On episode 35 of the CCO Buzz we discuss some key takeaways from each session of the 2019 Core Compliance Workshop.
CCO Buzz: Hello and welcome back! This was a BIG week for us here at Core Compliance, because not only did the government resume for the most part (pending February 15th), but we also had our 2019 Annual Core Compliance Workshop in Anaheim, CA. The event went amazing, for those of you who were wondering. Our attendees had the exclusive opportunity to address their educational needs and concerns regarding the compliance industry in an intimate workshop setting. For those of you who missed out and were unable to attend, episode 35 of the CCO Buzz is just for you! We are going to discuss some key takeaways from the workshop and each of their sessions.
The first session, “Best Practices for Identifying and Mitigating Risks and Conflicts,” was hosted by two panelists, Core Compliance’s Lead Senior Compliance Consultant Tina Mitchell and Founder of Compliance-Minded, LLC Casey Jones. From their session, attendees learned that:
- Firms should regularly perform and document a risk assessment and conflict inventory, at least annually;
- That firms should also, eliminate risks and conflicts whenever possible, or must otherwise mitigate and disclose;
- That it is necessary and mandatory to have strong policies, procedures, and internal controls (this includes a testing and assessment process); and that
- Firms must practice robust disclosure, this can be done through client agreements, Form ADV, and offering documents.
Attendees of this session also learned that a rule of thumb for conflicts is to “follow the money”, while a rule of thumb for risks is “think of exposure and what issues could happen.”
Workshop two, “Regulatory Considerations for Servicing Senior Investors,” featured Core Compliance’s Senior Compliance Consultant Kurt Nuñez and a Director from the Council on Aging, Southern California Kelli Jean Morris. In their session they discussed how financial exploitation is the largest growing and the most under reported form of abuse. And how both the SEC and FINRA have mandated internal control development to address diminished capacity and elder financial abuse. Some of the key takeaways, attendees gained were:
- How the creation of training programs is necessary for firms as employees need to be able to recognize signs of diminished capacity and elder financial abuse;
- How implementing a “Trusted contact” methodology should be a regular practice at firms to address at-risk clients; and
- The importance that all firms should review the “Senior $afe Act” to ensure that they are meeting the needs and regulations when it comes to servicing senior investors.
After a brief lunch, the workshop focused on, “Cybersecurity: Threats, Incidents and How to Prepare.” This session featured Compliance Consultant Adam Stutz and RightSize Solutions’ CEO Wes Stillman. In their session, attendees learned that:
- Cyber risk assessments should be performed at least annually, which should include a review of your incident response plans and policies and procedures to ensure they are up-to-date;
- Ongoing updates to policies and procedures, inventories, and data back-ups should be performed daily;
- Employees, senior management and corporate culture should remain engaged and strengthened through continuous ongoing cybersecurity training throughout the year;
- Firms should also rely on consultants and IT professionals to provide them with the technical support should you need to strengthen your networks and address cyber incidents; and
- Compliance departments should familiarize themselves with the identify theft notification requirements for each state where they conduct business, in case client Personal Identifying Information (“PII”) has been compromised.
The event closed out with Core Compliance’s CEO Michelle Jacko and Beach Street Legal’s Founder Chris Stanley. Their session, “Passing with Flying Colors: How to Prepare for an SEC Examination,” discussed current exam focus areas and the type of examinations that are being performed by staff. One portion that resonated with attendees most was their discussion on recently released Risk Alerts. Throughout the breakout session, attendees were able to assess that Risk Alerts:
- Provide current information on areas of concern for staff because they set an expectation of what the staff is concerned about and what Compliance Programs should focus on; and
- They foreshadow areas that will likely lead to formal investigation by the Division of Enforcement.
Overall, attendees of the 2019 Annual Core Compliance Workshop left with a multitude of information and integral tips to take back, discuss and implement at their firms and organizations. Our team at Core Compliance had a great time discussing and working through numerous case studies with attendees. For those of you who weren’t able to attend – hopefully you can join us next year.
If you have any questions or want to discuss any of the workshop topics further, please contact us at (619) 278-0020 or email us at firstname.lastname@example.org. Thank you.
Well that’s it for this week’s episode. If you’d like additional information, please check out our website at www.corecls.com. You can also follow us on Facebook, LinkedIn or Twitter @CoreCLS. Thank you and we hope you tune into next week’s episode of the CCO Buzz.