NASAA published two model rules in November 2020 related to continuing education requirements and written policies and procedures. While each state determines whether to adopt model rules, you should familiarize yourself with the requirements, not just so you can comply, but because some of the requirements are just good business practices.
- Get ready for more training. One of the new model rules requires six hours or more of annual continuing education; three hours of regulatory ethics and three hours on products and practices.
- Create a Code of Ethics with written policies and procedures, mapped to the regulatory requirements, that define how you prevent violations, supervise activity.
- Disclose if you vote proxies. If you do, have client-ready procedures that describe how you make decisions, manage conflicts and how clients can find out the outcome.
- Focus on handling and maintaining confidential information to protect client information and prevent the disclosure of other non-public information to avoid insider training. This must include physical security and cybersecurity.
- Have a thoughtful business continuity and succession plan that defines how you will continue to provide mission critical services in the event of system outages, inability to get to your office, or the unexpected loss of one or more employees.
For the do-it-yourself-er, NASAA included a 10-page grid of some of your regulatory requirements to help you map and develop your written policies and procedures.
If you prefer to spend your time focused on other things, consider getting a hand with compliance initiatives or outsourcing your compliance to dedicated professionals.
Oyster Consulting offers free resources to help you achieve success. Listen to our podcasts, read our blogs, or follow us on LinkedIn to hear from our experienced industry practitioners about ways to protect, run and grow your organization.
