rule, as the SEC “brought a number of cases” in this area last year, Ceresney noted “areas of unique development in 2013,” such as the portfolio manager who violated the rule that prohibits “obstructing or lying” to a CCO.  

“I wasn’t even aware of the rule,” Rule 38a-1(c) of the Investment Company Act, which was enforced in that case, but “we will be [enforcing] it extensively going forward.”

Yet another unique case was in the BD area, with the failure to disclose markups and markdowns, he said.

Not unique, however, will be the division’s continuing effort to enforce failures to supervise, he said.

Other issue of focus this year, he said, are conflicts of interest at funds, including side-by-side management of conflicts, which includes the related issue of principal transactions. “We brought a number of cases” on this last year, “and we will continue to bring cases here in 2014.”

Othes focus areas include cherry picking, as well as private equity and valuation in that realm, as well of disclosure of fees in this area.

In the private equity area, there will also be a focus on “zombie funds,” he said, which result when private equity holdings are not designed for quick liquidity, and “zombie managers” are unable to raise new capital.

Check out SEC to Keep Close Eye on Advisors Who Are ‘Highly Successful’ at Rollovers on ThinkAdvisor.


© 2023 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.