SEC Office of Compliance Inspections and Examinations – 2020 Examination Priorities
Mar 6, 2020
We recently discussed a recap of the SEC Office of Compliance Inspections and Examinations (OCIE) 2019 examination results. In this follow-up segment, we discuss OCIE’s 2020 examination priorities, which were recently published by the SEC. Key topics relating to Registered Investment Advisors (RIAs) are discussed below.
- OCIE’s exams are grounded in the following four pillars:
- Promoting compliance
- Preventing fraud
- Identifying and monitoring risk
- Informing policy
- The SEC set forth factors that influence whether a specific RIA is more likely to be selected for examination. These factors include:
- Products offered, and the segments of the population to whom they are offered. More specifically, the SEC has identified investments marketed to or designed for retail investors (mutual funds, ETFs, municipal securities, microcap securities (securities with market capitalization of under $250 million)) as an area of focus for exams, with the goal of protecting the retail investor marketplace. This will include an assessment of industry practices and regulatory compliance on RIAs that use third-party administrators to sponsor mutual funds they advise or are affiliated with; mutual funds or ETFs that have not been previously examined, as well as RIAs to private funds that also manage a registered investment company with a similar investment strategy.
- While the SEC seeks to protect the entire retail marketplace, they’ve identified seniors, teachers, military personnel and those saving for retirement as specific marketplace segments worthy of particular emphasis.
- Compensation and funding arrangements
- Whether the RIA has been previously examined or not recently examined; for RIAs that have been recently examined, the nature of prior examination findings
- Disciplinary history of associated individuals and affiliates of a registered firm
- Changes in firm leadership
- Whether a firm has custody of investor assets
- Protection of personal client financial information by RIAs continues to be a high-priority area, including the following:
- Governance and risk management
- Access controls
- Data loss prevention
- Vendor management, including outsourced solutions that leverage cloud-based storage
- Incident response and resiliency
- Compliance with Regulations S-P and S-ID
- Controls surrounding online and mobile app access to customer account information
- Disposal of retired hardware that may contain client and/or network access information.
- Automated Investment Tools and Platforms (“Robo-Advisers) – these platforms will continue to be an area of focus as they grow in popularity, including:
- SEC registration eligibility (required minimum asset levels or commitment to operate as “internet investment adviser”)
- Cybersecurity policies and procedures
- Marketing practices
- Adherence to fiduciary duty
- Effectiveness of compliance programs
It’s interesting to see mutual funds listed as an area of priority, given the extensive regulation already in place under the 1940 Investment Company Act. While traditional topics such as investor protection and custody compliance continue as focus areas, data security oversight and an appropriate governance structure for robo-advising are also front and center. It will be important for RIAs to establish appropriate governance mechanisms and day-to-day policies to ensure that cybersecurity concerns are adequately addressed. This can be a particular concern for RIAs that grow through “rollup” acquisitions, as the practices of each acquired firm (with respect to custody, cybersecurity, and any potential link between the two) will need to be vetted for consistency and compliance. In addition, it’s quite possible that robo-investing platforms will evolve more quickly than the related regulatory framework. This presents a challenge for the SEC/OCIE, and also for advisers trying to align themselves with what may be rapidly changing industry “norms”. All this promises to make 2020 a fast-paced year for the RIA community.
Financial Services and Investment