SEC cites 'vast majority' of multi-branch RIAs for compliance defects
The "vast majority" of large RIAs that operate out of multiple offices struggle to adequately supervise remote personnel and ensure compliance across their branches, the SEC is warning, noting the prevalence of inaccurate, loosely enforced and inconsistently applied policies and procedures.
The commission's Office of Compliance Inspections and Examinations this week released a risk alert outlining the findings of a series of exams looking at multi-branch RIAs, detailing a litany of compliance issues ranging from remote oversight to overcharging clients.
OCIE's periodic risk alerts don't amount to new rules with enforceable mandates, but they can help advisors develop a compliance roadmap by highlighting the defects that examiners observed at other firms.
"Firms should consider implementing practices to mitigate the chance of receiving similar deficiencies," says Kelli Haugh, managing director of the consultancy Foreside, where she oversees investment advisor compliance services.
"One should surmise that any practice specifically identified in a risk alert will be an area of focus — and reduced patience — by a regulator," Haugh says.
Exam staffers unearthed what they describe as a "range of deficiencies," throughout the multi-branch exam initiative, but headlined the risk alert with issues around the Compliance Rule and supervision of remote offices. Those include branches operating under outdated policies and procedures, and, in many cases, advisors unknowingly having custody over clients' assets and failing to adequately supervise fees and billing practices.
In some cases, firms failed to have policies in place requiring branches to identify and address instances where clients were overcharged. Those errors took many forms, including fee miscalculations and inconsistent reimbursements, but generally fell into a pattern of lax supervision from the home office.
"Most fee billing issues were related to the lack of oversight over fee billing processes, and in some cases, this resulted in overcharges to clients," OCIE says in its risk alert.
OCIE also cited more than half of the firms it examined for deficiencies relating to investment advice, including oversight of investment decisions, disclosures of conflicts of interest and trading allocations.
The SEC's risk alert follows from an exam initiative in which OCIE personnel examined nearly 40 firms' main offices and at least one branch office for each firm. Collectively, the firms the SEC reviewed manage roughly $110 billion in assets, serving some 185,000 predominantly retail clients.
The SEC's focus on multi-branch RIAs is not new, but it is ongoing. The commission identified distinct risks associated with those firms in its exam priorities letter in January 2016, and then near the end of that year launched its exam initiative, which concluded in 2018.
"These advisors continue to be an area of interest for examinations because they: (1) often advise retail clients; and (2) have unique risks and challenges related to the design and implementation of their compliance programs and oversight of advisory services provided through remote offices," the SEC explains in its latest risk alert.
Haugh notes that branch offices have "an elevated risk for compliance deficiencies" because their distance from the firm's headquarters invites the development of "practices that are inconsistent with the main office's processes."
"[F]irms with multiple offices should implement policies and procedures to adequately monitor and oversee branch office processes, particularly with respect to monitoring and approving advertising, client fee billing, personal trade reporting and portfolio management," Haugh says. "Firms should also consider adopting uniform, centralized processes so they can be monitored for compliance purposes."
Most of the firms OCIE examined in the multi-branch initiative have at least 10 remote offices. That creates a compliance challenge that is "far more costly than designing a program for a single location firm," Cipperman Compliance Services writes in a note responding to the risk alert.
"The more independence that the home office allows," Cipperman writes, "the more difficult it becomes to herd the cats."