Articles Posted in Books and Records

|

Earlier this month, the Securities and Exchange Commission announced the examination priorities for registered investment adviser and broker-dealer examinations to be conducted in 2021 by the SEC’s Division of Examinations (formerly the Office of Compliance Inspections and Examinations).

The list included a continued focus on conflicts of interest, including examining for compliance with Reg BI (for broker-dealers) and with an investment adviser’s fiduciary duty. Among the matters examined will be whether RIAs comply with care and loyalty duties that arise from the fiduciary duty. Whether firms have taken appropriate steps to mitigate, disclose or eliminate conflicts of interest will continue to be a focus, with an emphasis on whether customers received enough information to be the basis of informed consent. The Division will also continue to prioritize examining information regarding investment products that carry elevated risks, such as certain ETFs, municipal securities, private placements, variable annuities, and microcap securities.

Not surprisingly, the Division will also focus on two areas that were emphasized over the last two years to varying degrees: ESG-related risks and disclosures and proxy voting practices. RIAs who offer asset management based on ESG principles will be questioned regarding their representations regarding products or services provided, including representations regarding third-party managers or products. The Division will also examine to ensure that proxies have been voted consistent with customer’s desires to invest in ESG focused investments.

Business continuity and disaster recovery plans will be a focus this year, including whether lessons learned during the pandemic have appropriately informed changes to such plans. A greater emphasis will also be placed on climate-related risks, due to greater instances of climate hazards experienced in recent years attributable to climate change. These types of issues will be of heightened concern for examinations of critical market participants such as clearing firms and market makers.

Continue reading ›

|

On June 3, 2020, the U.S. Securities and Exchange Commission filed suit against a company claiming to be an internet-only investment adviser, based on the firm’s failure to respond to a request for documents and information, in violation of the Investment Advisers Act and rules. The company, E*Hedge Securities, Inc., is registered as an investment adviser with the SEC. The complaint also alleges, however, that E*Hedge is not properly registered, as it is ineligible to claim the basis for registration of an “internet only” adviser under Rule 203A-2(e), and does not meet any other qualification for federal registration. E*Hedge’s President, Devon W. Parks, is also named as a defendant in the complaint.

The complaint alleges that in March 2020, E*Hedge began marketing investment opportunities relating to COVID-19 related products and services, particularly tests and treatments. The firm began operating a website at www.Covid19invest.com. It also used social media websites for the same purposes. Together the websites touted investments in companies involved in manufacturing vaccines, diagnostic tests, and treatments for COVID-19. E*Hedge’s website identifies the company’s primary business is to provide a platform for initial public offerings, offerings under Regulation A+, and private offerings under Rule 506 (c). Continue reading ›

|

Earlier this month the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued two related risk alerts on the subjects of Form CRS and Regulation Best Interest (Reg BI). The purpose of the risk alerts was to provide investment advisers and broker-dealers information regarding the anticipated scope and content of the examinations OCIE will conduct following the compliance date for Regulation Best Interest, and the filing deadline for Form ADV, Part 3. In this post, we summarize the risk alert relating to Reg BI.

The initial broker-dealer examinations will focus on whether firms have established policies and procedures reasonably designed to comply with Regulation Best Interest’s for distinct obligations: the duty to disclose; the duty of care; the duty to avoid or disclose conflict of interest; and the duty to adopt compliance procedures. In addition to assessing whether a registrant has adopted policies and procedures reasonably designed to comply with Regulation BI, the examinations will also assess the operational effectiveness of those procedures.

Continue reading ›

|

In our previous post, we described the SEC’s announcement of examination priorities in 2020 for the Commission’s Office of Compliance Inspections and Examinations (OCIE).  In that post, we discussed areas of examination that will apply to a large percentage of registered investment advisors and other regulated entities.  In this post, we focus on another priority, namely robo-advisers.

Otherwise known as automated investment platforms, “robo-advisers” have come under increased scrutiny by OCIE.  The number of these advisers has increased substantially over the last four years.  OCIE intends to focus on issues such as the eligibility of the robo-adviser to register with the SEC, marketing practices engaged in by robo-advisers, the ability to comply with fiduciary duty, the adequacy of the adviser’s disclosures, the effectiveness of the adviser’s compliance program, and the firm’s cybersecurity policies, procedures and practices.

