The North American Securities Administrators Association, Inc.

April 18, 2003

Jonathan G. Katz, Secretary
U.S. Securities and Exchange Commission
450 Fifth Street NW
Washington DC 20549-0609

Re: File No. S7-03-03, Release Nos. IC-25925, IA-2107
Proposed Rule on Compliance Programs of Investment Companies
and Investment Advisers

Dear Mr. Katz:

The North American Securities Administrators Association, Inc. (NASAA)1 appreciates the opportunity to comment on File No. S7-03-03, Release Nos. IC-25925 and IA-2107, proposed rule on "Compliance Programs of Investment Companies and Investment Advisers."

NASAA supports the objective of this proposal to require each investment company and investment adviser registered with the Commission to adopt and implement policies and procedures reasonably designed to prevent violations of securities laws, review those procedures regularly for their adequacy and effectiveness, and appoint a chief compliance officer. The rules as they apply to Commission-registered investment advisers are particularly significant because they further harmonize the requirements applicable to both federal and state-registered investment advisers. NASAA has for a number of years encouraged states to adopt a rule requiring "Written procedures to supervise the activities of employees and investment adviser representatives that are reasonably designed to achieve compliance with applicable securities law and regulations."2 Another model rule declares it to be an unethical business practice for an adviser to fail "to establish, maintain, and enforce written policies and procedures reasonably designed to prevent the misuse" of nonpublic information.3

Further elaboration by the Commission on these matters will promote greater compliance with securities laws in general. While the proposal only applies to SEC-registered advisers, it will be useful to state officials in their efforts to promote uniformity of regulation.

Throughout this letter, we will focus on questions posed in the Release by highlighting the Commission's questions in italics immediately prior to our response. Our comments generally are limited to the proposal's impact on investment advisers, though we believe it also makes sense for investment companies to implement compliance procedures.

Discussion of Applicability

We request comment on whether we should provide for one or more exceptions. Is there a subset of funds or investment advisers with operations so limited or staffs so small that the adoption of an internal compliance program would not be beneficial? If so, are there alternative measures that these funds and advisers could take to promote their compliance with federal securities laws?

We start by addressing the SEC's use of the word "exception." NASAA believes that small advisers - those with one or two individuals - certainly would not require as extensive a compliance program as large firms - those that employ 10 or more individuals. However, use of the term "exception" may incorrectly suggest that no compliance program is required. Furthermore, carving out an "exception" for a firm based solely on the size of the operation or number of employees may jeopardize investor protection. Rather, we recommend that the Commission clarify the rule to state that advisers with higher dollar amounts of assets under management and greater numbers of clients will be expected to implement more extensive safeguards.

NASAA has an additional concern regarding an "exception" for small advisers. The discussion under Item I, "Background," indicates that each of the 7,790 advisers registered with the SEC is examined only once in every five years, and that these examinations focus largely on the compliance programs in place. As the number of advisers qualifying for SEC registration based on the current dollar threshold increases, the result may mirror the problems that the Commission experienced prior to certain small advisers coming under the sole jurisdiction of state regulators. Many of these advisers are operations with limited staff, but that have several sophisticated, high-dollar clients. While we understand that the Commission intends to move to a risk-based exam cycle, use of the term "exception" raises concerns that these small advisers could be omitted from any periodic examination schedule.

Should either rule specify certain minimum policies and procedures? If so, what specific required policies and procedures should we include, and in which rule should we include them?

Procedures to ensure compliance with the securities laws will vary widely depending on the type of business conducted by the adviser. An Internet adviser, for example, will likely have very different business activities and compliance concerns than a money management firm or a timing service. The NASAA model rules have not specified specific compliance procedures, but have taken the same flexible approach found in the proposed rule. The Commission's proposal also would parallel the approach taken in broker-dealer compliance rules, making it easier for the large number of combined broker-dealer/investment adviser firms to establish additional procedures if necessary.

We strongly support having examples of major areas of concern incorporated into the Release. Absent a one-size-fits-all rule, this would help advisers better understand the Commission's expectations.

We request comment on the guidance that we have provided and urge commenters to provide suggestions as to additional areas our guidance should cover.

In the examples of policies and procedures that advisers should have, the term "advisory personnel" is used in the bullet on safeguarding client assets from conversion or inappropriate use." Because the Release tends to focus on the activities of "supervised persons" as that term is defined in section 205(a)(25) of the Advisers Act, an adviser might assume that this example would only apply to supervised persons in this instance as well. The Commission should consider a clarification that such policies and procedures should apply to all of the adviser's personnel, not just its supervised persons.

