Speech by SEC Staff:
Focus Areas in SEC Examinations of Investment Advisers: the Top 10
Lori A. Richards
Director, Office of Compliance Inspections and Examinations
U.S. Securities and Exchange Commission
IA Compliance Best Practices Summit 2008
IA Week and the Investment Adviser Association
March 20, 2008
The SEC disclaims responsibility for any private publication or statement of any SEC employee or Commissioner. This speech expresses the speaker’s views, and does not necessarily reflect those of the Commission, the Commissioners, or other members of the staff.
Good morning. It’s a pleasure to be with you today. I want to thank David and Hugh and the IA Week and the Investment Adviser Association for sponsoring this conference — the 10th Annual IA Compliance Best Practices Summit. This has become an important venue for sharing information about compliance challenges, compliance practices, and what’s ahead for us as compliance professionals.
I’m glad to speak with you today, as I view your work as compliance professionals as so critical to the protection of investors. If you are able to work within your firms to implement effective compliance programs, you will prevent problems from occurring, and detect and promptly correct problems that do occur. This is exactly what regulations intend, and the outcome that regulators seek. Investors are best protected by firms having strong compliance programs that prevent violations from occurring. I know that as compliance professionals, you are always seeking to identify the compliance risks within your firms, and that you sometimes lose sleep thinking about issues that you may have missed. As examiners, we too are very focused on identifying compliance risks, and we too sometimes lose sleep thinking about areas where investors may be at risk. So, we have more in common than in contrast — not in the least being a lack of consistent sleep patterns!
I wanted to talk with you this morning about some of the compliance issues that are at the top of our agenda as examiners of investment advisory firms — indeed, OCIE’s “Top 10” compliance issues. My hope is that these issues will be, or already are, at the top of your agenda as well. You know, I read the subtitle of this conference — “Turning Powerful Information into Innovative Action” — as something of a challenge to you. I hope that you will use the information I provide this morning in taking action on your own compliance program. I hope too that you will also use this information in communicating the importance of your firm’s compliance in these areas to your firm’s business leaders and to employees.
Before I do, I must say that the views I express are my own and not necessarily the views of the Commission, the individual Commissioners, or my colleagues on the Commission staff.
I. RISK-BASED EXAM PROGRAM
I’ll summarize the “Top 10” compliance issues that SEC examiners are most focused on in our examinations of advisers at the moment. Before I talk about these discrete focus areas, let me share a bit of predicate information about our risk-based exam program.
The population of registered investment advisers has increased rapidly in recent years. Indeed, by more than 40% in recent years (in 2001, there were 7,400 advisers, there are almost 11,000 today). At the same time, our examiner staffing levels have not increased. Given this fact, we came to the conclusion that our limited resources would best be used in examining those firms and issues that have the greatest potential to pose harm to investors. Our approach to examinations seeks to zero in on those firms and those issues that are most deserving of our attention — those areas where investors may be most at risk. This has necessitated a disciplined approach to risk assessment. We focus attention on:
- Firms that are of such size, that, if anything went wrong, a significant number of investors would be affected; this is why we spend a fair amount of time examining large firms, and monitoring their compliance controls.
- Firms and areas within firms where compliance controls or supervision appears to be weak; these firms may have had a prior exam or enforcement history indicating weak controls or problems, or present other indications of compliance risk.
- Firms that are involved in activities that may present increased compliance risk, if not controlled adequately; I’ll share some of these issues in a moment.
There are two other elements of our exam program for advisers that will be of interest to you — we examine a “random” sample of advisers that are not otherwise targeted for examination. For advisers, this “random” approach means that you may be subject to examination at any time, even if you don’t fall in one of the primary risk categories that I just outlined. And, we also target newly-registered advisers for limited-scope inspection visits or contacts. In these visits, our goal is obtain information about the adviser’s compliance program and evaluate the overall compliance culture of the firm.
