For many RIA’s, compliance is a dull, non-revenue producing part of their business, often consisting of little more than an old box of legal and regulatory Band-Aids applied ineffectively and inconsistently.

Founders are the biggest offenders when it comes to poor compliance procedures. Some say they are too distracted by other, revenue-producing work. Indeed, the most common excuse I hear is this: “But I’m busy taking care of the client.” 

Others consider compliance a task for junior staffers, or, worse, the regulations only apply to junior staff. And a few lunatics likely believe the rules do not apply to anyone at their firm.  

Others, meanwhile, balk at the expense for legal advice that specializes in the Investment Advisers Act of 1940. They opt instead for cheaper advice from consultants or they go for broke by using the all-knowing law firm of Google, Wikipedia and Yahoo LLP. 

So, with all of this mind, here is a checklist for making sure you and your firm have followed the procedures guaranteed to provoke a puzzled look, wide eyes — if not outright laughter — from an inquiring buyer, auditor, forensic accountant or a subpoena-waving lawyer.

Check as many as apply to you. Do you:

_______ Claim that your firm does not have any complaints in its “complaint file?” Do you also make sure that no one has trained anyone on what constitutes a complaint, how to document a complaint and to whom it should be reported? (Of course, a brief review of your firm’s e-mail should easily yield multiple complaints.)

_______ Keep incomplete records? Perhaps the current client contract template vanished, or the custodian statements were not downloaded?

_______ If you are the head of the firm, do you submit your personal security transactions disclosures to yourself? 

_______ Claim compliance is a critical focus of the firm? Present as proof a few outdated template booklets restating the Investment Adviser Act regulations?

_______ Fail to conduct a “best execution” review? (If asked about this, a joke about capital punishment might fly.)

_______ When asked about billing reviews, respond: “Each advisor looks at the quarterly statements … quarterly?”

_______ Fail to review the e-mail system to make sure it is archiving properly? (Mention with a wink you have a server at home.)

_______ Fail to develop oversight procedures covering how the firm’s investment process is implemented or how services are provided? (Call it an oversight.)

These are obviously “don’ts”. Many other “dos” and “don’ts” exist: Do make sure annual reviews are incomplete and sporadic; do not fix deficiencies identified in very expensive consultant audits; do make sure that the person placing trades is the same one checking trades; don’t keep track of your marketing materials, print or online, or changes made to your web site.

Sometimes, it’s a matter of doing what sounds like the right thing, such as making an advisor’s area of expertise (taxes, insurance or investments) a client’s area of need, regardless of the client’s actual need.

Here’s a tricky one: Don’t review legacy holdings that are not included in advisors’ standard asset allocation. (Rely instead on reviews triggered by large price reductions.)

Yes, the checklist of ways to blow up your firm through ignoring compliance issues is endless, as is the attention that all RIA’s must pay to it.

Because here’s the thing: If you are not paying scrupulous attention to compliance protocols, if you have checked a number of items on the list above, you actually aren’t taking care of the client.

Yvonne Kanner is President and COO of Fiduciary Network.

Read More: