Exam Priorities for 2021-Investment Advisors

As of December 17, 2020, the Office of Compliance Inspections and Examinations (OCIE) has been renamed as the Division of Examinations of the US Securities and Exchange Commission (“The Examinations Division” or “EXAMS”).

EXAMS has announced their examination priorities for 2021 that contains priorities emphasized in previous years, however this year they outline emerging risks, including those related to environmental, social and governance matters (“ESG”) and climate change.  

The new focus on ESG and climate change-related risks is consistent with recently announced initiatives from the SEC’s staff that further integrate climate change and ESG considerations into the SEC’s regulatory framework. For example, on March 4, 2021, the SEC’s Division of Enforcement announced the creation of a Climate and ESG Task Force, which will develop initiatives to proactively identify ESG-related misconduct and whose initial focus will be to identify material gaps or misstatements in issuers’ disclosure of climate risks under existing rules as well as analyze disclosure and compliance issues relating to investment advisors’ and registered funds’ ESG strategies.

 The themes for 2021 are included here and below is the detail: 

  1. Retail Investors, Including Seniors and Those Saving for Retirement
  2. Information Security and Operational Resiliency
  3. Financial Technology (Fintech) and Innovation, Including Digital Assets
  4. Anti-Money Laundering Programs
  5. Focus Areas Relating to Investment Advisors and Investment Companies
    1. Compliance Programs
    2. Registered Funds, including Mutual Funds and ETFs
    3. RIAs to Private Funds

Retail Investors, Including Seniors and Those Saving for Retirement: EXAMS will focus on compliance with Form CRS and whether investment advisors have fulfilled their fiduciary duties of care and loyalty. Specifically, EXAMS will examine whether registered advisors are appropriately mitigating conflicts of interest and, where necessary, providing disclosure of conflicts that is sufficient to enable informed consent by retail investors. With respect to those investments heavily used by retail investors or those that may present elevated risks, EXAMS will continue to prioritize these products, including mutual funds, exchange-traded funds (ETFs), municipal securities and other fixed income securities, variable annuities, private placements, and microcap securities. EXAMS also noted that examinations will review firms’ disclosures related to fees and expenses as well as registered advisors that operate and utilize turnkey asset management platforms (and whether fees and revenue sharing arrangements in such platforms are adequately disclosed).

Information Security: EXAMS will review whether investment advisors have taken appropriate measures to: safeguard customer accounts and prevent account intrusions, including verifying an investor’s identity to prevent unauthorized account access; oversee vendors and service providers; address malicious email activities, such as phishing or account intrusions; respond to incidents, including those related to ransomware attacks; and manage operational risk as a result of dispersed employees in a work from home environment. These types of risks have increasing become important as registered advisors have adopted remote working environments in light of the COVID-19 pandemic. EXAMS will focus on controls surrounding online and mobile application access to investor account information, the controls surrounding the electronic storage of books and records and personally identifiable information maintained with third-party cloud service providers, and firms’ policies and procedures to protect investor records and information.

Operational Resiliency/Business Continuity: EXAMS will continue to review business continuity and disaster recovery plans of registered advisors, but for 2021 will shift its focus to whether such plans, are accounting for the growing physical and other relevant risks associated with climate change. As climate-related events become more frequent and more intense, EXAMS has stated that it will review whether investment advisors are considering effective practices to help improve responses to large-scale events.

Financial Technology (FinTech) and Innovation, including Digital Assets and Electronic Investment Advice: EXAMS stated that examinations of market participants engaged with digital assets (including robo-advisory firms or traditional firms that rely on mobile or electronic platforms) will continue to assess the following: whether investments are in the best interests of investors; portfolio management and trading practices; safety of client funds and assets; pricing and valuation; effectiveness of compliance programs and controls; and supervision of representatives’ outside business activities.

Anti-Money Laundering Programs: EXAMS will continue to review for compliance with applicable anti-money laundering requirements, including evaluating whether registered funds have adequate policies and procedures in place that are reasonably designed to identify suspicious activity and illegal money-laundering activities.

Focus Areas Relating Specifically to Registered Advisors and Registered Funds:

Registered Advisor Compliance Programs: EXAMS will continue to review the compliance programs of registered advisors, including whether those programs and their policies and procedures are reasonably designed, implemented, and maintained in accordance with applicable federal securities laws. In evaluating the effectiveness of a compliance program, EXAMS stated that it frequently reviews whether registered advisors appear to have sufficient resources to perform core compliance responsibilities. This year EXAMS noted that it is focusing on registered advisors that employ investment strategies related to ESG factors, particularly products in these areas that are widely available to investors, including open-end registered funds and ETFs, as well as those offered to accredited investors such as qualified opportunity funds. To that end, EXAMS stated that it will review the consistency and adequacy of the disclosures registered advisors and fund complexes provide to clients regarding their ESG strategies, determine whether the firms’ processes and practices match their disclosures, review fund advertising for false or misleading statements, and review proxy voting policies and procedures and votes to assess whether they align with the strategies.

