Late last year, the SEC’s Office of Compliance Inspections and Examinations (OCIE), now known as the Division of Examinations, issued a compliance risk alert warning investment advisers to ensure that their compliance programs are uniform and are uniformly applied across all branch office locations.

The alert summarized the findings from OCIE’s two-year Multi-Branch Initiative, in which it examined nearly 40 advisers’ main offices and their respective branches. Most of the advisers included in the initiative had 10 or more branches that were widely dispersed from the main office. Primarily, the report emphasized that compliance risks relating to supervising personnel and processes are heightened when the branch office has policies or procedures that differ from those of the main office.

In the report, OCIE further explains that more than half of the examined firms had policies and procedures that were either inaccurate or not consistently applied among branches, or both. Almost all firms had at least one compliance defect. Many of the deficiencies related to unrecognized custody of client funds, inadequate or inconsistent fee billing practices, failure to recognize and disclose conflicts of interests, or differences in portfolio management practices or other ways in which the firm’s advisers formulate or deliver investment advice.

We don’t typically venture into politics in the RIA Compliance Blog except to explain or predict regulatory trends, and this post is no exception. But something happened recently in the political realm that made me want to explain to non-Georgia natives how much we native Georgians really love our state.

In case you haven’t heard, the President of the United States claims that the recent presidential election held here in our home state of Georgia was fraudulent. This past weekend, he telephoned our Secretary of State, Brad Raffensperger, to explain the many reasons for his belief.

Near the end of the call, President Trump informed Raffensperger that his office has a list of about 4,500 people who had moved away from Georgia prior to the 2020 election but voted in the election anyway. Raffensperger’s attorney informed the President that the Secretary of State’s office has investigated the names on that list and has thus far has concluded that all the people on the list once lived in Georgia, moved out of state, then moved back to Georgia legitimately. This response truly perplexed President Trump, who said:

“How many people do that? They moved out, and then they said, ‘Ah, to hell with it, I’ll move back.’ You know, it doesn’t sound like a very normal — you mean, they moved out, and what, they missed it so much that they wanted to move back in? It’s crazy.”

Continue reading ›

The U.S. Securities and Exchange Commission yesterday issued long-anticipated changes to the rules governing marketing for RIAs, including managers of private funds. The changes are designed to modernize the rules to account for the era of digital communication and other marketplace “evolutions.” The rule changes also impact firms’ uses of testimonials and paid solicitors.

By a 5-0 vote, the amendments will replace prior separate rules into a single comprehensive rule that deals with advertising and solicitation. The replaced rules date back to the 1970s and earlier.

By and large, the rules allow for more flexibility. For instance, instead of a blanket prohibition of testimonials, the new rule permits testimonials if certain disclosures are made. These disclosure requirements dovetail with the emphasis on preventing conflicts of interests that was the focus of last year’s IA Release 5248, relating to advisers’ fiduciary duty. The rules also create additional questions related to marketing on Form ADV Part 1.

In conjunction with a speech delivered by its Director last month, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert discussing significant compliance deficiencies its examination staff had identified relating to Investment Advisers Act Rule 206(4)-7 (the “Compliance Rule”). The alert followed on the heels of prior Risk Alerts that addressed Compliance Rule deficiencies, among others, as having been the frequent subject of compliance-related findings by OCIE staff. Many of the deficiencies discussed in the Risk Alert are particularly relevant to growing RIAs who are attempting to assure that their compliance programs evolve and improve as they continue their growth.

The Compliance Rule requires, among other things, that RIAs must design, adopt and put into place written procedures and policies designed to prevent and detect violation of the Advisers Act and its rules. The Compliance Rule also requires the RIA to review the adequacy of those procedures annually. It also requires the RIA to appoint a competent Chief Compliance Officer who is empowered with the responsibility to develop and enforce policies that are appropriate to the firm.

