In addition to basic blocking and tackling, compliance officers often have the thankless job of performing the annual review of their compliance program required by Advisers Act Rule 206(4)-7. As discussed in our blog post, Write the Best Annual Compliance Program Review EVER!, that review should consider changes to the Advisers Act and applicable regulations, legal proceedings and guidance from regulators, including risk alerts and interpretations. To simplify the task of collecting all of this information, I’ve identified the top regulatory hot buttons to help advisory firms update their compliance programs for 2020. I’ve also included a list of recommended resources at the end of this post to help you implement these changes.
Despite a government shutdown early in the year, the SEC covered a lot of ground in 2019. The big headline-grabber for 2019 was the adoption of Regulation Best Interest (“Reg BI”) and the Form CRS Relationship Summary (“Form CRS”) along with two interpretations clarifying the role of investment advisers and broker-dealers. OCIE has already warned that it will be looking at compliance with these initiatives as part of its 2020 exam priorities.
The SEC also explained (finally!) what it expects and will be looking from disclosures in Form CRS and Form ADV by issuing its FAQs on Conflicts of Interest. Advisers should review this document carefully and consider their sources of income and any help received from service providers in defraying costs that would otherwise be borne by the firm, such as support provided by mutual fund companies for marketing or training of sales personnel. The SEC views this assistance the same as “compensation”. Consider whether it makes sense to rebate fees paid by clients if such payments end up in the firm’s pocket.
The Office of Compliance Inspections and Examination (OCIE) also issued seven Risk Alerts to help advisers (one dealt solely with transfer agents). Although all of OCIE’s Risk Alerts are generally required reading for compliance officers, I rank “Observations from Examinations of Investment Advisers: Compliance, Supervision, and Disclosure of Conflicts of Interest” as number one since it identifies issues that are currently high on the SEC’s hit list. I rank “Investment Adviser and Broker-Dealer Compliance Issues Related to Regulation S-P – Privacy Notices and Safeguard Policies” as second because I agree with OCIE’s observation that although most firms have a Privacy Notice, many do not follow up with appropriate policies and procedures to ensure the safety of customer records. This risk alert also dovetails nicely with the current regulatory focus on cybersecurity and the protection of private customer information.
The Division of Enforcement relentlessly pursued advisers and broker-dealers for failing to disclose to clients that they received 12b-1 fees, revenue sharing payments and had other conflicts of interest affecting their decision-making processes. In March, the SEC announced settlements with 79 advisers that self-reported 12b-1 fee conflict disclosures failure during the Share Class Disclosure Initiative. The average amount returned to investors per adviser was roughly $1.5 million, although six firms accounted for more than 40% of the total. According to the Enforcement Division’s 2019 annual report, investment advisers and investment companies bore the brunt of enforcement efforts as the subject of 35% of cases brought, a significant uptick from 22% in 2018. As compared to 2018, the division also extracted more in disgorgement and penalties ($4.3 billion versus $3.95 billion) and returned significantly more dollars to investors ($1.2 billion versus $794 million).
Given this regulatory background, my top takeaways for investment advisers are:
- Dual registrants should prepare for Regulation BI implementation. For dual registrants, preparation for Reg BI should be your number one priority. As a starting point, firms should review how they are providing advice, analyze the products being offered and their associated conflicts of interest, review compensation arrangements and incentive structures, develop policies and procedures to comply with Reg BI’s requirements, train staff on these new procedures, and create a supervision infrastructure to monitor compliance. Hardin Compliance has developed resources to help you on our new web site, Standards of Conduct for Broker-Dealers and Investment Advisers. Download our Reg BI spreadsheet to get started. We will add new tools to the website so stay tuned!
