Join Oyster Consulting’s former regulators Patrick M. Dennis, Jeffrey HillerBill ReillyEvan Rosser and Ed Wegener in our new podcast mini-series, Regulators– Behind the Scenes.  In this episode, they share their experiences and perspectives as former SEC, FINRA and State regulators on Document Production and the importance of good communication with examiners. 


Transcript provided by Temi transcript services

Oyster:  Welcome to the Oyster Stew podcast, where we discuss what’s happening in the industry, based on what we see as we work with regulators and clients. Oyster consultants are industry practitioners; we aren’t career consultants. We’ve done your job and we know the issues you face. You can learn more about Oyster Consulting and the value we can add to your firm by going to our website – 

Patrick Dennis:  Welcome to “Regulators – Behind the Scenes,” an Oyster podcast mini-series. I’m Patrick Dennis, General Counsel of Oyster Consulting, and with me are other former regulators who are now working for Oyster: Jeffrey Hiller, former SEC Enforcement Senior Counsel and COO and CCO of several national advisory firms including Merrill Lynch and Morgan Stanley; Ed Wegener, who spent over 20 years at FINRA (and left about nine months ago) as Senior Vice President and Regional Office Manager for FINRA’s Midwest Region; Evan Rosser was also a former FINRA regulator for over 20 years; and Bill Reilley, a State of Florida regulator for over 30 years. I, Patrick Dennis, was at the SEC in Washington as well in both Corp FIN and the Division of Enforcement for eight and a half years. Let’s jump in.  

In this segment, we’re going to talk about exam document requests and the importance of good communications with the regulators.  Let’s talk about actually how you manage the exam, how you deal with that document request, and how you can work with it and work with the regulators on those kinds of things. It’s certainly been my experience the best way to do this is to assign a single point of contact or a single point person in connection with regulators. All of the requests come to that person, all of the requests for interviews, all of the additional document requests, all the need for clarification. It’s best if you can have one person that manages these, the entire exam for your firm, whether that’s the CCO or in-house legal or however you want to do it, but that’s certainly been my experience. We’d love to hear your thoughts on that and Ed’s thoughts on that. 

Ed Wegener:  So I think you’re right, Patrick, having a point person is really important. The regulators generally are assigning a point person for the examination, and they’ll usually announce who that is in their introductory letter. And doing that early is important too because the document requests start now, not when they show up on site, but several weeks before they show up on site. So what you’re going to see are requests being made electronically, the expectation that documents are provided electronically back in advance of the examiner showing up on site so that they can do those types of analytics that we were talking about earlier. So, assigning a point person at the time the examination is announced is critical. One nice thing about the fact that the records are being produced electronically is it makes it so much easier to manage document requests. I remember when we would do exams and we would be requesting some via paper, some via email, some in person – that it would get very difficult to keep track of all that. And then, when firms respond, knowing what’s been responded to often was an area that we would have discussions about because those things are provided electronically now, you can see exactly what was requested. You can see what was responded to when it was responded to, by whom. I think that that makes that part of the examination go much better. 

Patrick Dennis: Thanks, Ed. 

Jeffrey HIller: I would say on that point that I think naming a point person and having that individual create a good rapport with the examiners is probably one of the most important things you’re going to be confronted with. My practice has always been to meet with them every day for five minutes to make sure that we’re on target, that we’re getting the documents we need. If there is something that we changed our minds about, or they said, “you don’t have to produce X amount, you can produce Y,” that we document that and go over it in the morning. And so a good point person with good communication skills is probably one of the most important things at the outset of an examination. 

Patrick Dennis:  Yeah, I would agree with you. I remember, you know, 20 plus years ago, before everything was produced electronically, when you had different ideas or different concepts on how to produce documents and some folks would do it in binders, segregated by the request and be very, very organized. We’re very proud of how well they organized everything. And I remember working with some other folks and other clients that literally just would put it all in a box and say, “Here it is,” and let the regulators try and sort through it all. I’m not sure that was necessarily a good idea, but that was their thought; “they’re coming in and they asked for it here it is.” I don’t need to organize a board or anything else, but I think all you’re doing is making life more complicated for them, and that making efficient use of their time is helpful as well. But if we could talk a little bit about the data that people are asking for – how they’re doing it, how we can do that, and how you can organize that kind stuff would be helpful. Evan thoughts? 

Evan Rosser:  Yeah. Going back to that point person and on the data production, you want that point person to understand what’s being produced so that what is being produced to the regulators is, in fact, responsive to the regulators’ request. And a lot of times the regulators, and I think they should do this, they should ask you to provide an index or some other documents so they can tell what you’re producing in response to what requests, so they don’t have to go through and figure out well, is this responsive to the item a or B or C? But the other thing too, (and I’ll address this with the FINRA standpoint) FINRA has very broad jurisdiction; however, its jurisdiction does have limits. They are – they’re limited to broker-dealer records. However, there are a lot of documents that they feel are within their purview and are related to the broker-dealer. My only point on that would be, you can certainly ask why they want certain documents, what’s their basis for asking for certain documents, but I would not get into a jurisdictional debate on certain documents with any regulator without the advice of counsel. 

Patrick Dennis:  Yeah. I think I would agree with that. I think historically I would say that the SEC and FINRA are a little bit different. The SEC tends to stick to the federal rules of evidence and doesn’t ask you to create documents. If you have them, you have to produce them, but you’re not required to create them. FINRA, for a while, and I don’t know that they’re still doing this, but were very happy to ask you to create a document in a specific format, including all this specific information so they could easily manipulate that data to figure out what they wanted or get what information they wanted out of it. So it is a little bit challenging, but I think you do have a right to ask what the document is, why they’re asking for it and everything else. But I would certainly caution you that if it’s one of the firm’s required books and records, you better have it, instead of asking why they want it. Jeffrey, your thoughts. 

Jefferey Hiller: No, I agree with that wholeheartedly. And I think that you want to review every one of these documents before you submit them to the SEC, because you need to know what you’re saying in addition to what you’re telling them. And it would not be unusual for any firm to, in the course of producing documents, to find an exception. Well, maybe they reviewed everybody, they got all 99.9% of their certifications back, but they were missing one. You’re going to find stuff like that. Just note it, note that you found it, correct it, tell them that you corrected it. And so my experience has been really a lot of candor, and there are firms that have said, “Well, we’re going to say that attorney client privilege starts to…or our internal audit records…” Or whatever. I would be very cautious in what I would withhold and what I would give them in terms of, I would try to be as cooperative as possible, work with your Counsel to favor disclosure and transparency over not. But I think you do need to talk with Counsel. 

Patrick Dennis: Well, let’s, let’s talk about that a little bit in terms of, if you find a problem or if you realize you didn’t get all the certifications back that you thought you did, what, what’s the best approach here. Bill, your thoughts? 

Bill Reilly: I think it’s important that when that when records are requested and not provided, what’s the best angle here. And I think one of the things that, in order to be able to do that is, Jeff mentioned about going to your Counsel. You want to make sure is that you have a clear understanding that the records that are being provided, the firm understands. If someone comes out and says, for example, we want to look at your PNS blotter and firms say, “Well, we don’t have a PNS blotter. We have a Form, 7248.73,” or something like that. So I think it’s very important for the regulator and the firm to have a good understanding of an overview of those records. If records are not provided, and maybe there’s a misunderstanding again, you want to make sure that the regulator and the firm are talking the same language. 

If there is a question as to why a record was or was not provided, I think there needs to be a conversation. You know, we asked for this record, or a record that contains the following information. Because one of the things that a regulators going to do, if a record is not produced and that’s a required record. I will tell you too, there are a couple of States out there that are able to request records that may not be contained within the records under SEC 1783 and 84. And also on the advisor side, they need to be provided. So it’s good idea for the firms to have an understanding of the requirements, take a look at the document request and be prepared to discuss with Counsel as to why a record was or was not produced. 

Jefferey Hiller: Usually, I have a spreadsheet where some columns the regulators can see and some columns the regulators cannot see. But one of the columns they see is item number 17. You requested X, then there’ll be a row on June 20th. We agreed that we could hone the request and make it the following, and so I have a record of that. And to the extent I find things before the SEC or the FINRA or any regulator comes in, depending on the nature and scope, I would say 99 times out of a hundred, I would say to them in our opening meeting, during the course of producing the documents, “We found these exceptions. We’ve corrected them.” If during the course of the exam, you find anything and you can let us know our policy is to fix it before you leave.   Because we know that there are human errors, we try to fix it quickly. So you can use that to your benefit, and I think you gain credibility upfront if you can have that discussion. 

