Blog

SEC Exam Priorities for 2022 – Registered Investment Advisors

*The SEC Division of Examinations announced its 2022 examination priorities for Registered Investment Advisors as outlined below: *

Private Funds
The Division will focus on registered investment advisers (RIAs) who manage private funds.

Examinations will review issues under the Advisers Act, including an adviser’s fiduciary duty, and will assess risks, including a focus on compliance programs, fees and expenses, custody, fund audits, valuation, conflicts of interest, disclosures of investment risks, and controls around material nonpublic information.

The Division will also review private fund advisers’ portfolio strategies, risk management, and investment recommendations and allocations, focusing on conflicts and disclosures around these areas.

Environmental, Social, and Governance Investing (ESG)
The Division will continue its focus on ESG‑related advisory services and investment products, including mutual funds, exchange traded funds, and private fund offerings.

Examinations will focus on whether RIAs and registered funds are accurately disclosing their ESG investing approaches and have adopted and implemented policies, procedures, and practices designed to prevent violations of the federal securities laws in connection with their ESG‑related disclosures, including review of their portfolio management processes and practices.

Examinations will review the voting of client securities in accordance with proxy voting policies and procedures, including whether the votes align with their ESG‑related disclosures and mandates, and whether there are misrepresentations of the ESG factors considered or incorporated into portfolio selection.

Standards of Conduct: Regulation Best Interest, Fiduciary Duty, and Form CRS
The Division will continue to address standards of conduct issues for broker‑dealers and RIAs, with reviews focused on how they are satisfying their obligations under Regulation Best Interest and the Advisers Act fiduciary standard to act in the best interests of retail investors and not to place their own interests ahead of retail investors’ interests.

RIA examinations will focus on whether advisers are acting consistently with their fiduciary duty to clients, looking at both duties of care and loyalty, including best execution obligations, financial conflicts of interest and related impartiality of advice, and any attendant client disclosures.

Focus areas include: (1) revenue sharing arrangements; (2) recommending or holding more expensive classes of investment products when lower cost classes are available (e.g., RIAs that recommend no transaction fee mutual fund share classes that have 12b‑1 fees in wrap fee accounts where the RIA may be responsible for paying transaction fees); (3) recommending wrap fee accounts without assessing whether such accounts are in the best interests of clients, including the impact of the move to zero commissions on certain types of securities transactions by a number of broker‑dealers; and (4) recommending proprietary products resulting in additional or higher fees.

Such reviews also will include an assessment of the adequacy of RIAs’:

(1) compliance policies and procedures designed to address conflicts and ensure advice in the best interest of clients, including the cost of investing; and (2) disclosures to enable investors to provide informed consent.

Retail Investors and Working Families
The Division will continue to address standards of conduct issues for broker‑dealers and RIAs to ensure that retail investors and working families are receiving recommendations and advice in their best interests. Specifically, these examinations will focus on how registrants are satisfying their obligations under Regulation Best Interest and the Advisers Act fiduciary standard to act in the best interests of retail investors and not to place their own interests ahead of retail investors’.

Examinations will include assessments of practices regarding consideration of investment alternatives, management of conflicts of interest, trading, disclosures, account selection, and account conversions and rollovers.

Information Security and Operational Resiliency
The Division will review broker‑dealers’, RIAs’, and other registrants’ practices to prevent interruptions to mission‑critical services and to protect investor information, records, and assets.

Examinations will continue to review whether firms have taken appropriate measures to safeguard customer accounts and prevent account intrusions; oversee vendors and service providers; address malicious email activities, such as phishing or account intrusions; respond to incidents, including those related to ransomware attacks; identify and detect red flags related to identity theft; and manage operational risk as a result of a dispersed workforce.

The Division will also be reviewing registrants’ business continuity and disaster recovery plans, with particular focus on the impact of climate risk and substantial disruptions to normal business operations.