- Get ready for Form CRS. For investment advisers serving retail clients, get ready to draft and deliver the Form CRS Relationship Summary (“Form CRS”). This form is a new disclosure document to be filed with the SEC and delivered to retail investors by both broker-dealers and investment advisers. The SEC has defined a retail investor as “a natural person, or the legal representative or such a natural person, who seeks to receive or receives services primarily for personal, family or household purposes”. Investment advisers should adopt policies and procedures for drafting, distributing, and updating Form CRS, which is now Part 3 of Form ADV. The SEC will be looking at this form during examinations, so be prepared. Check out the SEC Compliance Guide to Form CRS Relationship Summary. Check out our resources, including Hardin’s Regulatory Update for October 2019, and our webpage, Form CRS Relationship Summary, where we will be adding more tools as the June 30 deadline gets closer.
- Up your game for identifying conflicts of interest and disclosing them in Form ADV. Avoid using the word “may” whenever possible. Investment advisers should review policies and procedures for drafting Form ADV Part 2A disclosures. Make sure you are identifying conflicts of interest identified most recently by the SEC by reviewing the OCIE risk alert on Observations from Examinations of Investment Advisers: Compliance, Supervision, and Disclosure of Conflicts of Interest and the SEC’s FAQs on Conflicts of Interest. Review the Commission Interpretation Regarding Standard of Conduct for Investment Advisers and make sure your disclosures are “clear and detailed enough for the client to make an informed decision to consent to the conflict of interest or reject it”. Finally, stop using the word “may” with respect to potential conflicts. The SEC finds words like “may”, “might” and “could” as woefully inadequate when describing conflicts of interest.
- Review your policies and procedures to determine whether they meet SEC’s Standard of Conduct. Advisers should review the Commission Interpretation Regarding Standard of Conduct for Investment Advisers (the “Interpretation”) to ensure they are covering all the areas addressed by the SEC. Briefly, an adviser’s fiduciary obligations include client account monitoring, selecting the appropriate account type for clients, performing due diligence on investment products, providing full and fair disclosure on conflicts of interest, meeting best execution obligations, and making a reasonable inquiry into a client’s investment objectives.
- Take a fresh look at your firm’s policy on proxy voting. The recently-issued Commission Guidance Regarding Proxy Voting Responsibilities of Investment Advisers contains specific recommendations for advisers that take on proxy voting duties that may not be addressed by current policies and procedures. Some advisers may decide against offering proxy voting services given the time and cost it will take to meet the SEC’s expectations.
- Make sure you are on top of Regulation S-P obligations and enhance protocols for security on the Cloud. Review your firm’s privacy policies and procedures to see if they include the administrative, operational and physical safeguards that the SEC expects to see, as spelled out in OCIE’s Risk Alert Investment Adviser and Broker-Dealer Compliance Issues Related to Regulation S-P – Privacy Notices and Safeguard Policies. As part of this effort, you should also review OCIE’s Risk Alert Safeguarding Customer Records and Information in Network Storage – Use of Third Party Security Features. The alert includes samples of effective practices, such as policies and procedures designed to support the initial installation, on-going maintenance, and regular review of the cloud-based storage systems. OCIE recommends that firms set basic standards for security configuration and schedule periodical maintenance of the systems.
- Consider whether you have sufficient supervisory processes in place. OCIE issued a risk alert describing its findings from its 2017 “Supervision Initiative” that reviewed the supervisory practices of more than 50 firms that employed individuals with disciplinary histories. Deficiencies identified by OCIE included inadequate disclosure of disciplinary events and failure to adequately supervise their employees and representatives. Advisers should take a close look at the examples cited in this risk alert and compare them against their current processes and practices. In addition to keeping a close eye on employees with regulatory blemishes, firms should also close potential holes in their supervision processes. As noted in the risk alert, SEC staff found weak supervisory practices in determining asset valuation, calculating and reporting performance, fee billing and monitoring supervised persons’ activities in remote offices. Gaps in supervision can lead to serious compliance issues.