Registered Funds, Including Mutual Funds and ETFs:  EXAMS stated that its examinations of registered funds will focus on disclosures to investors, valuation, personal trading activities, contracts and agreements, and will include a review of fund governance practices and compliance programs.

Similar to prior years, EXAMS noted that it will prioritize examinations of mutual funds or ETFs that have not previously been examined or have not been examined in a number of years, and will generally focus such examinations on fund compliance programs and financial condition, particularly where funds have instituted advisory fee waivers. In addition, EXAMS stated that it will focus on compliance with exemptive relief, including for the newly created non-transparent, actively managed ETFs, and will also review funds’ and advisors’ disclosures and practices related to securities lending.

Registered Advisors to Private Funds: EXAMS will continue to focus on advisors to private funds, and will assess compliance risks, including a focus on liquidity and disclosures of investment risks and conflicts of interest. For 2021, EXAMS stated that it will also focus on advisors to private funds that have a higher concentration of structured products, such as collateralized loan obligations and mortgage backed securities, to assess whether the private funds are at a higher risk for holding non-performing loans and having loans with higher default risk than that disclosed to investors.

For all of the important details around these categories and more, click here for a complete copy of the Exam Priorities for 2021-Investment Advisors.

SEC Registered Investment Advisers

Mayer Brown a global law firm recently published their very thorough Legal Update on the SEC’s OCIE Risk Alert published on November 19, 2020, discussing its observations from a series of examinations that focused on SEC Registered Investment Advisers related to compliance rule 206(4)-7 under the Investment Advisers Act of 1940.  

The Risk Alert includes a comprehensive set of compliance program deficiencies that OCIE has identified in a sample of deficiency letters from recent SEC Registered Investment Advisers examinations.  Also included in this Legal Update is a link to OCIE’s National Investment Adviser/Investment Company Compliance outreach 2020 seminar focusing on the role of the SEC Registered Investment Adviser’s Chief Compliance Officer.  

From a high level, the Compliance Rule Deficiencies and Weaknesses identified by OCIE in the Risk Alert cover the following topics:

  1. Inadequate Compliance Resources
  2. Insufficient Authority of CCOs
  3. Annual Review Deficiencies
  4. Implementing Actions Required by Written Policies and Procedures
  5. Maintaining Accurate and Complete Information in Policies and Procedures
  6. Maintaining or Establishing Reasonably Designed Written Policies and Procedures

I encourage you to review Mayer Brown’s Legal Update.  If you need assistance with your RIA ongoing compliance requirements, contact us today for your free consultation!

Happy Thanksgiving

To all of our clients, we hope you have a safe and wonderful holiday!

RIA Compliance

RIA Compliance. Recently, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a risk alert outlining certain compliance risk and considerations for SEC-registered broker dealers and registered investment advisors during the COVID-19 pandemic.  The pandemic has created uncertainty among firms regarding how they should comply with their regulatory requirements while members of their firm may be working from home.

To help firms address some of this uncertainty, OCIE made a number of observations and suggestions that broadly address the following areas:

(1) protection of investors’ assets;

(2) supervision of personnel;

(3) practices relating to fees, expenses, and financial transactions;

(4) investment fraud;

(5) business continuity;

(6) the protection of investor and other sensitive information.

The Risk Alert is provided with this link.  I encourage all registered investment advisors to read the Alert and remain vigilant with your firm’s practices during these uncertain times.  If you need assistance with your RIA Compliance contact us today for a free consultation!

State registered investment advisors

State registered investment advisors.  NASAA released its 2019 annual report outlining their guidance from the state registered investment advisor firms it examined between January and June 2019.  The complete NASAA report can be found here. Below is a summary of “Best Practices” included in the NASAA report, for state registered investment advisors. 

Recommended Best Practices for Investment Advisers

Based on the 2019 sample data, NASAA recommends the following “Best Practices” as a guide to assist investment advisers in developing compliance practices and procedures.

• Review and revise Form ADV and disclosure brochure annually to reflect current and accurate information.

• Review and update all contracts.

• Prepare and maintain all required records, including financial records. Back-up electronic data and protect records. Document checks forwarded.

