Compliance Program Rule, Rule 206(4)-7 | Compliance Programs | Examinations and Audits | Records Management | Testing

SEC Exam Impact: Helping Firm Management to Understand the “Value Add” of a Well-Run Compliance Program

SEC Municipal Advisor Rule

By: Jaqueline M. Hummel, IACCP®, AIFA®
Managing Director, Hardin Compliance Consulting

May 12, 2014

The SEC recently announced an initiative to examine registered investment advisers who have never been subjected to review, creatively described as the “Never-Before Examined Initiative.” The SEC estimates that 4,400 advisers have never been examined, and the agency plans to target those that have been registered for more than three years and are domiciled in the U.S., amounting to 2,180 advisers. Advisers to private funds can also expect a visit from the SEC, based on the “Presence Exam Initiative” announced by the agency in 2012.

Despite these public announcements, compliance officers can still face an uphill battle when trying to get firm management to focus on SEC exam preparation. They can point to the SEC’s announcements, anecdotal evidence from peers, and the buzz in the compliance community, but these arguments are not persuasive. For investment professionals, most decisions come down to whether the risk being taken is worth the reward offered. In order to make firm management pay attention, compliance officers need to speak in terms they understand by providing specifics on the risk vs. reward. Firm management will want to know:

  1. What is the risk that the SEC will show up?
  2. What potential violations could the SEC find?
  3. What sanctions would the firm face if the violations are found?
  4. Why should management be involved – isn’t this the CCO’s job?
  5. What is the minimum amount of time/money/resources the firm can allocate to the effort?
  6. What do I get in return for preparation?

The problem is that it is difficult to answer these questions. On the risk side, there is no public disclosure of investment adviser examination results, known as “deficiency letters.” The only data available is from enforcement actions and general statistics on exam findings, so it’s hard to quantify the downside of various rule violations.

Therefore, one approach is to address the “reward” side of the discussion: good compliance is good business. And in addition to trotting out this general platitude for the multitudes, add some meat to the argument by providing specific examples of how the compliance program provides a “value add” to the business.

First, the low hanging fruit. For many investment professionals, compliance generally means complying with the disclosure and reporting requirements of the firm’s Code of Ethics, and the SEC’s rules against insider trading. Firm management can generally speak with authority and expertise on these subjects, since the press is filled with examples of the severe consequences of getting caught engaging in these activities. Every firm wants to protect its reputation, so generally this aspect of the compliance program is an easy sell.

There are, however, other aspects of the compliance program that firm management should become familiar with in preparation for an SEC exam. Although they may feel that these tasks fall to the Chief Compliance Officer, many SEC pronouncements, advice from experts in the field (and our own experience) indicate that management’s active involvement and understanding of the compliance program can positively influence the outcome of an exam.

So, to answer the question, what’s in it for me?

The compliance program contains tasks that any business owner would perform even if they were not legally required because they help firms manage risk and avoid liability. For example, the following are items that are part of a compliance program that make good business sense:

  1. Take steps to ensure the safety of client assets. If your operations team wires $2 million dollars to the wrong person, the firm has to eat that loss.
  2. Take steps to protect clients’ private financial information. Imagine your largest client discovers your firm is the source of a private information leak that causes them harm. Additionally, several states (e.g., Massachusetts) that require more rigorous protections for client data, and can impose fines for failure to meet these requirements. (Reg S-P and state privacy laws).
  3. Develop an oversight process to ensure client accounts are being invested in accordance with investment guidelines and restrictions. Here are just a few examples of trade errors caused by insufficient oversight of trading activity in client accounts: (a) failing to invest a client’s cash in a timely manner, (b) allocating a security to a client account that prohibits holding such securities (e.g., sin or tobacco stocks), and (c) failing to include accounts in a block trade that should have been included. Advisers are responsible for reimbursing clients when these types of errors result in losses.
  4. Monitor political contributions. Advisers with government entity clients face losing 2 years of advisory fees if an employee donates $500 to the wrong candidate.  
  5. Ensure that all marketing and advertising materials are reviewed by compliance and are consistent with regulatory requirements. Overeager marketing or sales personnel could send out inaccurate or misleading information, which could, in turn, lead to an investor lawsuit (or regulatory action).
  6. Test the firm’s business continuity plan and ensure that service providers have sufficient plans and processes in place to meet the firm’s requirements. Being able to continue trading and communicate with clients is essential. Many firms only discover the flaws in their plans as a result of an actual disaster, such as a hurricane, severe flooding or extensive power outages. Testing helps identify weaknesses before disaster strikes. Failure to be adequately prepared in these situations results in firms losing their clients’ confidence and business.
  7. Monitor insider trading.  The press is full of examples of how firms can be brought down by the actions of one analyst, trader or portfolio manager.
  8. Ensure that your clients are receiving “best execution” on their trades and that the brokers you are dealing with are reputable and sufficiently capitalized. Regulatory requirements aside, trading has a direct impact on performance.
  9. Take steps to detect and correct trading errors. Monitoring trading activity helps ensure that errors are discovered quickly and resolved. Make sure your firm has a process in place for dealing with failed trades or other operational issues in a timely manner. Is there a procedure to elevate outstanding reconciliation issues?
  10. Develop a process to periodically test whether the fees being charged to clients are the same as those set forth in the investment management agreement and disclosed in the Form ADV. Operations personnel responsible for instructing custodians to deduct fees from client account or for preparing invoices should have a clear understanding of how to calculate the fees, and firms should have means of tracking fees paid.

The point here is that many aspects of the compliance program are good business practices. Although firm management is not expected to know the details of how the compliance tasks are accomplished, the principals should have an appreciation and an ability to articulate how clients’ assets are being invested and protected. This will give the SEC comfort that the “tone at the top” is appropriate.

If SEC examiners sense that your firm is not well run, unprepared, or has insufficient compliance controls, they may extend their stay in an attempt to find all violations. This will put a strain on your firm’s resources. Additionally, if violations are found, the SEC can impose sanctions including notifying all current and potential clients of issues discovered during an exam, for periods as long as 10 years. Other sanctions can include requiring the firm to hire  an independent compliance consultant (for a period of years), reporting to the SEC on an on-going basis, imposition of fines (including individual fines for certain failures), shutting down the business and banning individuals from any further participation in the industry.

The bottom line is that first impressions in an SEC exam really matter. Showing that management has a high level understanding of what the SEC sees as important could help shorten exam time. Other actions firms can take include producing the requested documents quickly and providing a clear, concise, accurate and consistent overview of how the firm manages and protects its clients’ assets and information.

If you have any questions or would like us to perform an SEC Readiness Exam, please contact your primary consultant. You may also reach us at (724) 935-6770 or visit our website at