Our risk-assessment process incorporates each of these approaches, and it helps guide examiners in every phase of examination — which firms to examine, what areas to focus on, and what issues to look at. It’s important for you to know that this risk assessment process includes an assessment of your firm’s compliance controls — because firms that have strong compliance controls will be more likely to prevent problems from occurring, and to detect and correct any problems that do occur, they should be subject to less examination attention. But, on the other hand, if controls appear to be non-existent or weak, examiners will drill down in these areas looking for deficiencies.
An overall focus for us is to identify compliance risk issues that exist in different types of registrants — broker-dealers, investment advisers, and investment companies — and to take a consistent approach in examining for compliance. Our risk assessments and examination trend analyses have found that many compliance issues challenge advisers, funds and broker-dealers alike — such as misuse of material non-public information and information leakage, valuation, “best execution,” use of brokerage commissions, soft dollars, revenue-sharing and other hidden payments for business, anti-money laundering, sales practices, internal controls, market manipulation schemes, and supervision. These are all examples of compliance issues that have no home in any one particular type of registrant.
In addition, an increasing number of firms are operating as both registered broker-dealers and investment advisers, and there are increasing affiliations between broker-dealers and investment advisers. Given this reality, we’re working on a pilot that will include examinations of a number of dually-registered broker-dealers and investment advisers at the same time, with a view towards creating a common examination module. There is potential that it might provide efficiencies to firms in that their various activities might be examined at one time, rather than being subject to more than one exam, by separate exam teams. And, it allows examiners to see the “whole picture” of a firm’s various activities, providing clear benefits for regulatory oversight.
Along with adopting a risk-based approach to examinations, we also concluded that we could do more — outside of our examination process — to help firms to foster healthy compliance programs to reduce their risks of having compliance violations in the first place. That’s why we created the CCOutreach program for investment adviser and mutual fund chief compliance officers. We’re seeking to promote open communications between securities regulators and compliance officers with respect to compliance issues, to share experiences, and to encourage participants to learn about effective compliance practices. It’s our hope that this program will help CCOs to create strong compliance programs for the protection of investors.
Before you create a compliance program, of course, you should be familiar with the regulatory obligations that apply to you. Because so many advisers are new to SEC registration, and may be unfamiliar with their obligations under the Advisers Act, last summer we published a “plain English” summary of some of the key provisions of the Advisers Act, and we’ve emailed it to over 3,500 new advisers! Of course, the most fundamental of these obligations is to act as a fiduciary to clients, holding their interests foremost at all times.
To further assist firms in improving their compliance programs, we publish what we call “ComplianceAlerts” on the SEC’s website, which provide the compliance community with information about compliance issues and problems that we’ve seen in our examinations. We hope that by providing you with information about what we’re seeing at other firms, you will use this information to make sure that your firm’s compliance is effective in those areas.
These are among the various ways that we’re helping firms to establish strong compliance programs — and hopefully, helping to reduce the risk of compliance violations.
II. “TOP 10” AREAS OF FOCUS
Now, let me turn to the “Top 10” issues that we’re focused on in our examinations of investment advisers. Some of these are areas where we have discovered serious breaches, and some are areas where the SEC has brought enforcement actions. All of these are areas that may pose risk to investors if advisers do not handle them in a fiduciary manner and in compliance with the law. All are areas that should be considered in an adviser’s risk assessment as part of its compliance program.
Here are two important caveats: in routine exams, greater or lesser focus will be paid to these areas depending on the firm’s own internal compliance controls in the area; and, examiners are also alert to other compliance risks in addition to these areas.
1. Controls Over Valuation
In examinations of all types of registrants, examiners are focusing on the firm’s controls to value securities. Particular emphasis is on whether the firm has controls and is implementing those controls when pricing structured products, illiquid securities or other difficult-to-price securities. This is an important area because advisory clients need to know the fair value of their holdings, and they can be harmed if the adviser overcharges its advisory fee based on overvalued holdings.
