Close Close

Regulation and Compliance > Federal Regulation > SEC

Don’t Be Complacent About Compliance

Your article was successfully shared with the contacts you provided.

This year is the second full year of a new, more aggressive SEC regulatory regime. Has the majority of the advisory community taken heed? Unfortunately not.

In October 2013, the Securities and Exchange Commission pronounced that it would examine all previously unexamined advisors by the end of 2014. Although it did not achieve its goal, it did make a strong effort to do so, and will most certainly complete the task in 2015. However, that does not mean that previously examined advisors should feel that they are not on the commission’s radar. To the contrary, all advisors must continue to be vigilant with their compliance-related efforts, especially given the SEC’s recent initiatives that apply to all registered investment advisors. What was adequate in 2013 was most likely somewhat deficient for 2014, and will be even less complete in 2015.

Remember, unless your compliance efforts are geared toward successfully completing an exam, you are generally wasting time and resources. Compliance is not a bunch of forms or checking boxes—don’t drink that “Kool-Aid.” The only way to successfully navigate through an exam is to know what the examiners will be looking at given your specific operations. Only after you are able to effectively make that determination can you adequately prepare for an exam.

I continue to spend the vast majority of my time traversing the U.S. and Canada making those determinations and preparing advisors for the exam. Stop going through “one size fits no one” electronic exercises. These are generally not the areas that could result in adverse SEC outcomes. No, the areas that will receive SEC focus may have little to do with your day-to-day “checking the electronic boxes.” That is not to say that they should be ignored. However, don’t get a false sense of being prepared because you have completed such rudimentary tasks.

Stop paying for services you do not need. Most firms can and should take ownership of their day-to-day compliance requirements. To do otherwise could prove detrimental during an exam if you are not able to demonstrate to the SEC that you understand your compliance efforts, how they are completed and why. Too many firms undertake too many tasks that are not required given their operations but because they are what their consultant requires, only to find that the areas of real SEC focus have been neglected.

So, what are these areas? They include, but are certainly not limited to:

  1. Cybersecurity

    Have you identified the risks and adopted corresponding adequate information security processes? Can you demonstrate same to the SEC during an exam? You can’t just say you rely on the efforts of others without knowing what those efforts are.

  2. Custody

    Do you really understand what constitutes custody? Unfortunately, we have found that sometimes the SEC doesn’t understand (or ignores) its own published FAQs. Do you serve as a trustee, maintain SLOAs or have possession of client passwords? Is it custody? Is there an exception?

  3. Conflicts of Interest

    Are you adequately (and clearly) disclosing them on your Form ADV Part 2A? This is a primary SEC focus and the genesis of many adverse SEC findings.

  4. Wrap Programs or Asset-Based Pricing

    This is when clients are charged a percentage of the account market value for transaction fees. Can you demonstrate to the SEC that these programs and arrangements are beneficial to the client? Remember, you are a fiduciary—you are required to do so.

  5. Composite and Non-Composite Performance Presentations

    Do you really need them? Are they compliant with SEC rules and no-action letters? Can you use them in a manner that will lessen your risk exposure during an exam?

It’s not too late to get on track. Look at your efforts—are you in control or is a third party? Remember, the SEC will be examining you, not a third-party consultant, and you can’t blame the consultant. You can try, but the SEC will not care. It is and will continue to be your responsibility to ensure that your compliance efforts are appropriate given the scope of your firm’s operations.