Since 2014, the Securities and Exchange Commission (“SEC”) has been talking about proposing requirements for SEC registered investment advisers to obtain third party compliance reviews. The more recent being in Chairman Mary Jo White’s testimony given to the U.S. Senate Subcommittee on Financial Services and General Government Committee on Appropriations in April 2016, where she referenced that putting forth a proposal was still a high priority.
Industry expectations are that the proposal will be issued during the 4th quarter of 2016.
What Will Be Required?
The SEC has not provided any specific information on what the proposed rule will include, other than in November 2015 Chairman White told the U.S. House of Representatives’ Committee on Financial Services that such reviews will not replace SEC examinations, but rather be geared toward compliance program enhancement. This could be interpreted in a variety of different ways. For example, the proposal could mandate that advisory firms have their annual compliance program review performed by an independent reviewer at certain yearly intervals, such as every 2 years.
Another avenue could be that the review requirements focus on risks. In other words, advisory firms with certain types of risks, and/or those perceived by the SEC to be higher risk areas will be mandated to have more frequent independent reviews than those with less risk exposure. Also, the SEC may require that independent reviewers have certain qualifications when examining firms with higher risks. This would be similar to the requirements contained in Rule 206(4)-2 of the Investment Advisers Act of 1940 (commonly referred to as the Custody Rule), which mandates that SEC registered advisers deemed with certain types of custody obtain an annual “surprise” exam from an independent accountant and in some cases the independent accountant must be registered with and subject to inspection by the Public Company Accounting Oversight Board.
Without more guidance from the SEC, there is only speculation.
How will Advisers be Impacted and What Can They Do to Prepare?
It’s probably safe to say that all SEC registered investment advisers will be impacted one way or another upon implementation of a final rule. While the extent is yet unknown, there are a few steps that firms may want to take that will not only help with preparation, but also serve to strengthen compliance programs.
Step One: Review most recent annual review and ensure recommendations have been implemented. Also, evaluate the firm’s annual review process to determine what, if any, enhancements are needed. For example, consider the scope and depth of past reviews and look at testing performed. Ask questions, such as:
- Did the documentation/report include enough detail to determine when the review was performed, what was reviewed, the findings and any recommendations/corrections made?
- Is the testing process set up to focus on the firm’s risks and conflicts, in addition to requirements?
Step Two: Consider compliance resources to determine if sufficiently staffed. For example, does the Chief Compliance Officer have dual roles, such as being the President or Chief Operations Officer, and if so is, there enough time being dedicated to compliance.
Step Three: Plan on spending more money on compliance. Not only will it be needed if the SEC implements independent review requirements, but the SEC expects firms to allocate whatever resources are necessary to ensure firms have solid compliance programs in place.
Step Four: If you have never used an independent service provider to perform a review, now would be a good time. There are different types of reviews that can be performed, including an annual review, risk assessment and mock SEC exam. Each serves a different purpose, but all the reviews have the same overall ability to identify gaps that can be corrected before the SEC comes in.
Step Five: Utilize technology to the extent possible. There are a variety of ways technology can help firms with their compliance programs. For example, there’s technology that: (i) performs pre-trade compliance reviews, (ii) encrypts confidential information sent electronically, (iii) monitors employee personal trading and conflict activity, (iv) reviews firm trading for issues such as performance dispersion, (v) retains and monitors emails, instant messaging and social media and (vi) compares client names against OFAC list.
The financial industry is in the “age of compliance,” which probably will not change any time soon, so now is the time to look to your compliance efforts to determine if enhancements are needed.
For information on how Core Compliance & Legal Services, Inc. can assist with these steps or if you have questions, please contact us at (619) 278-0020.