- Confirm whether your policies and procedures to protect senior and other vulnerable investors address state law requirements. As we noted last year, more than 20 states have adopted laws addressing the financial exploitation of seniors and vulnerable clients. Some states, like Ohio, require investment advisers to report suspected or actual financial exploitation of seniors and vulnerable clients to state adult protective services agencies. Make sure your procedures include training employees and representatives on how to identify and report such abuse.
- Review regulatory activity within the states relevant to your business to see if any developments affected your firm. Depending on the regulation, this may include the state in which you are registered (if you are a state-registered adviser), the state(s) in which you operate as well as those states where the firm has or prospects clients. Just because your firm is federally registered doesn’t mean you can ignore state law. For example, advisers should be aware of the California Consumer Privacy Act (“CCPA”) which affects firms with California clients and meet certain thresholds. The CCPA requires certain for-profit businesses that collect personal information from California consumers (i) provide consumers access to their personal information;(ii) delete their personal information if so requested and (iii) stop selling personal information if consumers opt out of the sale. Another example is Massachusetts’ amendment of its Data Breach Notification Law. Broker-dealers and investment advisers subject to the MA law are now required to provide a minimum of 18 months of free, third-party credit monitoring services to affected consumers when there is a breach involving social security numbers. Finally, New Hampshire became the 47th jurisdiction to join the “Automatic Fail to Renew Program”, eliminating its grace period for broker-dealers and investment advisers to renew their registrations. If a firm failed to renew by December 31, 2019, its registration will be terminated, and it will no longer be eligible to conduct securities or investment advisory business in New Hampshire. Firms that violate this policy may be subject to enforcement action.
- Mutual fund advisers need to step up their compliance game. OCIE issued a risk alert discussing the most often cited deficiencies and weaknesses it observed during hundreds of fund examinations over two years. Advisers should review this risk alert and consider whether their compliance programs adequately address the gaps noted.
- Review or add policies and procedures for UTMA/UGMA accounts. Although this may not currently be on the radar screen for most firms, FINRA has been cracking down on firms that continued to let parents, as custodians of UGMA and UTMA accounts (Uniform Transfer to Minors Act and Uniform Gifts to Minors Act), manage these accounts after the beneficiaries (the children) reached the age of majority. Advisers should have processes in place to track when beneficiaries of such accounts reach the age of majority and ensure that responsibility for the account is transferred.
For those of you that are wondering, I deliberately did not discuss the OCIE Risk Alert on Investment Adviser Principal and Agency Cross Trading Compliance Issues. Although compliance with Section 206(3) of the Advisers Act is important, and the cross trading rules are complicated, this alert did not bring to light any new or unusual issues. If your firm engages in principal or cross trades (or if you aren’t sure), then check out our Regulatory Update for October 2019, under Risk Alert on Principal and Agency Cross Transactions for more details on what OCIE found during recent examinations.
Good luck with your compliance efforts in 2020, and feel free to reach out to Hardin Compliance Consulting if you need any help!
California Consumer Privacy Act
- On the Road Again: Practical First Steps on Your Way to Compliance with the CCPA from Fox Rothschild LLP.
- CCPA Update: What Has Changed and What Remains the Same? from Baker Mackenzie.
Cash Solicitation and Referrals
- Paying for RIA Referrals: State and SEC Solicitor Rules from Michael Kitces with help from attorney Chris Beach.
- 12 Things You Need to Know about Adviser Referral Arrangements and the Cash Solicitation Rule
- Investment Adviser Compliance “To Do” List for 2020
- The Top Ten Features to Look for in a Compliance Program Management System
- Ten Reasons to Hire an RIA Compliance Consulting Firm
- Risk Alert on Principal and Agency Cross Transactions. The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a risk alert warning advisers about cross trading compliance issues under Section 206(3) of the Advisers Act.
