Speech by SEC Staff:
The Role That Surveillance Might Play in the Risk-Based Oversight of Mutual Funds
Lori A. Richards
Director, Office of Compliance Inspections and Examinations
U.S. Securities and Exchange Commission
2008 Securities Law Developments Conference
Investment Company Institute
December 16, 2008
Good morning. It's a real pleasure to be with you today at the ICI's Securities Law Developments Conference. The purpose of this conference is to provide a forum for discussion about current issues in securities law and regulation affecting mutual funds. Just as important as the law and regulation is the effective implementation of the law and regulation through supervision, policies and procedures, compliance controls and testing. In my job as the Director of OCIE, I'm acutely interested in implementation — after all, it's only when implemented that the protections of the securities laws become real for investors.
Before I begin, I am required to state that the views I express today are my own, and do not necessarily represent the views of the Commission or any other member of the staff.1
I see my remarks to you this morning as the bookend to Buddy Donohue's remarks yesterday — he of course spoke about current developments in the law, and I'd like to speak you about the SEC's role in overseeing the implementation of the securities laws by registered investment companies.
I wanted to talk with you today about my thoughts on how SEC oversight of mutual funds might be improved, and in particular, improved by the greater use of technology and data analysis. In a broader context, the SEC has been focused hard on how disclosures can be better accessed and made more usable by investors, and has made great strides in the introduction of XBRL technology and in bringing new thinking to this task through its 21st Century Disclosure initiative.
And, in OCIE, we give a lot of thought to how we can best oversee registrants. Examination oversight of registered firms' compliance with the securities laws is our primary function. We believe very strongly that our oversight must be innovative, and must be nimble enough to change and improve, given changes in the industry. Given the demographics in the mutual fund industry in recent years — the number of advisers that operate a mutual fund, the dollars managed by mutual funds, and the number of investors who rely on mutual funds as their primary investment vehicle — as well as recent portfolio losses -- it is more critical now than ever that the SEC provide sound oversight. We have identified ways in which our oversight of mutual funds could be improved, and I wanted to share these ideas with you today.
Let me say at the outset that the interests of the SEC, investors and the mutual fund industry are aligned on this issue — each wants to assure robust oversight of compliance with the securities laws. We all want firms to have strong compliance programs, for violations to be prevented, detected and corrected appropriately. We all want the regulatory infrastructure not to impose undue costs, and to provide a minimum level of oversight necessary for investor confidence and investor protection. We all want the SEC to be able to timely identify violators and ensure corrective action. It is in that spirit of having a mutual interest that I speak to you this morning.
Background: Risk-Based Oversight
First, some background on the SEC's examination oversight of investment advisers and mutual funds. From 1998 through 2002, the SEC's staff in OCIE examined every registered adviser using a periodic exam frequency of once every five years at the most, and sought to examine newly-registered advisers early in their operations. We were able to do this because the population of registered advisers was much smaller than it is today. This cyclical approach had strengths and weaknesses. Among its strengths, it allowed for confidence that every registered advisory firm had some minimum level of examination oversight. Among its drawbacks, it was not flexible enough to allow us to examine risks nimbly across the industry.
But then, the number of registered advisers rapidly grew. The number of registered advisers increased by more than 50% in recent years (in 2001, there were 7,400 advisers, there are more than 11,000 today). This growth outstripped our ability to examine every firm on a regular basis (about 420 staff people conduct examination oversight of investment advisers and mutual funds). Not every investment adviser can be examined, and mutual funds may be examined once in every 7 years. Approximately 10% of registered advisers are examined on a regular frequency (every three years), other advisers may only be examined for cause, in sweeps, or randomly.
Given these demographics, in 2003 we transitioned to a risk-based approach to examinations. While we cannot examine every registered investment adviser or advised fund, we seek to assign exam staff to scrutinize those funds, advisers and issues that appear to present the greatest potential for having an adverse impact on investors.2
In recent years, during individual examinations, we began to request and to make better use of data provided electronically. It is common for us to obtain, for example, an electronic file of all of an adviser's trades for clients during the period covered by the exam, and to analyze the trading for patterns or outlier trades that appear to be unusual in the context of the adviser's advisory activities. Examiners then follow up on these patterns to determine the cause — such as undisclosed activities, arrangements or risks that may be harmful to clients.
The SEC's examination oversight is in many ways quite traditional — in that we send examiners physically in planes, trains and cars to the firm's offices to interview firm employees and to scrutinize electronic and print information. These in-person meetings and on-site presence allow examiners to gauge compliance processes and controls, and to ask questions. In my view, this type of examination is indispensable, but I think it can be improved, supplemented and better focused by having a robust ongoing surveillance function at the SEC.