Examiners will look at whether the firm understood the nature of the security before buying it, had a plan with respect to how it would price the security, whether it has adequate processes and procedures related to risk management, valuation, and accounting, whether it is following those procedures, and whether it has disclosed the risks of investments in illiquid securities to its clients. Examiners are likely to want to understand the level of experience and sophistication of the personnel who are involved in pricing, and if there is some level of independence in the pricing process.
In this regard, we’re looking at whether prices are calibrated to observable trade data even if the market for a security is less liquid than in the past. We’ll also be looking at the use of dealer quotes in pricing, and whether valuations seem to reflect prices at which the security could actually be sold.
2. Controls Over Non-Public Information/Personal Trading/Code of Ethics
Instances of suspicious trading have increased. The SEC and the SROs have active programs to police for insider trading. But, preventing insider trading is every firm’s responsibility. Under the Adviser’s Act, advisers are required to establish, maintain, and enforce written policies and procedures reasonably designed, taking into consideration the nature of their business, to prevent the misuse of material non-public information by the registered entity or its associated persons (under Advisers Act Section 204A).
Review of controls to prevent insider trading in client, proprietary, or employee accounts is a high priority area in SEC examinations of all types of entities. Generally, examiners will focus on whether a firm has identified the source and type of non-public information that they and employees may be privy to, whether the firm has crafted and implemented adequate procedures to maintain the confidentiality of that information, and is implementing those procedures. Examiners will also be interested in whether the firm has guidelines with respect to when and to whom it will provide information, for example, information about its portfolio or its trading. Examinations will seek to understand the firm’s own compliance and supervisory programs with respect to insider trading, and will probe more deeply if there are weaknesses in these programs.
Advisers should be asking new questions — such as, how could my employees come into possession of material non-public information? How could this information be abused? What procedures can I put in place to prevent it? And, what tests can I employ to determine whether there are indications of insider trading at my firm? These are the questions that examiners too will be asking.
3. Dealing with Senior Investors
With more senior investors in our markets than ever before, the Commission has prioritized the protection of senior investors in its investor education, examination and enforcement programs. Last year, we conducted an exam sweep last year of broker-dealers and investment advisers offering “free lunch” sales seminars to seniors, and found problems in the marketing, sales and supervisory processes of many firms. Our report, issued jointly with FINRA and NASAA is on our website (at http://www.sec.gov/spotlight/seniors/freelunchreport.pdf).
And, I’m happy to tell you about a new initiative in this area — on February 8th, along with NASAA and FINRA, we announced a new project designed to identify effective practices used by financial services firms in dealing with senior investors, and, ultimately, we will provide information about these practices publicly. I also want to thank the IAA and David for help in getting the word out about this project.
We’re looking for investment advisory firms, and other financial services firms, to tell us about the effective supervisory, compliance and the other practices they use in dealing with seniors in the following areas: marketing and advertising to seniors; account opening; product and account review; ongoing review of the relationship and appropriateness of products; discerning and meeting the changing needs of customers as they age; surveillance and compliance reviews; and training for firm employees.
To be clear, it’s not expected that there will be a "one-size-fits all" approach to effective practices in these areas, and there may be many different practices that are effective. Our goal is to help firms to know what other firms are doing in these areas, so that firms are better able to serve their senior customers.
So, do you have an interesting or new way that you’re dealing with these issues? If so, email us at SeniorInvestorPractices@SEC.gov and talk with us about it.
4. Compliance and Supervision
This is a key area of examination focus. Examiners will seek to understand the adviser’s compliance program and whether it appears designed to capture and manage that particular adviser’s compliance risks. So, we’re very interested in whether the adviser has conducted a risk-assessment and identified its own compliance risks and conflicts of interest, and crafted and implemented procedures to effectively mitigate those risks. Conflicts that we’re seeing include new revenue-sharing payment streams from advisers to broker-dealers for obtaining space on the broker-dealers’ “recommended adviser” lists, and other undisclosed compensation and gifts for business (e.g., to solicitors, fund consultants, and municipal consultants). Also, we’re looking at whether the firm is adequately supervising its dispersed offices and independent advisory contractors.