The Risk Alert listed many examples of the types of deficiencies noted during examinations, including inadequate allocation of compliance resources. As we have discussed before, an RIA must assure that the CCO has sufficient time and resources to do the job. This means, for many small and growing RIAs, that the CCO’s compliance role should be exclusive and noncompliance tasks should be reallocated to other employees. There is no prohibition on the CCO having other roles within the organization, but where there are compliance deficiencies, the inability of a CCO to commit sufficient time to compliance will usually be cited as a structural deficiency. The CCO must be permitted, if not encouraged, to obtain additional training and to hire extra compliance staff when needed. Outside consultants or law firms are encouraged when necessary to enable the firm to meet its compliance obligations.

In a speech last month, Peter Driscoll, the director of the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE), stressed that registered investment advisers must take steps to grant authority to their Chief Compliance Officers, pointing out that the failure to do so is often cited as a deficiency following RIA audits. Driscoll explained that CCOs must be supported and empowered by an RIA’s upper management and that OCIE examiners are looking closely to determine whether that is or is not happening at a particular firm.

Driscoll’s speech comes on the heels of the SEC’s upholding a FINRA enforcement action against the CCO of a broker-dealer who was fined $45,000 and given a 90-day suspension for failing to follow up on “red flags” that the broker-dealer was making payments to a firm owned by a barred broker. A federal appellate court recently affirmed that decision. The speech seemed designed, in part, to allay concerns by CCOs that they are at risk of becoming frequent enforcement targets. Consistent with prior SEC guidance, Driscoll’s speech highlighted that compliance failures are more often the result of other senior firm officers not sufficiently fulfilling their roles to assure that the compliance function is adequately staffed and complied with. Compliance should not fall entirely “on the shoulders of the CCO,” he said.

Too often, says Driscoll, OCIE sees firms take a “check-the-box” approach to their CCO position, meaning they are given just enough authority to complete the bare minimum compliance tasks but aren’t fully integrated into the ongoing operations, direction, or major decisions of the company. He notes that in many examination meetings, the CCO stays quiet as the company’s other senior executives dominate answers to core compliance questions. In other instances, he says, firms try to use the CCO as a “scapegoat” to cover failings by other firm personnel to follow clear policies or guidance. When OCIE notices that the CCO is turned into a target for every compliance problem identified, while CEOs take no responsibility, it is an indication that the firm has not set the proper tone and the top that is critical to all good compliance programs.

Earlier this year, the North American Securities Administrators Association (NASAA), through a working group within the Senior Issues/Diminished Capacity Committee, issued a report of findings and recommendations relating to issues of cognitive impairment or diminished capacity that may affect investment advisers and other financial professionals. The report summarized information received by the working group from registered investment advisers, broker-dealers, and compliance consultants in the industry. The findings focused on communication, education, and succession planning as key elements of an effective plan to address impairment issues.

Of course, an adviser suffering from diminished capacity could face serious difficulties relating to his or her work, including not being able to provide effective service to the client or to comply with responsibilities under the securities laws, including meeting the standards of conduct and maintaining adequate books and records. Those interviewed in connection with the study indicated that the industry welcomes continued regulatory engagement and continued input on this subject. Many of them also identified existing guidance from NASAA, the Securities Industry and Financial Markets Association, and the Financial Services Institute as being resources they currently consult when issues arise.

Among the key areas considered are how firms can recognize signs of diminished capacity and how they should consider dealing with issues that arise. The report encouraged firms to consider implementing an appropriate training program to enable staff to detect “red flags” of impairment by an adviser and a mechanism to communicate concerns freely within an organization. While dementia associated with aging is still the most common reason for impairment, other underlying causes include accidents and traumatic injury, side effects from medications, a non-dementia medical diagnosis, and drug or alcohol addiction. When a situation is detected, how a firm should confront the adviser is a key issue, and one that may be fraught with both practical and legal considerations. The report summarized a few instances where firms had successfully dealt with such issues and stressed that sensitivity and respect should be paramount in every such encounter.

