The Securities and Exchange Commission’s exam division is warning transfer agents to review their practices, policies and procedures to ensure funds and securities are protected while held at the transfer agent.

Staff in the agency’s Office of Compliance Inspections and Examinations stated in a Risk Alert on Wednesday that exams of paying agents have revealed deficiencies that generally fall into two categories: safeguarding of funds and securities as well as notification to unresponsive payees and policies and procedures for lost securityholder searches.

“OCIE staff believes that safeguarding funds and securities is one of the highest risk areas for TAs because of the trillions of dollars that TAs control and distribute each year as paying agents,” the alert states.

The alert seeks to highlight “significant exam deficiencies” observed by OCIE “while also identifying robust practices in order to encourage TAs to review and strengthen their applicable policies, procedures, and controls related to their paying agent operations.”

From October 2014 through September 2017, OCIE conducted 75 exams of transfer agents that also served as paying agents.

OCIE staff examined for the possible misappropriation of funds and assessed the TAs’ policies, procedures, and controls for paying agent activities.

Along with processing and disbursing principal, interest and dividend payments to bondholders or shareholders, paying agent activities also include administering direct stock purchase and dividend reinvestment plans, managing interest bearing accounts or demand deposit accounts in the name of mutual funds for activities such as inflows and outflows from fund orders and making distributions for mutual funds.

The Risk Alert explains that in some cases, TAs that serve as paying agents are unable to distribute shareholder funds as intended.

“For example, checks may be returned to the TA as undeliverable, shareholders may receive a check but never cash it, or electronic banking instructions may be inaccurate. In these situations, shareholder funds may remain in the TA’s bank accounts for years until the funds are escheated per relevant state law.”

Infractions found in exams related to the Safeguarding Rule included misappropriation and theft.

OCIE staff observed the misappropriation of shareholder funds and the theft of physical certificates.

In some instances, TA employees misappropriated issuer funds for personal use, and in other instances, a TA used shareholder funds to pay fees of the TA, the alert states.

The staff also observed TAs keeping physical certificates in unsecured locations for long periods of time, resulting in the reissuance of those certificates to different shareholders.

Lost securityholder searches were among the deficiencies related to Securityholder/Unresponsive Payee Rule. For instance, OCIE observed TAs that did not comply with the database search requirements of the Lost Securityholder/Unresponsive Payee Rule.

“TAs … did not conduct lost securityholder searches, or if searches were conducted, they were not conducted within the proper timeframe. In addition, some TAs conducted searches for lost securityholders using only public resources instead of an information database service, as required by Rule 17Ad-17(a)(1),” the alert states.