No compliance program will be effective unless it’s implemented, so we’re also very interested in seeing that all review procedures are actually implemented, and that an effective annual review was performed.
5. Portfolio Management
Basically, examiners are interested in whether the securities recommendations and investments made for clients and funds are consistent with the adviser’s disclosures and the client’s investment objectives and restrictions. They are looking at whether processes and procedures related to risk management, valuation, accounting, and other back office functions are adequate given the types of investments made on behalf of clients. Particular emphasis now is on client investments in structured products and other complex derivative instruments, including CDOs, CLOs, credit default swaps, and other types of swaps. Also, we’re looking at money market funds and compliance with Investment Company Act Rule 2a-7.
6. Brokerage Arrangements and Best Execution
We’re interested in whether brokerage arrangements are consistent with fiduciary obligations to clients (it’s the client’s money, after all!) and with disclosures provided to clients. Examiners will look at whether the adviser seeks best execution, whether it uses soft dollars consistent with its disclosures, and whether the adviser periodically and systematically evaluates the costs and benefits of its brokerage arrangements. Examiners are particularly looking for any inappropriate and/or undisclosed use of soft dollars for the benefit of the adviser, and use of any affiliated or preferenced broker-dealers for excessive commission payments, kickbacks to the adviser, or other undisclosed arrangements.
7. Allocations of Trades
In this area, we’re interested in: whether the adviser has disclosed its policy with respect to how it will allocate trades; the adviser’s policies and procedures for allocating IPOs, block trades, and investment opportunities among clients and proprietary accounts; and whether actual practices are consistent with both policies and disclosures. Examiners are looking for cherry-picking and favoritism in allocations, to, for example, relatives, high profile clients, clients with performance–fee accounts, or other clients that the adviser may have an incentive to benefit. Examiners will review your testing of allocations as well.
8. Performance Advertising, Marketing, and Fund Distribution Activities
In this area, we’re interested in whether funds and advisers have effective policies and procedures to make sure that their claims about their past investment performance, their advertisements, and other marketing materials contain accurate information, whether conflicts of interest like revenue-sharing or other arrangements with third parties to increase assets have been effectively disclosed, and the use of solicitors. We’re also interested in whether information in pitchbooks, RFPs and other materials provided to clients is accurate. This is a space where we continue to find deficiencies, and one that needs compliance oversight.
9. Safety of Clients' and Funds' Assets
We’re interested in whether funds and advisers have effective policies and procedures for safeguarding their clients’ assets from theft, loss, and misuse. Also, whether the adviser has represented false performance results or account holdings, perhaps as a way to deduct larger advisory fees than are appropriate. We review the firm’s custodian arrangements, and whether an independent custodian sends account statements directly to clients or whether the adviser has a “surprise audit.” Examiners also assess whether there is a process for regularly reconciling client and fund balances of securities owned with those shown by custodians and ensuring that the books reconcile.
10. Information Processing and Protection (books and records, disclosures, and filings)
In this area, we’re interested in whether the adviser has effective policies and procedures for capturing, compiling, maintaining, and reporting relevant and timely information in its books and records (including email and instant messages), and in reports to clients and regulators. Also, examiners will be looking for controls that protect this information from hackers or other unauthorized persons, and from being destroyed in a disaster as part of the firm’s business continuity plan.
Those are our “Top 10” areas of exam focus in exams of advisers now. I know that many of these compliance areas are on the agenda for today’s conference, and I’m pleased that they are. I think this means that our focus on these issues will be matched by your focus on these issues — and that’s exactly where we should be on these issues. As I said at the outset, I view your work as compliance professionals as so critical to the protection of investors. If you are able to work within your firms to implement effective compliance programs, you will prevent problems from occurring, and detect and promptly correct problems that do occur. This is exactly what the regulations intend, and the outcome that regulators seek.
I hope that I’ve shared some information with you today that helps you to accomplish this.