NASAA suggests the following additional areas for inclusion:

The procedures should be designed to prevent violations of federal and state securities laws. For SEC-registered advisers, this is particularly important in the case of state licensing requirements, including any education or training qualifications that apply to investment adviser representatives.

The procedures should ensure that all regulatory filings (both federal and state) are made and updated in accordance with prescribed schedules. These include annual updates to Form ADV on IARD and renewal of state notice filing status, and submission of Part II of Form ADV to states that require it.

Solicitor relationships should be addressed, including ensuring solicitors' compliance with the solicitation rule. Firms also should ensure that solicitors provide the latest version of the firm's Form ADV disclosure document to potential clients.

To impress upon advisers the importance of having compliance policies and procedures in place and operating properly, the Commission should include a comment regarding the implications of failure to have such policies and procedures in place, especially as applied to fraud prevention measures.

Should the policies and procedures of funds or advisers be designed to prevent violations by persons other than those listed in the Proposed Rules?

Many advisers utilize "finders" who solicit persons to become clients and who are compensated by the advisers for those services. These arrangements are governed by the solicitation rule, Rule 206(4)-3 under the Advisers Act. This rule puts duties on an adviser to ensure the solicitor is not statutorily disqualified, that there is a written agreement setting forth the terms of the arrangement, and that the required disclosures are made by both the adviser and the solicitor.

When the adviser provides personalized services and the solicitor is not directly affiliated with the adviser, the solicitor must make written disclosures about the arrangement with the adviser and provide a copy of the adviser's latest disclosure document to potential clients. The adviser must make a real effort to determine that the solicitor has complied with all requirements. It is logical that the compliance rules should extend to solicitors, inasmuch as the solicitation rule already requires similar oversight.

As noted previously, having procedures for supervision of all employees is preferable to having them for supervised persons only. Limiting the compliance procedures' applicability to "supervised persons" as that terms is defined in Section 205(a)(25) of the Advisers Act limits the oversight to persons who provide investment advice on behalf of the adviser. Larger money managers have staff who have little or no contact with clients, but who have responsibilities that may affect securities recommendations, who have access to information regarding an adviser's recommendations or trading strategies, or who have access to customer account information. These individuals could misuse information for their own benefit or convert client assets to their own use. The compliance procedures should extend oversight requirements to all employees of the adviser who have access to trading recommendations, strategies, or customer account information.

Annual Review

Should we require more frequent review of the policies and procedures?

The proposed rule requires that an adviser review the adequacy of its procedures "no less frequently than annually." This implies that the procedures may be reviewed more frequently when conditions indicate a shortcoming in the firm's ability to prevent or detect violations. It also suggests that the Commission anticipates situations where it might require more frequent reviews based on findings from examinations or investigations. Some of the procedures might involve complex computer programs to detect certain types of activity or trends that would suggest a potential compliance problem. Absent an indication that something may be missed by these procedures, it seems to NASAA the most practical review period is annual.

Maintaining the wording as proposed provides the flexibility for the Commission to require more frequent reviews, and provides a basis for finding that an adviser failed to have adequate procedures because it did not react to red flags between annual reviews as suggested by the "no less than" language of the rule. The Commission also should consider additional commentary regarding an adviser's duty to review procedures more frequently when conditions suggest existing procedures are inadequate.


Should we similarly require each chief compliance officer to certify the fund's compliance policies and procedures?

While NASAA has no comment with regard to this certification requirement for chief compliance officers, we do not understand the proposal as meaning that an investment adviser to a fund would be covered by such a certification. That would have to be done separately by the adviser's own compliance officer. We suggest that the Commission clarify this. The rule also should be clear as to exactly what the officer will be certifying: that policies exist, or that they are working?

The USA PATRIOT Act requires funds to establish anti-money laundering programs that designate an anti-money laundering compliance officer, but the implementing rules permit multiple persons to serve in this role. Should our rule permit multiple compliance officers?

The USA PATRIOT Act requires funds and other financial institutions to establish anti-money laundering programs. Again, we limit our comments to the application of rules for investment advisers. NASAA favors an approach that is both flexible toward advisers, yet ensures investor protection.