Emerging Technologies and Crypto‑Assets – The Division will conduct examinations of broker‑dealers and RIAs that are using emerging financial technologies (automated digital investment advice/mobile apps/robo‑advisers) to review whether the unique risks these activities present were considered by the firm when designing their regulatory compliance programs.

RIA and broker‑dealer examinations will focus on firms that are, or claim to be, offering new products and services or employing new practices to assess whether operations and controls in place are consistent with disclosures made and the standard of conduct owed to investors and other regulatory obligations; advice and recommendations, including by algorithms, are consistent with investors’ investment strategies and the standard of conduct owed to such investors; and controls take into account the unique risks associated with such practices.

Examinations of market participants engaged with crypto‑assets will continue to review the custody arrangements for such assets and will assess the offer, sale, recommendation, advice, and trading of crypto‑assets.

*The entire SEC Division of Examination 2022 Exam Priorities can be found here. *

Exam Priorities for 2021-Investment Advisors

As of December 17, 2020, the Office of Compliance Inspections and Examinations (OCIE) has been renamed as the Division of Examinations of the US Securities and Exchange Commission (“The Examinations Division” or “EXAMS”).

EXAMS has announced their examination priorities for 2021 that contains priorities emphasized in previous years, however this year they outline emerging risks, including those related to environmental, social and governance matters (“ESG”) and climate change.  

The new focus on ESG and climate change-related risks is consistent with recently announced initiatives from the SEC’s staff that further integrate climate change and ESG considerations into the SEC’s regulatory framework. For example, on March 4, 2021, the SEC’s Division of Enforcement announced the creation of a Climate and ESG Task Force, which will develop initiatives to proactively identify ESG-related misconduct and whose initial focus will be to identify material gaps or misstatements in issuers’ disclosure of climate risks under existing rules as well as analyze disclosure and compliance issues relating to investment advisors’ and registered funds’ ESG strategies.

 The themes for 2021 are included here and below is the detail: 

  1. Retail Investors, Including Seniors and Those Saving for Retirement
  2. Information Security and Operational Resiliency
  3. Financial Technology (Fintech) and Innovation, Including Digital Assets
  4. Anti-Money Laundering Programs
  5. Focus Areas Relating to Investment Advisors and Investment Companies
    1. Compliance Programs
    2. Registered Funds, including Mutual Funds and ETFs
    3. RIAs to Private Funds

Retail Investors, Including Seniors and Those Saving for Retirement: EXAMS will focus on compliance with Form CRS and whether investment advisors have fulfilled their fiduciary duties of care and loyalty. Specifically, EXAMS will examine whether registered advisors are appropriately mitigating conflicts of interest and, where necessary, providing disclosure of conflicts that is sufficient to enable informed consent by retail investors. With respect to those investments heavily used by retail investors or those that may present elevated risks, EXAMS will continue to prioritize these products, including mutual funds, exchange-traded funds (ETFs), municipal securities and other fixed income securities, variable annuities, private placements, and microcap securities. EXAMS also noted that examinations will review firms’ disclosures related to fees and expenses as well as registered advisors that operate and utilize turnkey asset management platforms (and whether fees and revenue sharing arrangements in such platforms are adequately disclosed).

Information Security: EXAMS will review whether investment advisors have taken appropriate measures to: safeguard customer accounts and prevent account intrusions, including verifying an investor’s identity to prevent unauthorized account access; oversee vendors and service providers; address malicious email activities, such as phishing or account intrusions; respond to incidents, including those related to ransomware attacks; and manage operational risk as a result of dispersed employees in a work from home environment. These types of risks have increasing become important as registered advisors have adopted remote working environments in light of the COVID-19 pandemic. EXAMS will focus on controls surrounding online and mobile application access to investor account information, the controls surrounding the electronic storage of books and records and personally identifiable information maintained with third-party cloud service providers, and firms’ policies and procedures to protect investor records and information.

