Mayer Brown a global law firm recently published their very thorough Legal Update on the SEC’s OCIE Risk Alert published on November 19, 2020, discussing its observations from a series of examinations that focused on SEC Registered Investment Advisers related to compliance rule 206(4)-7 under the Investment Advisers Act of 1940.
The Risk Alert includes a comprehensive set of compliance program deficiencies that OCIE has identified in a sample of deficiency letters from recent SEC Registered Investment Advisers examinations. Also included in this Legal Update is a link to OCIE’s National Investment Adviser/Investment Company Compliance outreach 2020 seminar focusing on the role of the SEC Registered Investment Adviser’s Chief Compliance Officer.
From a high level, the Compliance Rule Deficiencies and Weaknesses identified by OCIE in the Risk Alert cover the following topics:
- Inadequate Compliance Resources
- Insufficient Authority of CCOs
- Annual Review Deficiencies
- Implementing Actions Required by Written Policies and Procedures
- Maintaining Accurate and Complete Information in Policies and Procedures
- Maintaining or Establishing Reasonably Designed Written Policies and Procedures
I encourage you to review Mayer Brown’s Legal Update. If you need assistance with your RIA ongoing compliance requirements, contact us today for your free consultation!
To all of our clients, we hope you have a safe and wonderful holiday!
RIA Compliance. Recently, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a risk alert outlining certain compliance risk and considerations for SEC-registered broker dealers and registered investment advisors during the COVID-19 pandemic. The pandemic has created uncertainty among firms regarding how they should comply with their regulatory requirements while members of their firm may be working from home.
To help firms address some of this uncertainty, OCIE made a number of observations and suggestions that broadly address the following areas:
(1) protection of investors’ assets;
(2) supervision of personnel;
(3) practices relating to fees, expenses, and financial transactions;
(4) investment fraud;
(5) business continuity;
(6) the protection of investor and other sensitive information.
The Risk Alert is provided with this link. I encourage all registered investment advisors to read the Alert and remain vigilant with your firm’s practices during these uncertain times. If you need assistance with your RIA Compliance contact us today for a free consultation!
State registered investment advisors. NASAA released its 2019 annual report outlining their guidance from the state registered investment advisor firms it examined between January and June 2019. The complete NASAA report can be found here. Below is a summary of “Best Practices” included in the NASAA report, for state registered investment advisors.
Recommended Best Practices for Investment Advisers
Based on the 2019 sample data, NASAA recommends the following “Best Practices” as a guide to assist investment advisers in developing compliance practices and procedures.
• Review and revise Form ADV and disclosure brochure annually to reflect current and accurate information.
• Review and update all contracts.
• Prepare and maintain all required records, including financial records. Back-up electronic data and protect records. Document checks forwarded.
• Prepare and maintain client profiles or other client suitability information.
• Prepare a written compliance and supervisory procedures manual relevant to the type of business to include business continuity plan and information security policies/procedures.
• Keep accurate and current financials. File timely with the jurisdiction. Maintain surety bond if required.
• Calculate and document fees correctly in accordance with contracts and ADV.
• Review all advertisements, including website and performance advertising, for accuracy.
• Implement appropriate custody safeguards, especially for direct fee deduction.
• Review solicitor agreements, disclosure, and delivery procedures.
NASAA also provided in their report a link to their cybersecurity checklist that firms may find help. Click here for that link.
Registered Advisor Services is here to help your firm with your ongoing compliance needs. Contact us today for a free consultation!
RIA Compliance Services. Yesterday, OCIE released a Risk Alert for registered investment advisors outlining their examination focus on the new Form CRS (“Relationship Summary”). OCIE’s examinations after the filing deadline of June 30, 2020 will focus on the following relating to the relationship summary:
Filing & Delivery of the Form CRS
- Was the Form CRS by the June 30, 2020 deadline;
- Was the Form CRS delivered to Retail Investors by July 30, 2020 (within 30 days of filing on the IARD system);
- Has the firm delivered to new Retail Investors before or at the earliest of?
- Entering into an investment advisory contract;
- A recommendation to a retail investor of an account type, a securities transaction, or an investment strategy involving securities;
- Placing an order for the Retail Investor, or
- Opening a brokerage account for the Retail Investor.
Content of the Form CRS
- Does the relationship summary include all the required information based on the instructions; contain true and accurate information; is it consistent with information in the Brochure; are all conflicts of interest disclosed; how firms are compensated is properly disclosed; and, disciplinary history is properly disclosed.
OCIE will confirm the relationship summary is Formatted in accordance with the instructions.
- They will review your policy & procedures for updating the relationship summary; assess how your firm updates and files the relationship summary within 30 days of information becoming materially inaccurate; assess how your firm communicates these changes to retail investors within 60 days after the update; and, assess your firm’s process for highlighting to your retail investor the most recent changes including an exhibit highlighting or summarizing the change.
- OCIE will review your firm’s records for delivery of the relationship summary to your clients and review your policies and procedures regarding your recordkeeping obligations.
The IARD system will begin accepting the filing of the relationship summary as of May 1, 2020, with the deadline of June 30th for the relationship summary to be filed. If you need guidance with the preparation and filing of this relationship summary call us today! We’re here to provide you with our RIA compliance services.
RIA Registration Services. With less than a month to go before the end of the first quarter of 2020, many registered investment advisor (RIA) firms are reviewing their Form ADV Part 1 Annual Amendment. This review is in preparation of updating several sections within that document and submitting it by the deadline of March 31, 2020. These are RIA firms that have a December fiscal year end.
Several questions on the Form ADV Part 1 Annual Amendment raise questions as RIA firms are preparing the information for this filing.
