In 2012 the SEC began its presence exam initiative among newly registered investment advisors, with the aim of ensuring compliance with federal securities laws and the RIAs’ own company standards. Now, in 2014, the SEC has announced what it terms the never-before-examined initiative.
As the name suggests, the SEC intends to examine a “significant percentage” of those RIAs that have never been examined, with a focus on those that have been registered with the SEC for three or more years. The initiative forms a part of the Office of Compliance Inspections’ (OCIE) National Examination Program (NEP). According to OCIE officials, this “significant percentage” is in the range of 25% - 40% over a two-year period.
This is no small number, and means that at least a quarter of those RIAs never-before-examined can expect the SEC to come knocking. According to the SEC, examinations will come in two different flavors: The first – the risk-assessment approach – is likely to be a high level review of the RIAs’ business activities, with the goal of improving the examiners’ understanding of the firm. The second – the focused review – will include a “comprehensive, risk-based” exam of one or more specific areas, and will be very similar to a presence exam. The areas in question – compliance programs, filings, marketing, portfolio management and safety of client assets – should not catch any RIA by surprise.
All never-before-examined RIAs registered for over three years should have received a letter from the SEC outlining the new initiative. It is important to note that this letter does not necessarily mean the recipient will be examined. With typical onsite inspection lasting between one and three days and a notice period of just two weeks or less, it is best to plan early and prioritize actions. There are five main areas advisors can tackle now ahead of a potential SEC audit:
1. Be prepared. First and foremost, identify the firm’s potential violations and compliance gaps now. Waiting until the SEC is on its way, or – worse still – uncovers the issue themselves, will make the resolution process considerably more difficult. Where possible, back test your firm’s adherence to your compliance policies and procedures to identify possible issues. Areas that can be easily tested include: Email reviews (ensure that your firm has a culture of compliance); timely delivery of audited financials (are investors receiving the audited financial statements as required under the custody rule?) and record-keeping reviews (are all required records under the Adviser Act being maintained? And are they easily accessible and in a format that can be provided to the SEC in a timely manner?).
Personal trading is another area that often receives much scrutiny by the SEC and, based on our experience, is often in need of attention. Given that poor personal trading files can set a negative tone for an audit, this area should be critically reviewed on an ongoing basis to ensure all necessary reports, statements and pre-clearances are on file. As discussed below, it is important to note that violations that are uncovered should be documented for the compliance files as should the resolution to the violation.
While the SEC isn’t expecting to see zero violations, it will expect a firm to have adequate procedures in place to identify violations, document when violations do occur, resolve them quickly and take steps to prevent their recurrence. Start by meeting with relevant personnel to address the violation. Educating your employees is a critical step to preventing future violations (through an annual compliance training, for instance).
Most importantly, do not hide your violations. Create a log detailing each violation and its resolution, and use memos to files where appropriate to document further. Demonstrate that your firm can identify discrepancies and successfully work toward addressing these issues while creating safeguards for the future.
2. Perform a critical review of your firm’s policies and procedures. It is important that a firm follow the internal guidelines laid out in its manual and code of ethics, as failure to abide by internal policy (even a best business practice) will be noted as a deficiency. Customize your compliance manual to reflect your firm’s actual practices. The SEC has previously penalized firms for not following internal policy even if the violation in question was not a required rule by the SEC.