Operational Resiliency/Business Continuity: EXAMS will continue to review business continuity and disaster recovery plans of registered advisors, but for 2021 will shift its focus to whether such plans, are accounting for the growing physical and other relevant risks associated with climate change. As climate-related events become more frequent and more intense, EXAMS has stated that it will review whether investment advisors are considering effective practices to help improve responses to large-scale events.

Financial Technology (FinTech) and Innovation, including Digital Assets and Electronic Investment Advice: EXAMS stated that examinations of market participants engaged with digital assets (including robo-advisory firms or traditional firms that rely on mobile or electronic platforms) will continue to assess the following: whether investments are in the best interests of investors; portfolio management and trading practices; safety of client funds and assets; pricing and valuation; effectiveness of compliance programs and controls; and supervision of representatives’ outside business activities.

Anti-Money Laundering Programs: EXAMS will continue to review for compliance with applicable anti-money laundering requirements, including evaluating whether registered funds have adequate policies and procedures in place that are reasonably designed to identify suspicious activity and illegal money-laundering activities.

Focus Areas Relating Specifically to Registered Advisors and Registered Funds:

Registered Advisor Compliance Programs: EXAMS will continue to review the compliance programs of registered advisors, including whether those programs and their policies and procedures are reasonably designed, implemented, and maintained in accordance with applicable federal securities laws. In evaluating the effectiveness of a compliance program, EXAMS stated that it frequently reviews whether registered advisors appear to have sufficient resources to perform core compliance responsibilities. This year EXAMS noted that it is focusing on registered advisors that employ investment strategies related to ESG factors, particularly products in these areas that are widely available to investors, including open-end registered funds and ETFs, as well as those offered to accredited investors such as qualified opportunity funds. To that end, EXAMS stated that it will review the consistency and adequacy of the disclosures registered advisors and fund complexes provide to clients regarding their ESG strategies, determine whether the firms’ processes and practices match their disclosures, review fund advertising for false or misleading statements, and review proxy voting policies and procedures and votes to assess whether they align with the strategies.

Registered Funds, Including Mutual Funds and ETFs:  EXAMS stated that its examinations of registered funds will focus on disclosures to investors, valuation, personal trading activities, contracts and agreements, and will include a review of fund governance practices and compliance programs.

Similar to prior years, EXAMS noted that it will prioritize examinations of mutual funds or ETFs that have not previously been examined or have not been examined in a number of years, and will generally focus such examinations on fund compliance programs and financial condition, particularly where funds have instituted advisory fee waivers. In addition, EXAMS stated that it will focus on compliance with exemptive relief, including for the newly created non-transparent, actively managed ETFs, and will also review funds’ and advisors’ disclosures and practices related to securities lending.

Registered Advisors to Private Funds: EXAMS will continue to focus on advisors to private funds, and will assess compliance risks, including a focus on liquidity and disclosures of investment risks and conflicts of interest. For 2021, EXAMS stated that it will also focus on advisors to private funds that have a higher concentration of structured products, such as collateralized loan obligations and mortgage backed securities, to assess whether the private funds are at a higher risk for holding non-performing loans and having loans with higher default risk than that disclosed to investors.

For all of the important details around these categories and more, click here for a complete copy of the Exam Priorities for 2021-Investment Advisors.

SEC Registered Investment Advisers

Mayer Brown a global law firm recently published their very thorough Legal Update on the SEC’s OCIE Risk Alert published on November 19, 2020, discussing its observations from a series of examinations that focused on SEC Registered Investment Advisers related to compliance rule 206(4)-7 under the Investment Advisers Act of 1940.  

The Risk Alert includes a comprehensive set of compliance program deficiencies that OCIE has identified in a sample of deficiency letters from recent SEC Registered Investment Advisers examinations.  Also included in this Legal Update is a link to OCIE’s National Investment Adviser/Investment Company Compliance outreach 2020 seminar focusing on the role of the SEC Registered Investment Adviser’s Chief Compliance Officer.  

