The advent of an SEC investigation is a serious and difficult event in the life of any organization, particularly registered-investment advisors. As a result of recent changes at the agency, an SEC investigation may be more difficult than ever for registered-investment advisors. In the following guest post, Ildiko Duckor, Sarah A. Good and Corey Harris of the Pillsbury law firm take a look at the recent changes at the agency, and provide a list of dos and don’ts. A version of this article previously was published as a Pillsbury client alert.
I would like to thank Ildiko, Sarah and Corey for their willingness to publish their guest post on my site. I welcome guest post submissions from responsible authors on topics of interest to readers of this blog. Please contact me directly if you would like to submit a guest post. Here is Ildiko, Sarah and Corey’s guest post.
The regulatory environment for SEC-registered advisers has become more complex as the result of a more aggressive and interconnected Securities and Exchange Commission (SEC). The connecting hub within the SEC is the Office of Compliance Inspection and Examination (OCIE), which serves as the “eyes and ears” of the SEC. The OCIE often is the first line of contact between an investment adviser and a potential referral to the SEC Enforcement Division’s Asset Management Unit (AMU), which is devoted exclusively to investigations involving investment advisers, investment companies, hedge funds and private equity funds.
The OCIE’s three main areas of focus for their 2015 exam priorities are (i) protecting retail investors, (ii) issues related to market-wide risks, and (iii) data analysis as a tool to identify registrants engaging in illegal activity.
Overlapping with the OCIE’s frontline examination role is the Compliance Program Initiative, which began in 2013 by sanctioning three investment advisers for ignoring problems within their compliance programs. The Compliance Program Initiative is designed to address repeated compliance failures that may lead to bigger problems. As such, any issues raised in a deficiency letter resulting from an examination are ripe for follow-up as the starting point of a subsequent examination. In the current regulatory environment—where violations of compliance policies and procedures can serve as the basis of enforcement actions—investment advisers and their compliance professionals need to pay close attention to the implementation, follow-through and updating of every aspect of their compliance program.
The “Dos” to consider before and during an SEC Examination
- Do invest in technology. Firms should regularly review their technology infrastructure—especially in the areas of record keeping, reporting and communications—to ensure they have the most effective tools available.
- Do anticipate downstream compliance and reporting impacts. When internal reporting changes are made or improved upon, firms should consider how those changes will impact their external reporting to ensure uniformity and accuracy.
- Do hire the appropriate compliance staff for the size and complexity of your operations. When thinking about the role of Chief Compliance Officer (CCO) and the relevant staff, keep in mind both the current and evolving needs of the firm with an eye toward the OCIE’s perspective as a regulator. For example, have your operations expanded or changed significantly since the compliance role was filled? If so, have the staffing levels and resources for the position been increased to meet the new demands?
- Do continuously improve upon your compliance policies and procedures. The investment environment is not static, and your firm’s approach to compliance should not be static, either. The notion of “set it, and forget it” is a thing of the past, and regulators are looking to see firms that have congruence between their policies and the scope of their current operations.
- Do ensure buy-in from the top down. Top management should serve as the lead in setting the culture of compliance in the firm. This means that the firm’s leaders through their actions and communication with their subordinates emphasize the importance of the compliance procedures to both the front office and back office operations of the firm. Your CCO should be part of top management and not subordinated to it in order to have sufficient clout top to bottom in the hierarchy of the organization.
- Do establish a dedicated contact in the event of an examination. Where an examination occurs, there should be a designated point person to coordinate with the OCIE throughout the entire examination process and serve as the facilitator to ensure a smooth and consistent examination process.
- Do treat the OCIE in a professional and courteous manner. It goes without saying, but we will repeat it nonetheless: “Treat others how you want to be treated.” There is sometimes a misperception that regulators are out to “get” a particular firm, which can lead to a hostile tone of interaction. In the event of an examination, it is important to remember that the SEC is filled with professionals who are doing their jobs with the utmost integrity, even if the firm ultimately disagrees with particular findings.
The “Don’ts” to consider before and during an SEC Examination
- Don’t take a defensive posture. At the beginning of an exam, firms should seek to establish a cooperative and non-combative tone with the examiners. As a general matter, taking a cooperative approach will create a smooth process for both parties. On the other hand, a hostile or combative approach not only lays the foundation for a cantankerous examination and gives the impression that the firm may have something to hide, it also paints the firm in a less-than-positive light.
- Don’t hide, evade or inundate the examiners with information. Some firms may take this approach as a way to force the examiners to find what they are looking for among the deluge of document production. However, this approach is counter-productive in the long run because it serves to both frustrate the examiners and extend the examination process. Extending the examination process often means examiners will be onsite for a longer period of time than would have been needed had the production of information been handled in a more thoughtful manner from the start, ultimately resulting in longer business disruption at the least. Firms also should not be evasive with examiners but should honestly and directly respond to requests for documents and information without unreasonable delay. Being evasive or non-responsive can raise a red flag that the firm has something to hide.
- Don’t under-resource the CCO or the Compliance Department. Firms should not take a “Swiss army knife” approach by having a CCO who is responsible for too many areas of the firm, especially areas outside of the compliance function. This sends a message about the degraded importance of compliance at the firm and also proves as a logistical obstacle to efficiently fulfilling the compliance function. As a corollary, the CCO should be experienced and qualified for the position.
- Don’t underestimate the examiners. While there is sometimes a perception that government employees are not as sophisticated as their private sector counterparts—this perception is false. Examiners are often from large law firms, broker-dealers, and increasingly private investment funds and are sophisticated and well versed in the industry.
- Don’t fail to follow through on any OCIE recommendations. As stated above, the Compliance Program Initiative was created as a response to repeated compliance lapses and offenses. Further, the current trend is that compliance lapses can lead to enforcement action. As such, take any recommendation from a deficiency letter very seriously, even if there is disagreement with the recommendation.
- Don’t fail to fully disclose a conflict of interest. This would seem obvious; however, the SEC has recently taken action against an investment adviser that did not disclose to all investors that an executive of the adviser received a loan from one its clients. This highlights the importance of, and connection with, the compliance program and the need to ensure that policies and procedures are in place, enforced and re-evaluated each and every time—especially for senior management.
What does all this mean for Investment Advisers?
A main focus of OCIE examinations of investment advisers centers on their compliance programs, policies and procedures. A dedicated compliance professional, along with the appropriate staffing (depending on the size of the investment adviser) is necessary to ensure that the compliance program, policies and procedures are in place and being followed by everyone in the firm. Importantly, there must be on-going monitoring and updating of the relevant policies, programs and procedures to ensure the record keeping and reporting obligations are being met.
Once an examination is underway, the CCO or the designated point person should be focused on providing the OCIE with the documentation required for any information requests along with serving as the contact person for the examiners. Thus, the other executives and employees can focus on the business of the firm. Upon the conclusion of an examination, the investment adviser should carefully analyze any recommendations or points to be addressed as listed in any deficiency letter and implement any necessary changes in a timely manner.
The role of compliance remains critically important, and investment advisers should remain vigilant in adhering to their current policies and procedures. Even if an examination has yet to occur, proactive steps should be taken to ensure the firm is institutionally prepared for an examination. Institutional preparedness can be attained by conducting a mock audit, review of sample SEC document request lists to anticipate likely areas of examination, and ensuring disclosure documentation and actual compliance and business practices are all consistent.
|Ildiko Duckor San Franciscofirstname.lastname@example.org||Sarah A. Good San Franciscoemail@example.com|
|Corey Harris San Franciscofirstname.lastname@example.org|