Annual reviews need to be done at least once every year or even more often. Some firms conduct reviews every quarter, rather than just once a year.
For investment advisers registered with the Securities and Exchange Commission (“SEC”), annual reviews are mandated under Rule 206(4)-7 of the Investment Advisers Act of 1940 and require a review to be performed at least annually of a firm’s policies, procedures, and internal controls.
The core process of an annual review is to test the adequacy and effectiveness of those items in preventing violations of applicable federal and state regulations. Currently, state-registered advisers are not required to conduct an annual review, but it’s considered a best practice and is definitely recommended.
Conducting annual reviews helps identify where current policies and procedures need to be enhanced and whether additional policies and procedures need to be implemented to address risk within the firm. They’re an opportunity to find weaknesses and work to improve them, particularly when the firm partners with a third-party compliance consultant. Utilizing the experience and fresh eyes of an external consultant can help find gaps that your regular compliance team might not readily identify.
The minimum areas that should be examined during an annual review:
When conducting an annual review, below are the minimum areas that need to be scrutinized.
- Registrations and regulatory filings
- Disclosures to Clients
- Portfolio Management and Trading
- Identified Conflicts and Risks
- Custody and Safeguarding of Client Assets
- Privacy and Cybersecurity
- Business Continuity
- Marketing and Advertising
- Fee Billing and Valuations
The above areas should be reviewed comprehensively. Don’t get in the trap of just ticking off boxes for the sake of filling out paperwork; failure to assess and strengthen your policies and procedures can increase your risk of receiving heavy penalties from the SEC.
Weak Compliance Policies and Procedures Lead to Enforcement
In 2011, the SEC Compliance Program Initiative was implemented to target registered advisory firms that have failed to address previously identified deficiencies in their compliance programs.
The Compliance Program Initiative was formed by the SEC’s Enforcement Division’s Asset Management Unit, which teamed with the SEC’s Office of Compliance Inspections and Examination and within two years of its implementation, had brought enforcement actions against six advisory firms for having weak compliance policies, procedures, and internal controls.
Investment advisory firms should perform periodic assessments of their annual review process and make enhancements when necessary. Given SEC expectations, it’s important to ensure reviews remain sufficiently designed to determine the adequacy and effectiveness of your firm’s policies, procedures, and controls in preventing violations of applicable securities regulations.
Annual Reviews Help With Adapting to the Changing Regulatory Environment
Rules and regulations change often, and the only way to remain compliant year after year is to have a robust annual review process in place. CCOs are tasked with the responsibility of administering the firm’s compliance program, and they should ensure that the annual review process is a thorough one.
As a part of your annual review, especially moving into the new year, it can be helpful to review all compliance requirements for the year and schedule when you will perform specific actions. Our 2017 compliance checklist is a great start for planning what you’ll need to review for 2018 as well – and as the SEC publishes additional Risk Alerts, guidance, and new and revised rules, you can adapt your review calendar accordingly.
As a helpful tool, Core Compliance published a Risk Management Update (“RMU”), which discusses the SEC’s expectations and provides guidance on assessing and evaluating a firm’s annual review process. Click here for a full copy of our RMU titled “Enhancing Annual Reviews – Practical Considerations for Investment Advisers and Investment Companies.”