From a high level, the Compliance Rule Deficiencies and Weaknesses identified by OCIE in the Risk Alert cover the following topics:

  1. Inadequate Compliance Resources
  2. Insufficient Authority of CCOs
  3. Annual Review Deficiencies
  4. Implementing Actions Required by Written Policies and Procedures
  5. Maintaining Accurate and Complete Information in Policies and Procedures
  6. Maintaining or Establishing Reasonably Designed Written Policies and Procedures

I encourage you to review Mayer Brown’s Legal Update.  If you need assistance with your RIA ongoing compliance requirements, contact us today for your free consultation!

Happy Thanksgiving

To all of our clients, we hope you have a safe and wonderful holiday!

RIA Compliance

RIA Compliance. Recently, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a risk alert outlining certain compliance risk and considerations for SEC-registered broker dealers and registered investment advisors during the COVID-19 pandemic.  The pandemic has created uncertainty among firms regarding how they should comply with their regulatory requirements while members of their firm may be working from home.

To help firms address some of this uncertainty, OCIE made a number of observations and suggestions that broadly address the following areas:

(1) protection of investors’ assets;

(2) supervision of personnel;

(3) practices relating to fees, expenses, and financial transactions;

(4) investment fraud;

(5) business continuity;

(6) the protection of investor and other sensitive information.

The Risk Alert is provided with this link.  I encourage all registered investment advisors to read the Alert and remain vigilant with your firm’s practices during these uncertain times.  If you need assistance with your RIA Compliance contact us today for a free consultation!

State registered investment advisors

State registered investment advisors.  NASAA released its 2019 annual report outlining their guidance from the state registered investment advisor firms it examined between January and June 2019.  The complete NASAA report can be found here. Below is a summary of “Best Practices” included in the NASAA report, for state registered investment advisors. 

Recommended Best Practices for Investment Advisers

Based on the 2019 sample data, NASAA recommends the following “Best Practices” as a guide to assist investment advisers in developing compliance practices and procedures.

• Review and revise Form ADV and disclosure brochure annually to reflect current and accurate information.

• Review and update all contracts.

• Prepare and maintain all required records, including financial records. Back-up electronic data and protect records. Document checks forwarded.

• Prepare and maintain client profiles or other client suitability information.

• Prepare a written compliance and supervisory procedures manual relevant to the type of business to include business continuity plan and information security policies/procedures.

• Prepare and distribute a privacy policy initially and annually.

• Keep accurate and current financials. File timely with the jurisdiction. Maintain surety bond if required.

• Calculate and document fees correctly in accordance with contracts and ADV.

• Review all advertisements, including website and performance advertising, for accuracy.

• Implement appropriate custody safeguards, especially for direct fee deduction.

• Review solicitor agreements, disclosure, and delivery procedures.

NASAA also provided in their report a link to their cybersecurity checklist that firms may find help.  Click here for that link. 

Registered Advisor Services is here to help your firm with your ongoing compliance needs. Contact us today for a free consultation!

RIA Compliance Services

RIA Compliance Services.  Yesterday, OCIE released a Risk Alert for registered investment advisors outlining their examination focus on the new Form CRS (“Relationship Summary”). OCIE’s examinations after the filing deadline of June 30, 2020 will focus on the following relating to the relationship summary:

Filing & Delivery of the Form CRS

  • Was the Form CRS by the June 30, 2020 deadline;
  • Was the Form CRS delivered to Retail Investors by July 30, 2020 (within 30 days of filing on the IARD system);
  • Has the firm delivered to new Retail Investors before or at the earliest of?
    • Entering into an investment advisory contract;
    • A recommendation to a retail investor of an account type, a securities transaction, or an investment strategy involving securities;
    • Placing an order for the Retail Investor, or
    • Opening a brokerage account for the Retail Investor.

Content of the Form CRS

  • Does the relationship summary include all the required information based on the instructions; contain true and accurate information; is it consistent with information in the Brochure; are all conflicts of interest disclosed; how firms are compensated is properly disclosed; and, disciplinary history is properly disclosed.