Advisers Act Rule 203A-2(e) permits “internet only advisers” to register with the SEC, provided certain conditions are met and maintained.  Specifically, the adviser must provide investment advice to all clients exclusively through an interactive website and maintain records demonstrating that it does so.  Under the rule, an adviser may provide investment advice through means other than the internet to up to fourteen clients during any twelve-month period. Undoubtedly there are some firms that registered on this basis who were either not eligible at the time or, through the evolution of their business, have strayed from the conditions required to remain eligible for registration.

Continue reading ›

|

Earlier this week, the U.S. Supreme Court declined to take up a lower court ruling upholding the SEC’s authority to adopt and enforce FINRA’s Pay-to-Play rule, Rule 2030. That rule, which became effective in 2017, followed and was patterned after Rule 206(4)-5 under the Investment Advisers Act of 1940.  Adopted in 2010, the Advisers Act Pay-to-Play rule prohibits investment adviser firms and certain of its executives and employees, including representatives, from providing advisory services to government clients within two years after the firm or those covered employees make contributions to elected officials relating to the client.  Additionally, the rule prevents an adviser from directly or indirectly paying any third party to solicit advisory business from any government entity, with certain exceptions.  Finally, the rule prevents an adviser from coordinating or soliciting contributions for certain government officials or candidates in situations where the adviser is either seeking the business of the government entity or providing advisory services.

In 2016 FINRA adopted Rule 2030, which is substantially similar to the Advisers Act rule.  One of the chief motives for the adoption of the FINRA rule was to foreclose the possibility that registered representatives or FINRA member firms could circumvent the Advisers Act Rule, where the firms were dual registrants. Both rules have de minimis exceptions of $350.00 per election in contributions to any one official or candidate if the contributing associate was entitled to vote for the candidate, and $150.00 per official per election, to candidates for whom the associate is not entitled to vote.  Both rules also have recordkeeping requirements.

Both the SEC and FINRA have enforced their respective rules through administrative enforcement actions.

Continue reading ›

|

The North American Securities Administrators Association—also known as “NASAA”—a cooperative association consisting of the chief securities regulators for each of the 50 United States, as well as Canadian and Mexican jurisdictions, has recently voted to adopt a model information security rule. NASAA’s new model information security rule could—if widely implemented by the individual NASAA Member jurisdictions—ultimately have a broad impact on the compliance programs of state-registered investment advisers.

Among its many roles as a confederation of individual regulators, NASAA frequently drafts and circulates “model rules” to its Members, who eventually vote on and adopt these draft rules for use by the various Member jurisdictions. A “model rule” is a familiar regulatory tool, which essentially provides a template upon which laws, rules, and other regulations can be drafted. For example, many of the individual states’ securities acts are variants of the Uniform Securities Act of 2002, a model act created by a group of legal scholars, regulators and veteran attorneys. NASAA’s new model rule is just such a template for regulators. Individual states and other jurisdictions may—at their discretion—adopt it in whole, in part, or not at all. That said, we believe that, especially given the growing importance of cybersecurity issues, it will be used more likely than not as the states come around to developing rules to parallel those already in place at the federal (SEC) level.  Continue reading ›

|

In its latest Risk Alert, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) heeds advisers and broker/dealers to take a fresh look at their policies and procedures in the area of electronic customer record storage in light of shortcomings discovered by OCIE’s staff as part of recently-conducted regular examinations. These shortcomings include weak or misconfigured security settings on a network storage device that, in the worst-case event, could result in unauthorized access to customer information.

OCIE Risk Alerts are highly useful resources for compliance professionals to consider as these published notices serve as a window into not only the recent experiences of OCIE staffers out in the field, but also the thinking of OCIE management as to where it will be directing its staff to focus on in future examinations. In other words, if the management of OCIE warrants it important enough to publish a Risk Alert on an particular topic, registrants can be assured that future exams will likely focus on deficiencies in that area.