NASAA believes an investment adviser should be able to designate one or more compliance officers, based on the business needs of the adviser. The proposal suggests that the compliance officer(s) will be responsible for the administration of the adviser's policies and procedures. Advisers engage in a wide variety of businesses activities. A large adviser is more likely to have more than one compliance officer, while a small adviser will probably only have one. The proposal's aim, as is NASAA's, is to make certain that an adviser will establish and adhere to policies that protect clients and our national interests, even when the adviser's employees run afoul of those policies.

Broker-dealers often have compliance departments with multiple individuals responsible for different aspects of compliance programs. These individuals conduct compliance reviews, monitor the firm's books and records, and correspond with the public and regulators. The same flexibility should be given to investment advisers. NASAA supports a rule that permits multiple compliance officers.

Should we require that the chief compliance officer be a member of senior management of the fund or the adviser?

Although NASAA generally supports an approach that the chief compliance officer be a member of senior management, such a requirement might be burdensome in some instances. Advisers that are corporations could most easily implement such a requirement. Informally structured entities, such as limited partnerships, also could benefit from the requirement. For example, a chief compliance officer in a limited partnership should assist the general partners in making management decisions regarding disclosures of management and other fees to the limited partners.

This requirement might not be workable for some adviser business formats without formal governing bodies. In a limited liability company, for example, a chief compliance officer also designated as a managing member, but without an equity interest or voting rights in the company, could be out-voted in management decisions. In the case of a sole proprietorship adviser with many employees, the proprietor makes all management decisions, and clearly is not independent.

Our concern stems from the lack of clarity in the term "member of senior management." We support the concept that a chief compliance officer be given substantial managerial powers to aid the adviser in making business decisions, as well as independence in compliance matters. Perhaps the Commission could define or illustrate when chief compliance officers would be considered members of an adviser's senior management.

An alternative approach might be to require that the chief compliance officer would report independently to senior management or a board of managers that could implement the officer's compliance recommendations. The officer would report directly to the CEO or COO of an incorporated entity, the general partners of a limited partnership, managing members of a limited liability company, or the proprietor of a sole proprietorship. The report could be, among other things, a formal document outlining compliance recommendations or a presentation reflected in the minutes. The report and the management decision with respect to the report should be reflected in some way in the adviser's business records.

In summary, NASAA supports the spirit of the proposal for a formally designated and clearly identified chief compliance officer for investment advisers. That person would be responsible for a program of ensuring investor protection and complying with federal and state securities laws.


We request comment on the recordkeeping requirements...whether there are feasible alternatives to the Proposed Rules that would minimize the recordkeeping burdens, the necessity of these records in facilitating the examinations carried out by our staff, the costs of maintaining the required records, and any effects that the proposed recordkeeping requirements would have on the nature of firms' internal compliance policies and procedures.

NASAA believes that the proposed recordkeeping rule would impact only a small number of advisers who do not already have compliance procedures in place. While the annual review of the procedures may take some time to effectively complete, creating and maintaining evidence of the review and its findings would not result in excessive records. The existence of these records is essential to a firm being able to demonstrate the sufficiency of its procedures and action, particularly in the years between examinations.

Request for Comment on Further Private Sector Involvement

Compliance Reviews

We request comment on the advantages and disadvantages of requiring advisers and funds to undergo compliance reviews. If we adopt such a requirement, should we exclude certain types of funds or advisers? Would the cost of these reviews be prohibitive for smaller advisers? Would some funds groups or advisers hire the least expensive compliance consultant regardless of the quality of the consultant's work. If so, how could we ensure that a high quality compliance review is conducted? If we adopt such a requirement should we require the third parties who conduct such reviews to satisfy certain minimum standards for education and experience? What criteria should be included in the rule to determine whether a third party compliance expert is independent? How frequently should we require such reviews to be conducted? What is the proper scope for third party reviews? Should we require the third party consultant to file its report with us? If so, what should the scope of the report be?

NASAA believes that periodic compliance reviews by third parties are beneficial in enhancing investor protection. In fact, many investment advisers already conduct such reviews. However, they should not be a substitute for periodic examinations and enforcement by the Commission or grounds for reducing the frequency of examinations. That would erode investor protection rather than enhancing it. Additionally, oversight by the Commission is necessary to ensure that the compliance reviews are properly conducted, valid and accurate. We also recommend that if compliance reviews are required, that the requirement apply to all advisers, though some flexibility might be given to smaller firms based on their circumstances.