OCIE will confirm the relationship summary is Formatted in accordance with the instructions.

Updates

  • They will review your policy & procedures for updating the relationship summary; assess how your firm updates and files the relationship summary within 30 days of information becoming materially inaccurate; assess how your firm communicates these changes to retail investors within 60 days after the update; and, assess your firm’s process for highlighting to your retail investor the most recent changes including an exhibit highlighting or summarizing the change.

Recordkeeping

  • OCIE will review your firm’s records for delivery of the relationship summary to your clients and review your policies and procedures regarding your recordkeeping obligations.

The IARD system will begin accepting the filing of the relationship summary as of May 1, 2020, with the deadline of June 30th for the relationship summary to be filed.  If you need guidance with the preparation and filing of this relationship summary call us today!  We’re here to provide you with our RIA compliance services.

RIA Registration Services

RIA Registration Services.  With less than a month to go before the end of the first quarter of 2020, many registered investment advisor (RIA) firms are reviewing their Form ADV Part 1 Annual Amendment. This review is in preparation of updating several sections within that document and submitting it by the deadline of March 31, 2020.  These are RIA firms that have a December fiscal year end.

Several questions on the Form ADV Part 1 Annual Amendment raise questions as RIA firms are preparing the information for this filing.  

As a reminder:  Section 5, Information about your Advisory Business – Employees, Clients and Compensation.  Specifically, Question 5K (1) Separately Managed Account Clients.  For purposes of the Form ADV, “Separately Managed Account clients” are generally defined as all of your clients who investment advisors provide investment advice to EXCEPT, private funds, business development company and mutual funds.  Outside of private funds, business development company and mutual funds, all other types of ‘clients’ come under this term.  (i.e., individuals, High Net Worth client, corporations, pension plans, etc.).

The next question that is Question 5K (4).  This is the question that is asking the advisor to provide the name of the custodian(s) that holds 10% or more of your client’s regulatory assets under management.  The reporting on the corresponding schedule for Question 5K (4) is to include the name of the custodian/address, CRD/SEC number and the corresponding assets held by that custodian(s).

If you need assistance with your Form ADV Part 1 Annual Amendment filing or any other investment advisor compliance needs, contact Registered Advisor Services today for a free consultation!  Your RIA Registration Services partner.

Financial Advisor Consultant

Financial Advisor Consultant.  Recently the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) provided their examination observations concerning cybersecurity that includes operational practices registered investment advisor firms consider when reviewing your internal cybersecurity policy and procedures.

The topics in OCIE’s exam observations include:

Governance and Risk Management – assess your RIA firm’s ‘tone from the top’ and senior leaders buy in to your firm’s cybersecurity protocols.

Access Rights and Controls – review the access rights and controls for your RIA firm to determine the location of your client’s data; assess how you currently restrict access to your systems and data to unauthorized users; and establish appropriate controls to prevent and monitor for unauthorized access.

Data Loss Prevention – review your investment advisor firm’s tools and processes to ensure that sensitive data, including client information, is not lost, misused or accessed by unauthorized users.

Mobile Security – this section provides observations and guidance on what current RIA firms use to manage personal mobile devices to ensure compliance and protection of the investment advisor firm’s information.

Incident Response and Resiliency – review your procedures for timely detection and appropriate disclosure of material information regarding incidents; and assess the appropriateness of corrective actions taken in response to incidents.  

Vendor Management – perform due diligence for your RIA firm’s vendor selection; monitor and oversee vendors and contract terms; assess how those relationships are considered within the investment advisory firm’s risk assessment process; and, review how vendors protect any accessible client information.

Training and Awareness – These are key components to a firm’s cybersecurity program by providing employees with information about cyber risks and responsibilities that heightens awareness of cyber threats.

Click here, for the complete list of examination observations on cybersecurity observations!  Let Registered Advisor Services be your Financial Advisor Consultant for your important registered investment advisor compliance needs.