• Prepare and maintain client profiles or other client suitability information.

• Prepare a written compliance and supervisory procedures manual relevant to the type of business to include business continuity plan and information security policies/procedures.

• Prepare and distribute a privacy policy initially and annually.

• Keep accurate and current financials. File timely with the jurisdiction. Maintain surety bond if required.

• Calculate and document fees correctly in accordance with contracts and ADV.

• Review all advertisements, including website and performance advertising, for accuracy.

• Implement appropriate custody safeguards, especially for direct fee deduction.

• Review solicitor agreements, disclosure, and delivery procedures.

NASAA also provided in their report a link to their cybersecurity checklist that firms may find help.  Click here for that link. 

Registered Advisor Services is here to help your firm with your ongoing compliance needs. Contact us today for a free consultation!

RIA Compliance Services

RIA Compliance Services.  Yesterday, OCIE released a Risk Alert for registered investment advisors outlining their examination focus on the new Form CRS (“Relationship Summary”). OCIE’s examinations after the filing deadline of June 30, 2020 will focus on the following relating to the relationship summary:

Filing & Delivery of the Form CRS

  • Was the Form CRS by the June 30, 2020 deadline;
  • Was the Form CRS delivered to Retail Investors by July 30, 2020 (within 30 days of filing on the IARD system);
  • Has the firm delivered to new Retail Investors before or at the earliest of?
    • Entering into an investment advisory contract;
    • A recommendation to a retail investor of an account type, a securities transaction, or an investment strategy involving securities;
    • Placing an order for the Retail Investor, or
    • Opening a brokerage account for the Retail Investor.

Content of the Form CRS

  • Does the relationship summary include all the required information based on the instructions; contain true and accurate information; is it consistent with information in the Brochure; are all conflicts of interest disclosed; how firms are compensated is properly disclosed; and, disciplinary history is properly disclosed.

OCIE will confirm the relationship summary is Formatted in accordance with the instructions.


  • They will review your policy & procedures for updating the relationship summary; assess how your firm updates and files the relationship summary within 30 days of information becoming materially inaccurate; assess how your firm communicates these changes to retail investors within 60 days after the update; and, assess your firm’s process for highlighting to your retail investor the most recent changes including an exhibit highlighting or summarizing the change.


  • OCIE will review your firm’s records for delivery of the relationship summary to your clients and review your policies and procedures regarding your recordkeeping obligations.

The IARD system will begin accepting the filing of the relationship summary as of May 1, 2020, with the deadline of June 30th for the relationship summary to be filed.  If you need guidance with the preparation and filing of this relationship summary call us today!  We’re here to provide you with our RIA compliance services.

RIA Registration Services

RIA Registration Services.  With less than a month to go before the end of the first quarter of 2020, many registered investment advisor (RIA) firms are reviewing their Form ADV Part 1 Annual Amendment. This review is in preparation of updating several sections within that document and submitting it by the deadline of March 31, 2020.  These are RIA firms that have a December fiscal year end.

Several questions on the Form ADV Part 1 Annual Amendment raise questions as RIA firms are preparing the information for this filing.  

As a reminder:  Section 5, Information about your Advisory Business – Employees, Clients and Compensation.  Specifically, Question 5K (1) Separately Managed Account Clients.  For purposes of the Form ADV, “Separately Managed Account clients” are generally defined as all of your clients who investment advisors provide investment advice to EXCEPT, private funds, business development company and mutual funds.  Outside of private funds, business development company and mutual funds, all other types of ‘clients’ come under this term.  (i.e., individuals, High Net Worth client, corporations, pension plans, etc.).

The next question that is Question 5K (4).  This is the question that is asking the advisor to provide the name of the custodian(s) that holds 10% or more of your client’s regulatory assets under management.  The reporting on the corresponding schedule for Question 5K (4) is to include the name of the custodian/address, CRD/SEC number and the corresponding assets held by that custodian(s).

If you need assistance with your Form ADV Part 1 Annual Amendment filing or any other investment advisor compliance needs, contact Registered Advisor Services today for a free consultation!  Your RIA Registration Services partner.

Financial Advisor Consultant

Financial Advisor Consultant.  Recently the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) provided their examination observations concerning cybersecurity that includes operational practices registered investment advisor firms consider when reviewing your internal cybersecurity policy and procedures.

The topics in OCIE’s exam observations include:

Governance and Risk Management – assess your RIA firm’s ‘tone from the top’ and senior leaders buy in to your firm’s cybersecurity protocols.