- How I Learned to Stop Worrying and Learned to Love Form ADV
Conflicts of Interest and Disclosures
- What We’ve Got Here is a Failure to Communicate Hefren -Tillotson, Inc. settles with SEC for failure to disclose the practice of keeping a portion of execution charge
- SEC Cries Foul for Failure to Disclose Private Equity Fund Expense Allocation Practices
- Advisor Slammed for Charging Some Clients More for Same Services
- Those Who Cannot Remember the Past are Condemned to Repeat It; Adviser cited for failure to disclose compensation from hedge funds on its platform
- State Street Settles with the SEC after Nearly 20 Years of Undisclosed Markups on Custody Fees
- The Bigger the Conflict, the Bigger the Disclosure; Adviser Fails to Disclose Payments from Private Funds for Investments
- The War on May Continues, with Court of Appeals Finding Robare Disclosures Inadequate
- What’s Good for the Goose: Protecting against Vendor Cybersecurity Risk from Peri N. Mahaley of the Pillsbury Policyholder Pulse Blog.
- It is 2019 . . . Do You Know Where Your Data Is? from Michael Volkov.
- Protect Yourself and Your Firm Against Password Spray Attacks from Hinshaw & Culbertson.
- The Cybersecurity Defense Advisors Forget from Financial Planning.
- New York’s Department of Financial Services Investigates First Post Cybersecurity Regulation’s Breach from Cynthia J. Borelli with Bressler Amery Ross.
- National Cybersecurity Awareness Month 2019
- Ransomware Protection Strategies
- Can You Really Protect Yourself from Ransomware?
- Leading the Defense: 5 Practical Strategies to Respond to a Cybersecurity Incident
Failure to Supervise
- Trader Barred from Industry for Manipulating Valuation Process
- When Absolute Power Corrupts Absolutely: SEC Files Charges against former COO For using his Position to Inflate His Salary and Overcharge Clients
- Bond Traders Give into Temptation, and Nomura Repays $25 Million to Customers
Mutual Fund Advisors
- SEC Staff Issues No-Action Letter on Hiring Affiliated Sub-Advisers without Shareholder Approval
- The Division of Investment Management posted Accounting and Disclosure Information (ADI) 2019-08 on improving principal risks disclosure in mutual fund summary prospectuses.
- SEC Adopts New ETF Rule and Modernizes ETF Regulations.
- SEC Adopts Long-Awaited ETF Rule to Modernize ETF Regulation from K&L Gates.
- SEC Adopts Final ETF Rule and Issues Related Exchange Act Relief from Dechert LLP.
- A New Day for Active ETFs from Palisades Hudson Financial Group LLC.
- Coming Soon: New Twist to ETFs from ETF.com.
- The ETF Evolution Continues: SEC Approves Four New ‘Proxy Basket’ Active Semi-Transparent ETFs from Thompson Hine LLP.
- SEC’s Small Entity Compliance Guide on New ETF Rule
Private Funds, Hedge Funds and Private Equity
- Private Funds Regulatory Compliance Calendar 2020 from Paul Weiss.
- Proskauer’s Private Equity SEC Enforcement Tracker
- Part 1:A Primer on Form D and Blue Sky Filings for Private Fund Managers
- Part 2: Form D and Blue Sky Filings Renewals and Amendments for Private Fund Managers
- Part 3:Blue Sky and Form D Filing Requirements for Offshore Funds
- Part 4:Blue Sky Amendments for Private Fund Managers
- Part 5:Blue Sky Renewals for Private Fund Managers
- Part 6:Blue Sky Terminations and Withdrawals for Private Fund Managers
- Part 7: Blue Sky Exemptions for Private Fund Managers
Protecting Seniors and Vulnerable Investors
- For 2019: 10 Takeaways from the Country’s Seniors Laws from Bressler Amery Ross.
- AARP Provides Sample Training for Non-Financial Institution Users
- Suspicious Activity Reports on Elder Financial Exploitation: Issues and Trends from the CFPB Office for Older Americans.
- How the SEC Works to Protect Senior Investors by Stephen Deane, Engagement Advisor in the SEC Office of the Investor Advocate, May 2019.