The proposal succinctly enumerates the advantage of compliance reviews. There are some disadvantages. Compliance reviews may be unnecessarily duplicative of other activities, not providing substantial additional benefit in relation to the additional cost. Advisers and funds also may be reluctant to provide the results of compliance reviews to the Commission. States often ask for copies of compliance audits, exams and reviews in the course of their audit/exam processes. Most State registered advisers provide the reports, but some have refused or expressed reluctance stating that the reports are confidential internal documents. They assert that disclosing them to regulators would have a chilling effect on the openness and frankness of future compliance reviews. The Commission also may want to consider the extent to which compliance reviews provided to it would be public records subject to the requirements of the Freedom of Information Act.

As long as compliance reviews supplement and do not supplant examinations and enforcement by the Commission, the need for minimum review requirements is not great. It is important to require that compliance reviews be conducted by an entity or person not affiliated with the adviser. Perhaps the standard of independence should be the same as applied to accounting firms for publicly traded companies.

Given the fact that the Commission 's exam schedule currently stands at approximately once every five years, requiring more frequent compliance reviews should enhance investor protection. The scope of the compliance review should be sufficient to ensure that essential compliance controls are in place, and that compliance policies and procedures are being properly followed and implemented. Findings of deficiencies or an examination by the Commission indicating problems should result in more frequent reviews by the adviser or fund. NASAA also recommends that the third party conducting the compliance review provide at least summary information to the Commission.

Self Regulatory Organization

We request comment on whether one or more SRO's should be established for funds and/or investment advisers. Should the SRO's be limited in their authority? For example, should they be limited to conducting examinations? How should the activities of an SRO be financed?

NASAA members recently approved a resolution replacing one passed in 1989. NASAA no longer supports the establishment of a self-regulatory organization (SRO) for investment advisers. The 1989 position was taken in a much different environment. It occurred before the National Securities Markets Improvements Act of 1996 (NSMIA) divided investment adviser registration responsibility between the Commission and the states. It also occurred before implementation of the Investment Adviser Registration Depository (IARD), which now includes more than 15,000 Commission and state-registered investment adviser firms, and more than 125,000 state-registered investment adviser representatives.

Through just such undertakings as this proposed rule, much progress has been made in achieving uniformity in regulation of investment advisers. Establishment of an SRO for investment advisers would add another layer of regulation for firms and increase their compliance costs. We do not believe that the action would be accompanied by a corresponding increase in investor protection or decrease in the need for Commission oversight.

Fidelity Bonding Requirement for Advisors

Should advisers be required to obtain a fidelity bond from a reputable insurance company? If so, should some advisers be excluded? Alternatively, should advisers be required to maintain a certain amount of capital that could be the source of compensation for clients? What amount of capital would be adequate?

NASAA has adopted a Model Rule that provides for both minimum financial requirements and bonding for state-registered investment advisers. We recommend that the Commission adopt similar rules for advisers subject to its jurisdiction.

The bonding requirements for state-registered firms generally apply to investment advisers with custody or discretionary authority over client funds or securities. The amount of the bond is determined by the state regulator based on the number of clients of the firm and the total assets under management. A similar federal rule might provide several tiers of bonding, based on total assets under management.

Minimum financial requirements for state-registered investment advisers also apply to firms with custody or discretionary authority over client funds or securities. The current NASAA model rules require advisers with custody of client funds or securities to maintain a minimum net worth of $35,000; firms with discretionary authority, but not custody, must maintain a minimum net worth of $10,000. Advisers that accept prepayments exceeding $500 per client six or more months in advance, must maintain a positive net worth at all times.

Dollar amounts for minimum net worth or bonds should be periodically reviewed and adjusted to account for inflation. An alternative approach to using fixed dollar values is to state minimum net worth as a percentage of assets under management. Since Commission-registered investment advisers have more money under management, and presumably clients with more assets at risk, minimum requirements should be greater.

NASAA appreciates being given the opportunity to comment on these issues. We look forward to continuing to work closely with the Commission on matters of mutual interest.


Patricia D. Struck
NASAA Investment Adviser Section Chair
Administrator, Wisconsin Division of Securities

1 The oldest international organization devoted to investor protection, the North American Securities Administrators, Inc. was organized in 1919. Its membership consists of the securities administrators in the 50 states, the District of Columbia, Canada, Mexico and Puerto Rico. NASAA is the voice of securities agencies responsible for grass-roots investor protection and efficient capital formation.
2 "Unethical Business Practices of Investment Advisers," adopted May 3, 1998.
3 "Unethical Business Practices of Investment Advisers," adopted in 1985 and amended in 1997.