Access Rights and Controls – review the access rights and controls for your RIA firm to determine the location of your client’s data; assess how you currently restrict access to your systems and data to unauthorized users; and establish appropriate controls to prevent and monitor for unauthorized access.

Data Loss Prevention – review your investment advisor firm’s tools and processes to ensure that sensitive data, including client information, is not lost, misused or accessed by unauthorized users.

Mobile Security – this section provides observations and guidance on what current RIA firms use to manage personal mobile devices to ensure compliance and protection of the investment advisor firm’s information.

Incident Response and Resiliency – review your procedures for timely detection and appropriate disclosure of material information regarding incidents; and assess the appropriateness of corrective actions taken in response to incidents.  

Vendor Management – perform due diligence for your RIA firm’s vendor selection; monitor and oversee vendors and contract terms; assess how those relationships are considered within the investment advisory firm’s risk assessment process; and, review how vendors protect any accessible client information.

Training and Awareness – These are key components to a firm’s cybersecurity program by providing employees with information about cyber risks and responsibilities that heightens awareness of cyber threats.

Click here, for the complete list of examination observations on cybersecurity observations!  Let Registered Advisor Services be your Financial Advisor Consultant for your important registered investment advisor compliance needs.

Help with Ongoing RIA Compliance Requirements

Help with ongoing RIA compliance requirements. The Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) has now published its examination priorities for 2020.  The themes for 2020 are similar to 2019 and are included here and below is the detail: 

  1. Retail Investors, Including Seniors and Those Saving for Retirement
  2. Market Infrastructure
  3. Information Security
  4. Focus Areas relating to Investment Advisors/Investment Companies/Broker-Dealers and Municipal Advisors
  5. Anti-Money Laundering
  6. Financial Technology (FinTech) and Innovation, including Digital Assets and Electronic Investment Advice
  7. FINRA and MSRB

Retail Investors, Including Seniors and Those Saving for Retirement -OCIE will focus examinations on the disclosure and calculation of fees, expenses, and other charges investors pay, and conflicts of interest.  They will assess whether registered investment advisors (RIAs) provide advice in the best interests of their clients and eliminate or at least expose through full and fair disclosure, all conflicts of interest which might include an RIA to render advice that is not disinterested.  After the June 30, 2020 compliance date for Regulation Best Interest and Form CRS, OCIE intends to assess implementation of the requirements of the new rule, including policies and procedures regarding conflicts disclosure and the content and delivery of Form CRS.

Market Infrastructure – OCIE will continue to examine entities that provide services critical to the proper functioning of capital markets. They will conduct examinations of firms which include, among others, clearing agencies, national securities exchanges, alternative trading systems and transfer agents, focusing on certain aspects of their operations and compliance with recently effective rules. 

Information Security– OCIE’s examination programs will prioritize cybersecurity and other information security risks with an emphasis on, among other things, proper configuration of network storage devices, information security governance, and policies and procedures related to retail trading information security.  OCIE will continue to focus and assess RIA’s protection of clients’ personal financial information.

Focus Areas Relating to Investment Advisors, Investment Companies, Broker-Dealers and Municipal Advisors – OCIE’s examination of RIAs will focus on never been examined advisors, including new RIAs and RIAs registered for several years and have yet to be examined.  Their exams will include RIAs advising retail investors as well as private funds.  Review of compliance programs of RIAs, including whether those programs and their policies and procedures are reasonably designed, implemented and maintained. OCIE has a particular interest in the accuracy and adequacy of disclosures provided by RIAs offering clients new types or emerging investment strategies, such as strategies focused on sustainable and responsible investing, which incorporate environmental, social and governance (ESG) criteria.  For additional information concerning investment companies, broker-dealers and municipal advisors, see the link provided above for the examination priorities for 2020.

Anti-Money Laundering Programs – Examiners will review for broker-dealer compliance with applicable anti-money laundering requirements, including whether firms are appropriately adapting their AML programs to address their regulatory obligations.

Financial Technology (FinTech) and Innovation, including Digital Assets and Electronic Investment Advice – OCIE will continue to examine SEC registered firms engaged in the digital asset space as well as RIAs that provide services to clients through automated investment tools and platforms, referred to as “robo-advisors.”

FINRA and MSRB – OCIE will continue its oversight of FINRA by focusing examinations on FINRA’s operations and regulatory programs and the quality of FINRA’s examinations of broker-dealers and municipal advisors. For all of the important details around these categories and more, click here for a complete copy of the 2020 National Exam Priorities. Contact us today if you need help with ongoing RIA compliance requirements.