- 2019 Senior Investor Protection Conference, sponsored by FINRA, November 12, 2019, Washington, D.C.
- The U.S. Department of Justice State Elder Abuse Statutes
- The National Center on Elder Abuse
- Joint Press Release – Senior Safe Act 5-23-2019, SEC, NASAA, and FINRA Issue Senior Safe Act Fact Sheet to Help Promote Greater Reporting of Suspected Senior Financial Exploitation.
- NASAA Members to Offer Resources to Help Investment Professionals Work with Clients Affected by the Opioid Epidemic
- SEC Sanctions Levied Against Boston-Based Adviser for Breach of Fiduciary Duty to Senior Client
- SEC Takes Rare Action against Advisers for Voting Proxies
- Commission Guidance Regarding Proxy Voting Responsibilities of Investment Advisers
- Proxy Voting Conflicts—Asset Manager Conflicts of Interest in the Energy and Utility Industries
- September 2019 Regulatory update addressing the SEC’s Guidance on Proxy Voting
Regulation BI, Form CRS, and Conflicts of Interest
- Regulation Best Interest: The Broker-Dealer Standard of Conduct
- Form CRS Relationship Summary; Amendments to Form ADV
- Form CRS (official instructions)
- FAQs on Form CRS
- FAQs on Regulation BI
- Hardin Webpage dedicated to Regulation Best Interest and Form CRS Relationship Summary
- SEC Adopts Regulation Best Interest from the National Law Review.
- SEC Issues Final Regulation BI from The Wagner Law Group.
- SEC Adopts Regulation Best Interest and Form CRS: Issues Investment Advisers Act Interpretations from Sidley Austin LLP.
- SEC Small Entity Compliance Guide to Form CRS Relationship Summary
- SEC Compliance Guide to Regulation Best Interest
- SEC Regulation Best Interest (Reg BI) from FINRA.
- Form CRS Requirements from Ropes & Gray LLP.
- investor.gov/CRS from the SEC, a website that contains information for investors about Regulation BI and Form CRS, including a series of videos on topics that include “Brokers and Investment Advisers: Knowing the Difference” and “Brokers and Investment Advisers: How they are Paid.” Form CRS requires a link to this site.
- SEC Cracks Down on Hybrid RIA Sweep Money Market Accounts from Financial Advisor.
- The First SEC Share Class Selection Disclosure Settlements: What We Learned & What’s Next? from Drinker Biddle.
- When Best Execution Isn’t Best: Mutual Fund Share Class Selection from Morgan Lewis.
- FYI: Is the SEC Wearing its “Reasonableness Pants”? from Lorna Schnase.
- The SEC on Rollovers – The Agency says RIAs are Fiduciaries from Fred Reish and Joan Neri in Plan Adviser.
- The Other Shoe Drops… SEC Files Case Against Commonwealth Financial for Disclosure Failures. for Revenue Sharing After Settling Charges in 12b-1 Sweep
- SEC Brings Share Class Selection Case Against Private Funds
- Advisers Can Add Two New Disclosures to Form ADV: Administrative Fees and Markups
Standard of Conduct for Investment Advisers
- What Your Next Deficiency Letter is Going to Say: SEC Tells Advisers What Fiduciary Duty Means
- SEC Staff Publishes Guidance on Investment Adviser Disclosure of Financial Conflicts of Interest from Baker McKenzie.
Partner with Hardin Compliance
If you want an independent review of your compliance program, Hardin Compliance can help. Call us today at 1.724.935.6770, or visit our website at www.hardincompliance.com for more information.
Hardin Compliance Consulting provides links to other publicly-available legal and compliance websites for your convenience. These links have been selected because we believe they provide valuable information and guidance. The information in this e-newsletter is for general guidance only. It does not constitute the provision of legal advice, tax advice, accounting services, or professional consulting of any kind.