SEC Chief of Staff Andrew "Buddy" Donohue.

The Securities and Exchange Commission’s chief of staff, Andrew “Buddy” Donohue, is challenging chief compliance officers to be “proactive” by focusing on nine priorities, and quelling CCOs’ fears that their elevated roles will expose them to “increased personal liability.”

Donohue, the former director of the SEC’s Division of Investment Management, also told CCOs in a recent speech at the National Regulatory Service’s annual conference that despite their fears, the Commission “is not targeting — and has not targeted — compliance personnel.”

As SEC Chairwoman Mary Jo White has stated, he continued, “it is not our intention to use our enforcement program to target compliance professionals… Being a CCO obviously does not provide immunity from liability, but neither should our enforcement actions be seen by conscientious and diligent compliance professionals as a threat.”

He noted the SEC’s Office of Compliance Inspections and Examinations is using its Risk Analysis Examination Group to leverage technology in exams of clearing firms and large broker-dealers by analyzing transactions cleared by selected firms over a period of years and then is “using that data to identify potential problematic behavior across multiple firms, including unsuitable recommendations, misrepresentations, inadequate supervision, churning and reverse churning.”

SEC examiners, Donohue said, are also are mining “large amounts of data” to assess how large firms have implemented their compliance programs across branch offices.

Because the securities business is “constantly changing,” with the environment that CCOs work in being “more complex” than ever, Donohue said, “this complexity and speed of change that makes your jobs so important and renders it imperative that you consistently challenge yourself to evolve to meet the demands of your profession.”

To do their jobs effectively, Donohue told CCOs they must adhere to these nine steps: 

  1. Have “firsthand knowledge” of applicable laws and regulations including relevant exemptive orders;

  2. Develop a “deep understanding” of the firm and its operations and structure;

  3. Identify conflicts of interest and how they are reported and resolved;

  4. Understand the firm’s clients and products, including their profitability. 

  5.  Understand the firms’ compliance and technology platforms;

  6. Have a “detailed knowledge” of the firms’ policies and procedures and how they are applied and monitored;

  7. Gain an understanding of the markets in which the firm operates;

  8. Create an environment that puts the customer’s interest ahead of the firm’s interest such that the firm does what it should, not what it can; and

  9. Gain an appreciation for what you do not know and how to fill those subject matter and competency gaps. 

– Find out how to protect your business from cyber bandits at ALM’s cybersecurity event.

— Related on ThinkAdvisor: