A strong compliance program helps you achieve your business goals, supports your employees and your clients, and keeps you in your regulators’ good graces. In its 2022 Examination Priorities Report, the SEC has identified several areas of focus for Investment Advisors. These include significant areas of focus such as private funds, ESG Investing, standards of conduct, information security and emerging technology. They also highlighted core areas that they will be reviewing during examinations of Investment Advisors such as marketing, custody, valuation, conflicts, and related disclosures. They called out specific areas of concern, including ensuring that investment advice is in each client’s best interest, the oversight of service providers ensuring that sufficient resources exist to perform compliance duties. Below are some of the SEC’s specific concerns.
Duty of Care and Best Interest
The SEC will be focusing on ensuring advisors are providing adequate disclosures and are putting the best interest of their clients above those of the firm and its associated persons. The SEC did not prescribe specific ways to address these issues, as it recognizes that there can be many firm differences among advisors. In its examinations of Advisors, the SEC said that it will focus on areas such as revenue sharing arrangements, high fee products, wrap fee account recommendations, and the recommendation of proprietary products.
Information Security and Operational Resilience
With regard to information security and operational resilience, the SEC noted the importance of the following:
- Safeguarding customer accounts and preventing account intrusions, including verifying an investor’s identity to prevent unauthorized access.
- Oversight of vendors and service providers.
- Addressing malicious email activities such as phishing or account intrusions.
- Responding to incidents, including those related to ransomware attacks.
- Identifying and detecting red flags related to identity theft.
- Managing operational risk, considering that many associates work remotely.
The key to many of these issues is to implement and test the effectiveness of the firm’s compliance policies and procedures. Firms should identify when polices are not effective and change them to reduce risk to the firm and to the firm’s clients.
Fee and Expense Disclosures
The SEC continues to focus on fees, fee calculations and fee disclosures. Specifically, they stated that they will be concentrating on areas such as (a) advisory fee calculation errors, (b) inaccurate calculations of tiered fees, and (c) failures to refund prepaid fees for terminated accounts or pro-rated fees for onboarding clients.
Oversight of Service Providers
Advisors are required to provide oversight of the service providers they use in order to ensure that they are effectively meeting their commitments and that they are safeguarding sensitive client and firm information. The types of service providers vary and may include trading systems, proxy voting companies, email backup and business continuity and disaster recovery services, among others. The amount and type of due diligence required will depend on the nature of the service being provided, it’s importance and the risk associated with the service provided.
Firms should assess their service providers and their functions, as well as the firm’s policies and procedures around the methods and frequency for conducting these reviews. In all cases reviews should be documented.
Regulators are frequently looking at the quality of a firms’ compliance program, the qualifications of the Chief Compliance Officer and whether there are sufficient resources to meet all regulatory requirements. This is a determination that must be made on the nature and complexity of each firm. Finally, you should create a culture that considers compliance of upmost importance. When done successfully it can become a competitive advantage.
Your compliance program is designed to ensure that you operate within the rules, risks, and parameters set for your firm. Oyster Consulting’s experts have the knowledge and resources to objectively review your compliance program, conducting an analysis of your policies, procedures, business lines and risks so that you know where to refine your program and prioritize your tasks.