SEC OCIE Findings on IA Compliance

On Nov. 19, SEC issued OCIE observations re IA compliance programs

  • SEC issued risk alert to provide an overview of notable compliance issues identified by OCIE related to SEC Rule 206(4)-7 (the compliance rule) under the IAA of 1940.
  • Deficiencies related to the compliance rule have been among the most common cited.
  • Compliance Rule Requirements
  • Under the compliance rule or CR, a registered investment adviser must not provide investment advice unless it implemented certain written policies and procedures (PPs).
  • Specifically, PPs reasonably designed to prevent violation of the IAA and its rules.
  • Compliance rule requires investment advisers to consider their fiduciary and regulatory obligations under the IAA and to formalize policies and procedures to address them.
  • The compliance rule does not enumerate elements that IAs must include in their PPs.
  • Each IA's PPs should take into consideration the nature of the firm's operations.
  • IAs must review their policies and procedures no less frequently than annually to determine their adequacy and the effectiveness of their implementation.
  • Each adviser must designate a competent CCO to administer its compliance PPs.
  • Inadequate Compliance Resources
  • OCIE staff observed advisers that did not devote adequate resources, such as information technology, staff and training, to their compliance programs.
  • For example, CCOs encumbered with numerous other professional responsibilities.
  • Advisers that had significantly grown in size or complexity, but had not hired additional compliance staff or added adequate technology, leading to compliance failures.
  • Insufficient Authority of CCOs
  • OCIE staff observed CCOs who lacked sufficient authority within the investment adviser to develop and enforce appropriate policies and procedures for the firm.
  • For example, advisers limiting CCO from accessing critical compliance information, such as trading exception report and investment advisory agreements with key clients.
  • Also, IAs where senior management appeared to have limited interaction with their CCOs, which led to CCOs having limited knowledge about firm’s leadership, operations.
  • Instances where CCOs were not consulted by senior management and employees of the adviser regarding matters that had potential compliance implications.
  • Annual Review Deficiencies
  • Staff observed advisers that could not demonstrate that they performed annual review or review failed to identify significant compliance or regulatory problems.
  • For example, reviews that failed to identify or review critical risk areas applicable to the investment adviser, such as conflicts of interest and protection of client assets.
  • Failure to Implementing Actions
  • OCIE staff observed IAs that did not implement or perform actions required by PPs.
  • For example, despite being stated in PPs, advisers did not train their employees, implement trade error, advertising, best execution, conflicts, disclosure procedures.
  • Accurate, Complete Information
  • Staff observed advisers PPs with outdated or inaccurate information about the firm.
  • This included off-the-shelf policies that contained unrelated or incomplete information.
  • Reasonably Designed Policies, Procedures
  • OCIE staff observed advisers that did not appropriately tailor their PPs to the firm.
  • Also, others' PPs were not reasonably designed to prevent violations of the IAA.
  • For example, some advisers utilized the policies of an affiliated entity, such as a broker-dealer, that were not tailored to the specific business of the advisers.
  • Some IAs claimed to rely on cursory or informal processes instead of written PPs.
  • Deficient Areas
  • Even if firms maintained written PPs, staff observed deficiencies or weaknesses with establishing, implementing or appropriately tailoring certain key compliance areas.
  • Those areas are: portfolio management; marketing; trading practices; disclosures.
  • Also, advisory fees and valuation; client privacy; and books and records.
  • Finally, safeguarding of client assets; custody; and business continuity plans.

Regulators SEC
Entity Types B/D; Fiduciary; IA; MIA; Muni
Reference PR, Al, 11/19/2020; Citation: SEC Rule 206(4)-7;
Functions Compliance; Exams; Financial; Legal; Operations
Countries United States of America
Products Fixed Income; Issuance/IPO; Municipal; Securities
Regions Am
Rule Type Guidance
Rule Date 11/19/2020
Effective Date 11/19/2020
Rule Id 91124
Linked to
Reg. Last Update 11/19/2020
Report Section US Investment

Last substantive update on 11/20/2020