Ed Wegener:  Yeah. I think there’s a lot of debate about when and whether to let the SEC or FINRA or the States know you’ve identified a problem, gathering information before they find it. And to Jeffrey’s point, I would agree. I think you get a lot of credibility when you identify to them, “Hey, we noticed these issues. We wanted to let you know about it. Here’s what we’ve done to fix those issues.” I think you get a lot of credibility. So I would recommend doing it. I mean, I think it’s important though, to investigate that fully, when you identify those as issues, identify why they happened, identify any systems that may have caused them to go unidentified until the examination started and make sure, not just fixing the issue, but fixing some of the underlying reasons for the issue would go a long way as well. 

Patrick Dennis: Yeah. I mean, I think whether it’s a minor issue, those are pretty simple, but occasionally you’ll come up with what you would consider to be a fairly major issue or a serious problem. I think even then you’re probably better off identifying it and bringing it to their attention or saying, “You know, this is an issue and we’re working on it or we’ve identified this and we’re putting together a plan to correct it,” rather than ignoring it or hoping that they don’t find it because chances are they are going to find it, and if it’s a significant issue, you’re going to look even worse if you didn’t bring it to their attention when you found it. So your thoughts, Evan? 

Evan Rosser: I don’t think I have anything to add to that. 

Bill Reilly:  Patrick if I can just mention here. One of the things that I think is incumbent and when I was a regulator, this is something that we had our examiners, supervisors and so forth, make sure that they do, is that when a record request is made, document when it was made, how it was made, what the nature of the conversation or the written documentation and what the conversation was on the other side, because I can tell you, if there was ever a question about records not being produced, there would always be a conversation with staff at my office. In the State of Florida and at a mid-level or higher-level person at the firm, we would talk about it and make all efforts to (inaudible) information. There were situations where we just came to a situation where the records either wouldn’t be or couldn’t be produced. And there are potential repercussions, whether it be SEC, FINRA or the States for failure to produce required and requested books and records. 

Patrick Dennis:  Thanks, Bill. 

Oyster: Thanks for listening, and if you like what you heard, make sure to follow the Oyster Stew podcast on whatever platform you listen to. If you’d like to learn how we can help firms start, run, protect, and grow their business, visit our website at 

About The Podcast Speakers
Photo of Bill Reilly

Bill Reilly

Bill Reilly is a respected financial services professional with over 35 years of consulting and regulatory experience. Bill leverages his industry expertise and relationships with state and federal regulators and self-regulatory organizations to guide broker-dealers, investment advisers and law firms providing legal representation through both proactive and reactive regulatory processes and compliance issues.

Photo of Ed Wegener

Ed Wegener

Ed Wegener is an innovative compliance, risk management and supervisory controls expert with deep understanding of Federal Securities Laws and the rules of self-regulatory organizations, as well as technology optimization and risk mitigation. Prior to joining Oyster, Ed held several posts in FINRA, most recently as  Senior VP and Midwest Regional Director.

Photo of Evan Rosser

Evan Rosser

Evan Rosser is an experienced and respected securities industry professional with over 25 years of experience managing complex securities investigations for NASD/FINRA and providing compliance expertise to both broker-dealers and investment advisors.  Evan has served as CCO for both investment advisors and broker-dealers, as well as providing compliance support to numerous broker-dealers and registered investment advisors.

Photo of Jeffrey Hiller

Jeffrey Hiller

Jeffrey Hiller is an industry professional with over 25 years of experience, specializing in Investment Advisor services.  Prior to joining Oyster, Jeffrey was Chief Compliance Officer and Managing Director of Principal Global Investors where he created and managed the firm’s global compliance program. Jeffrey began his compliance career as Senior Counsel in the Securities and Exchange Commission’s Division of Enforcement in Washington, D.C.

Photo of Patrick Dennis

Patrick M. Dennis, Esq.

Patrick M. Dennis has been involved in the securities industry for over 30 years, most recently as one of the Founding Principals of Oyster Consulting, LLC, a compliance, regulatory, operations, clearing advisory, software and technology consulting firm for broker-dealers, investment advisers, mutual funds and hedge funds.

View Our Team