- Regulatory Compliance
- Cybersecurity and Risk
- Performance Services
- Technology Solutions
SEC-registered investment advisers often ask: “What is the likelihood of our firm being chosen for an SEC examination? And if we are chosen, what are key areas the SEC is most likely to focus on?” Recent SEC guidance provides partial answers to both questions as summarized in this ACA Alert.
In January 2017, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced its examination priorities for 2017 which can be found here. One priority area is the examination of investment advisers who have never been examined. OCIE stated: “We are expanding our Never-Before Examined Adviser initiative to include focused, risk-based examinations of newly registered advisers as well as of selected advisers that have been registered for a longer period but have never been examined by OCIE.” In other words, advisers that have recently registered, or have been registered for some time without an SEC examination, have an increased chance of being chosen for an exam this year pursuant to this OCIE priority.
On February 7, 2017, OCIE issued a Risk Alert (“Risk Alert”), which can be found here, highlighting the top five most frequent deficiencies cited by SEC examiners based on a sample of over 1,000 examinations of investment advisers during the past two years. These top deficiency areas are summarized below.
Compliance Program Rule – Rule 206(4)-7
The Compliance Program Rule requires SEC-registered advisers to: (1) adopt compliance policies and procedures reasonably designed to prevent violations of the Investment Advisers Act of 1940; (2) review no less than annually the policies and procedures to ensure they are still effective; and (3) designate a Chief Compliance Officer to administer the firm’s compliance program. Typical deficiencies noted in OCIE’s Risk Alert included:
Advisers are required to make accurate and timely regulatory filings including Form ADV, Form PF, and Form D, among other possible filings depending on the adviser and their business. The Risk Alert noted examples of the following deficiencies:
Custody Rule – Rule 206(4)-2
Advisers with custody of client cash or securities must comply with the SEC’s Custody Rule. An adviser has custody if it or a related person holds, directly or indirectly, client funds or securities or has authority to obtain possession of them. For example, an adviser that serves as the general partner, managing member or other comparable position of a pooled investment vehicle generally has custody of client assets because the position typically gives legal ownership or access to client funds and securities. The Custody Rule is designed to protect client assets from unlawful activities or financial problems of the adviser. The Risk Alert noted examples of deficiencies in this area:
Code of Ethics – Rule 204A-1
The Code of Ethics Rule requires advisers to adopt and maintain a code of ethics that: (1) includes a standard of business conduct that the adviser requires of all supervised persons; (2) requires “access persons” to periodically report their personal securities transactions and holdings to the CCO or designee; and (3) requires access persons to obtain pre-approval before investing in an initial public offering or private placement. Advisers must also provide each supervised person with a copy of the code of ethics along with any amendments and require a written acknowledgement of their receipt. An adviser also must describe its code of ethics in Form ADV Part 2A and indicate that the code of ethics is available to any client or prospective client upon request. The Risk Alert noted examples of deficiencies in this area:
Books and Records – Rule 204-2
The Books and Records Rule requires advisers to make and keep certain books and records relating to their investment advisory business. Deficiencies noted in the Risk Alert included:
The Risk Alert and UK Advisers
ACA in London has worked with UK advisers who have been chosen for SEC examinations in the UK, as recent as December 2016. ACA notes that the top five deficiency areas in OCIE’s Risk Alert are also areas that the SEC has focused on when conducting certain examinations in the UK. While there is considerable overlap between SEC and FCA requirements in many compliance areas, the top five deficiency areas noted in OCIE’s Risk Alert are compliance requirements that are mostly unique to the SEC, with no close FCA counterpart requirement. Because UK advisers are typically most familiar with FCA regulations and expectations, and since the top SEC deficiency areas cover topics where there is a divergence between SEC and FCA regulations and expectations, UK advisers who fail to pay careful attention to these divergence areas will be particularly vulnerable to the top deficiencies noted in OCIE’s Risk Alert in the event of an SEC examination.
OCIE has stated that examinations of never-before examined advisers will be a priority for 2017. The SEC has been increasing its investment adviser examination staff in an attempt to conduct more adviser exams. OCIE stated in its Risk Alert that some of the top deficiency findings were referred to the SEC’s Enforcement Division. ACA therefore recommends that never-before examined SEC-registered advisers in the UK consider using the recent OCIE Risk Alert as an opportunity to conduct a review of their SEC compliance program to assess whether the firm would be adequately prepared if the SEC were to conduct an examination this year. The areas highlighted in OCIE’s Risk Alert would be an excellent starting point for advisers to consider as they assess their readiness for an SEC examination.
Please do not hesitate to contact us if you have any questions or would like to discuss any of these issues.
ACA Europe’s SEC support is led by the following consultants, supported by a wider team in the U.S., including more than 50 former SEC examiners.
Andrew joined ACA in 2013. He started working from ACA’s Los Angeles office, conducting mock SEC audits and providing compliance support services to investment advisers and private fund managers. He subsequently moved to head up the SEC practice in London in 2016. Prior to joining ACA, Andrew served in multiple positions during his 25-year career with the SEC. He spent five years in the SEC’s Head Office in Washington, D.C., and the balance in the SEC’s Los Angeles Regional Office, most recently as co-head of Investment Adviser/Investment Company Examinations, where he supervised teams of examiners conducting SEC inspections of investment advisers and investment companies; and co-head of Enforcement, where he supervised teams of attorneys and accountants conducting SEC enforcement investigations and litigation.
Crystal joined ACA in 2014, before joining the London team in 2016. Crystal started in ACA’s New York City office where she supported our consulting teams as they assist private fund managers with ongoing compliance needs. Crystal now conducts annual compliance program reviews, mock SEC inspections, email reviews, personal trading reviews, and focused reviews tailored to client-specific risk areas. She also contributes to internal projects and initiatives.
Copyright © 2017 ACA Compliance Group Holdings, LLC, Adviser Compliance Associates, LLC, Broker-Dealer Compliance Associates, LLC,
ACA Performance Services, LLC, ACA Technology, LLC, ACA Risk Strategies, LLC, and ACA Technology Surveillance, Inc. All rights reserved.