When regulators show up at your door to conduct an inspection, as part of an industry sweep or a routine examination, will you be ready? As confirmed in its 2017 Agency Financial Report, the Securities and Exchange Commission examined more investment advisors than in the prior fiscal year — a 50% increase from just three years ago. With the agency planning to keep its examiners even busier in 2018, here are some practical pointers to prepare for and execute a successful SEC exam.
Getting Ready for Review
Typically, registrants are notified by phone a couple of weeks before the exam, followed by a formal written confirmation. This will allow time to brief and advise the firm’s staff on the examination process, interviews and expectations. The exam typically takes place over the course of weeks or months.
The firm will designate a qualified primary point of contact for the examiners, typically the chief compliance officer, and may assign other employees and hire consultants to be part of the response team. Whether on-staff or a compliance professional retained to lead the effort, the CCO must be ready to discuss and respond to questions regarding the compliance program, policies and procedures, risks, testing results, culture and have the knowledge and experience to organize the response effort and coordinate the examination. The response team should also include one or more members of senior management who are familiar with the compliance program and can field questions examiners might reasonably pose on behalf of key areas of the business.
In their initial communication(s), the examiners will provide an Information Request List of written materials and records for their inspection. These will need to be generated by the firm and then downloaded to an SEC portal. The CCO will initiate a meeting with key staff to prepare and organize the production of the records. These requested materials will be categorized and aligned with the SEC request list and will include records pertaining to portfolio management, trading, marketing, custody, client and financial records and other key areas of the firm.
As the time-consuming process of locating, drafting and producing potentially hundreds of documents and existing records within a short time frame unfolds, it may become apparent to both the firm and the examiners the degree to which the firm is prepared to respond to these requests.
At this stage the firm may want to consider the importance of protecting attorney-client privileged written communications and materials, and integrating the process required under the Freedom of Information Act when submitting the records to the SEC.
Examiners will also request the results of prior compliance testing and reviews, including an annual review report and the results of any internal or third-party reviews or audits, as well as an inventory of controls that are mapped to identified and potential risks of the firm.
Examiners conduct their exams both onsite and offsite. Once onsite, it is preferable that the examiners are set up in a quiet and comfortable space or a private conference room with access to a copy machine and basic office supplies.
To kick off the examination, typically examiners will request an onsite meeting with senior management and the CCO. The firm should be prepared to provide an overview or presentation that describes the firm’s business activities and the compliance program. The examiners will interview key employees from many functional areas of the business, including accounting/finance, trading and portfolio management among others.
It is important to prepare the team for these interviews by reinforcing the compliance policies and procedures that relate to their particular role and by discussing questions that may be raised. All employees should conduct themselves in a professional manner and they should anticipate receiving additional written and verbal requests from the examiners. Once the examiners are offsite, the examination remains open and may extend weeks and/or months with additional requests.
To be better prepared for an SEC examination, periodically, CCOs and other compliance personnel should review the firm’s compliance policies and procedures to ensure they reflect the business’ specific operations, as opposed to a generic off-the-shelf template; are current, and do not include outdated policies that are no longer followed or applicable to the business.
Firms may also engage a third-party firm to conduct a mock examination to identify strengths as well as weaknesses in the firm’s compliance program and to provide recommendations for additional testing, monitoring and other internal controls or processes for the firm to conform to prevailing industry compliance best practices as well as the expectations of SEC examiners and other regulators.
Generally, the more prepared your firm is for an SEC examination, the more successful the examination.