This most recent Risk Alert zeros-in on deficiencies uncovered by examiners with respect to how advisers and brokers are protecting their customers’ electronic records—specifically, records kept in the “cloud” or on other types of networked storage solutions. OCIE defines cloud storage as the “electronic storage of information on infrastructure owned and operated by a hosting company or service provider.” Obviously, such storage systems may be especially vulnerable to hacking or other nefarious activities, and as such, warrant robust protections. Continue reading ›

|

With annual compliance reviews in full swing this time of year, we write today to remind advisory firms to be sure to assess the sufficiency of their policies and procedures in the ever-developing area of electronic messaging.  Our note comes on the heels of a recent Risk Alert on this topic issued by the SEC’s Office of Compliance Inspections and Examinations or “OCIE,” which exhorts advisory firms to take a fresh look at their current compliance policies in light of the particular risks of non-compliance posed by the firm’s usage of electronic messaging.

“Electronic messaging,” as discussed in OCIE’s Risk Alert, refers to such mediums as text/SMS messaging, instant messaging, personal email, and personal or private messaging, but specifically excludes firm-wide email.  Notably, OCIE’s exclusion of firm email from analysis in the Risk Alert should not be read as diminishing an adviser’s compliance obligations to capture, store, and periodically review firm email communications.  Rather, as OCIE explains, “firms have had decades of experience complying with regulatory requirements with respect to firm email” and it is not as problematic from a compliance standpoint as compared to some of the newer technologies that run on third-party applications or platforms.  Continue reading ›

|

Following its publication of a Risk Alert in late 2017 detailing findings from examinations of municipal advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE) continues to examine municipal advisers in 2018.  In 2014, OCIE established the Municipal Advisor Examination Initiative to perform an examination on municipal advisers who recently registered for the first time.  OCIE performed over 110 examinations in the course of the Initiative and found that many municipal advisers did not have adequate knowledge of regulatory requirements for municipal advisers.  As a result, many municipal advisers were found not to be in adequate compliance with regulatory requirements pertaining to registration, recordkeeping, and supervision.  OCIE hoped that in publishing the 2017 Risk Alert, municipal advisers will be compelled to evaluate their policies and procedures to find possible areas for improvement.

Municipal advisers are obligated to register with the SEC pursuant to the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”).  The SEC established its municipal adviser registration rules in September 2013, and the rules became effective in July 2014.  The Dodd-Frank Act also established the Municipal Securities Rulemaking Board (“MSRB”), which exercises regulatory authority over municipal advisers.  OCIE’s examinations of municipal advisers covered “compliance with regulatory obligations including registration, statutory fiduciary standard of care, fair dealing, recordkeeping, and supervision, among other things.”  OCIE discovered that the most common deficiencies among municipal advisers related to registration, books and records, and supervision requirements. Continue reading ›

|

On April 13, 2015, the North American Securities Administrators Association (“NASAA”) adopted a model rule concerning business continuity and succession planning for investment advisers. The model rule is intended as guidance for state-registered investment advisers to determine how to develop succession planning policies and procedures. Investment advisers without business continuity and succession plans face serious risks if the adviser is temporarily or permanently unable to service its clients. Included with the model rule are scenarios to help illustrate when business continuity plans are important for an investment advisory firm and many questions to help determine how to craft the plan properly.

Many different types of disasters can strike an investment advisers’ business. From naturally occurring disasters such as hurricanes and snow storms to unnatural disasters like terrorist attacks or a sudden death, it is important to have thought about and created a succession plan to ensure that your clients’ interests are not harmed. A business continuity and succession plan allows the adviser to safeguard critical business functions so that your firm can continue as long as needed when a disaster strikes.
Continue reading ›

Contact Information
2987 Clairmont Rd
#200
Atlanta, GA 30329
Toll Free: (855) 322-2057Local: (404) 490-4060Fax: (404) 490-4058 jsparker@parkmac.com

Attorney Advertising

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2024, Parker MacIntyre
JUSTIA Law Firm Blog Design