As a reminder: Section 5, Information about your Advisory Business – Employees, Clients and Compensation. Specifically, Question 5K (1) Separately Managed Account Clients. For purposes of the Form ADV, “Separately Managed Account clients” are generally defined as all of your clients who investment advisors provide investment advice to EXCEPT, private funds, business development company and mutual funds. Outside of private funds, business development company and mutual funds, all other types of ‘clients’ come under this term. (i.e., individuals, High Net Worth client, corporations, pension plans, etc.).
The next question that is Question 5K (4). This is the question that is asking the advisor to provide the name of the custodian(s) that holds 10% or more of your client’s regulatory assets under management. The reporting on the corresponding schedule for Question 5K (4) is to include the name of the custodian/address, CRD/SEC number and the corresponding assets held by that custodian(s).
If you need assistance with your Form ADV Part 1 Annual Amendment filing or any other investment advisor compliance needs, contact Registered Advisor Services today for a free consultation! Your RIA Registration Services partner.
Financial Advisor Consultant. Recently the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) provided their examination observations concerning cybersecurity that includes operational practices registered investment advisor firms consider when reviewing your internal cybersecurity policy and procedures.
The topics in OCIE’s exam observations include:
Governance and Risk Management – assess your RIA firm’s ‘tone from the top’ and senior leaders buy in to your firm’s cybersecurity protocols.
Access Rights and Controls – review the access rights and controls for your RIA firm to determine the location of your client’s data; assess how you currently restrict access to your systems and data to unauthorized users; and establish appropriate controls to prevent and monitor for unauthorized access.
Data Loss Prevention – review your investment advisor firm’s tools and processes to ensure that sensitive data, including client information, is not lost, misused or accessed by unauthorized users.
Mobile Security – this section provides observations and guidance on what current RIA firms use to manage personal mobile devices to ensure compliance and protection of the investment advisor firm’s information.
Incident Response and Resiliency – review your procedures for timely detection and appropriate disclosure of material information regarding incidents; and assess the appropriateness of corrective actions taken in response to incidents.
Vendor Management – perform due diligence for your RIA firm’s vendor selection; monitor and oversee vendors and contract terms; assess how those relationships are considered within the investment advisory firm’s risk assessment process; and, review how vendors protect any accessible client information.
Training and Awareness – These are key components to a firm’s cybersecurity program by providing employees with information about cyber risks and responsibilities that heightens awareness of cyber threats.
Click here, for the complete list of examination observations on cybersecurity observations! Let Registered Advisor Services be your Financial Advisor Consultant for your important registered investment advisor compliance needs.
Help with ongoing RIA compliance requirements. The Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) has now published its examination priorities for 2020. The themes for 2020 are similar to 2019 and are included here and below is the detail:
- Retail Investors, Including Seniors and Those Saving for Retirement
- Market Infrastructure
- Information Security
- Focus Areas relating to Investment Advisors/Investment Companies/Broker-Dealers and Municipal Advisors
- Anti-Money Laundering
- Financial Technology (FinTech) and Innovation, including Digital Assets and Electronic Investment Advice
- FINRA and MSRB
Retail Investors, Including Seniors and Those Saving for Retirement -OCIE will focus examinations on the disclosure and calculation of fees, expenses, and other charges investors pay, and conflicts of interest. They will assess whether registered investment advisors (RIAs) provide advice in the best interests of their clients and eliminate or at least expose through full and fair disclosure, all conflicts of interest which might include an RIA to render advice that is not disinterested. After the June 30, 2020 compliance date for Regulation Best Interest and Form CRS, OCIE intends to assess implementation of the requirements of the new rule, including policies and procedures regarding conflicts disclosure and the content and delivery of Form CRS.
Market Infrastructure – OCIE will continue to examine entities that provide services critical to the proper functioning of capital markets. They will conduct examinations of firms which include, among others, clearing agencies, national securities exchanges, alternative trading systems and transfer agents, focusing on certain aspects of their operations and compliance with recently effective rules.
Information Security– OCIE’s examination programs will prioritize cybersecurity and other information security risks with an emphasis on, among other things, proper configuration of network storage devices, information security governance, and policies and procedures related to retail trading information security. OCIE will continue to focus and assess RIA’s protection of clients’ personal financial information.
Focus Areas Relating to Investment Advisors, Investment Companies, Broker-Dealers and Municipal Advisors – OCIE’s examination of RIAs will focus on never been examined advisors, including new RIAs and RIAs registered for several years and have yet to be examined. Their exams will include RIAs advising retail investors as well as private funds. Review of compliance programs of RIAs, including whether those programs and their policies and procedures are reasonably designed, implemented and maintained. OCIE has a particular interest in the accuracy and adequacy of disclosures provided by RIAs offering clients new types or emerging investment strategies, such as strategies focused on sustainable and responsible investing, which incorporate environmental, social and governance (ESG) criteria. For additional information concerning investment companies, broker-dealers and municipal advisors, see the link provided above for the examination priorities for 2020.
Anti-Money Laundering Programs – Examiners will review for broker-dealer compliance with applicable anti-money laundering requirements, including whether firms are appropriately adapting their AML programs to address their regulatory obligations.
Financial Technology (FinTech) and Innovation, including Digital Assets and Electronic Investment Advice – OCIE will continue to examine SEC registered firms engaged in the digital asset space as well as RIAs that provide services to clients through automated investment tools and platforms, referred to as “robo-advisors.”
FINRA and MSRB – OCIE will continue its oversight of FINRA by focusing examinations on FINRA’s operations and regulatory programs and the quality of FINRA’s examinations of broker-dealers and municipal advisors. For all of the important details around these categories and more, click here for a complete copy of the 2020 National Exam Priorities. Contact us today if you need help with ongoing RIA compliance requirements.
To our Registered Investment Advisor clients, we wish you all the best this holiday season and a happy and prosperous New Year!