Last week the Securities and Exchange Commission (“SEC”) and the Financial Industry Regulatory Authority (“FINRA”) released updated guidance to the disciplinary disclosures section of Form CRS. The purpose of Form CRS is to provide a succinct summary of the business of the Investment Adviser or Broker-Dealer to provide a retail investor with the proper information to make an informed decision regarding whether an investment advisory or brokerage relationship is in the best interest of the investor. Form CRS also provides a platform to generate questions for clients to ask their financial professional to spark a conversation regarding the disclosures. Likewise, the purpose of the disciplinary section of the Form CRS is to give an overall indication as to whether the firm or its financial professionals have disciplinary history to disclose.

The SEC and FINRA place a high level of importance on ensuring that firms adequately disclose their disciplinary history to provide full and accurate disclosure to retail investors. Since June 30, 2020, the required implementation date of Form CRS, the SEC and FINRA have examined investment advisers to determine compliance with the guidance regarding Form CRS and Regulation BI. In its examinations, the regulators determined that many investment advisory and brokerage firms were either not providing a response to the disciplinary section or providing more details than the section’s instructions require. The following are summaries of the updated guidance on Form CRS disciplinary disclosures:

Continue reading ›

The Office of Compliance Inspections and Examinations (“OCIE”) published a Risk Alert highlighting the need for investment advisers to prevent unauthorized access to client data stored on websites.

Recently, cyber attackers have used “credential stuffing” and other methods to breach web-based user accounts. Credential stuffing is when a hacker combines lists of stolen account information from the dark web and customized scripts to compromise user names and passwords to other sites. Hackers prefer this method because it seems to be more efficient and successful than more traditional methods of hacking, like a brute force attack.

OCIE has the following recommendations for Investment Advisers to consider in protecting themselves and their websites against credential stuffing attacks: Continue reading ›

In July 2020, the Securities and Exchange Commission issued supplemental guidance relating to the duties of investment advisers with respect to proxy voting. This follows guidance issued in 2019, which we have discussed before. The prior guidance was issued in connection with amended rules finalized at the same time which dealt with proxy solicitations under the federal securities laws. Those amendments were designed to grant companies that issue stock to obtain advisory firms’ recommendations on proxy issues in advance of the proxy submission deadline. As a result, the issuer has time to submit additional materials as part of the proxy solicitation.

As a result of the new rules, proxy voting services will be forced to share their voting recommendations with the issuers of the securities at or prior to the providing the recommendations to their institutional clients, and if issuers submit additional information in response, must also disclose such information to the clients. The proxy advisers must also disclose any conflicts of interest that might exist that could reasonably be expected to influence their recommendations.

The effective date of the amended rule is 60 days after publication. Proxy advisory firms must comply with the amendments by December 1, 2021. The supplemental guidance became effective on September 3, 2020. Continue reading ›

As illustrated in two recent cases, the SEC’s Enforcement Division continues to root out RIAs that receive excessive undisclosed fees, particularly 12b-1 fees and mutual fund revenue sharing payments. As we have noted repeatedly, the SEC has focused on this issue in the last several years. At issue is whether an adviser properly disclosed to its clients that its representatives or an affiliated broker-dealer would receive 12b-1 fees based upon the recommendation of a mutual fund share class that pays such a fee when other classes that do not carry such a fee are available to the client.

In the first case, SCF Investment Advisors (SCF), a California-based registered investment adviser, consented to more than $700,000 in monetary sanctions imposed by the SEC relating to the firm’s practice of receiving 12b-1 fees in advisory accounts without proper disclosure. According to the order, SCF used mutual funds and money market funds that paid 12b-1 fees, although the receipt of those fees was not disclosed to clients and less expensive alternatives were available. The firm’s affiliated broker-dealer also received revenue sharing payments, a practice that was also not disclosed. As a result of those charges, SCF and its affiliates were unjustly enriched, and the clients’ performance was lower than it would have been had the practices not existed.

In 2018, the SEC granted RIAs the opportunity to enter into consent orders that did not carry civil penalties by self-reporting the receipt of undisclosed 12b-1 fees. In those cases, however, the firms would nevertheless be required to reimburse clients the amounts received in 12b-1 fees. In April of this year, as a result of that self-disclosure initiative, the SEC announced that the initiative resulted in 95 RIAs returning nearly $140 million to their customers. Continue reading ›

Contact Information