Risk-Based Oversight Requires Routine Access to Data
Surveillance of regulated firms as part of a risk-based oversight program is not a new idea! Many regulators have active surveillance programs and the data to support them, for example, bank regulators use Call Reports and other data from regulated banking firms, and FINRA and NYSE-Regulation use trade reports and a variety of other data from its broker-dealer member firms. Even regulators of functions outside the securities world have active surveillance programs as part of a risk-based oversight methodology.
Establishing and maintaining an effective risk-based oversight program requires routine access to data. It requires that the exam staff have timely and continuing access to a set of reliable information about each firm surveilled to be able to gauge the relative compliance risk that each entity presents at a point in time and to monitor changes to these risk profiles over time.
Currently, we have a "Surveillance Branch" in OCIE that has access to information derived from filings, publicly-available databases, and other information. For investment advisers, the Surveillance Branch has created a mechanism for assessing their relative risks based on the data contained in Form ADV (and supplemented by the results of an examination of the firm's compliance controls).
In September of each year, a risk-profile algorithm is run against the investment adviser IARD database to identify all advisers that have higher-risk characteristics based on responses in their Forms ADV, Part I, including their disclosed assets under management, number and types of clients, affiliations, other business activities, compensation arrangements, brokerage arrangements, and disciplinary history.
I believe that additional data from advisers could enhance this risk-assessment process, and that a similar risk-assessment methodology could exist for mutual funds. Currently, most SEC filings by mutual funds are in an unstructured, text-based format, lack certain portfolio-level identifying information, and are not timely enough to provide the data needed for a robust surveillance program.
The Benefits of a Mutual Fund Surveillance Program
What benefits would exist with a mutual fund surveillance program? Creating a surveillance program for mutual funds would provide numerous benefits. First and most importantly, it would enhance investor protection by allowing the SEC staff to better detect emerging and resurgent risks or compliance and operation problems. This could allow us to more efficiently and intelligently focus our exam resources on those funds and practices most in need of regulatory scrutiny. Through more continuous monitoring of certain critical activities and control points of funds and their advisers, we may be able to reduce or mitigate the risks associated with a surprise eruption of particular compliance problems or industry practices that may adversely impact investors. It may also be possible for us to identify situations in which a fund appears to have excessive risk exposure in relation to its disclosed objectives. We would also be able to follow-up as matters arise regarding individual funds.
With a surveillance function, the SEC's staff could analyze and scrutinize data sets by employing anomaly detection algorithms or methodologies to identify those firms that exhibit significantly deviant behavior. Firms that display this type of "outlier" behavior could then be the focus of additional staff resources. This kind of approach would more thoroughly incorporate into our oversight the significant benefits and efficiencies that are available with information technology resources such as XML-based data tagging, relational database software, and data analysis tools that can detect patterns and relationships among millions of data points.
Potentially, such a surveillance system might seek to identify indications of things like mispricing, liquidity concerns, lack of diversification, and deviations from stated investment objectives. With respect to money market funds, such a system might seek to identify funds that hold securities in troubled issuers and those that may be at risk of breaking a dollar. As a result of surveillance, we'd contact firms when we identified anomalies or irregularities to identify the cause.
Second, creating a surveillance function would provide certain benefits of efficiency to mutual funds and to the SEC staff. If we were to routinely surveil key data, we would be able to better evaluate certain risks being assumed by mutual funds and could reduce the time spent doing this work during exams. In addition, with data already available, we'd be able to narrow in and focus our examinations on particular funds and particular issues. Finally, it would seem possible that more timely receipt of useable information could also reduce the information now required to be filed, but largely unusable for surveillance purposes, on Form NSAR.
Recent Experience With Mutual Fund Data
In different recent contexts, advisers and funds have experience in submitting data electronically, and the SEC staff have experience in using it. For example, as part of our examinations of the pricing, liquidity and portfolio quality of money market mutual funds, we recently obtained structured schedules of portfolio positions from all money market funds as of a single date. And, earlier this year, we obtained similar information from certain large money market funds. Analyses of this portfolio data provided the Commission and the staff with very useful information about the condition of money market funds as of those reporting dates and provided insights that could not have been obtained from any other source.
And, as I mentioned, during individual examinations, the exam staff typically ask for and obtain a significant amount of information electronically, including a database of all trades placed by an adviser for clients during the exam period. This data is enormously valuable in conducting the particular examination, but because it is only obtained after the particular firm has been selected for examination, it is of no use in risk assessment, monitoring or surveillance, or in selecting firms for examination.
In addition, many investment advisers also have recent experience in routinely submitting certain data to the SEC in an electronic format. Investment advisers are filing Form SH regarding their short sales on EDGAR in an XML-tagged format to permit easier analysis of the reported information by the staff.
So, in these different contexts, advisers and funds have experience in submitting data electronically, and the SEC staff have experience in using it, though to date its use has been limited. We would like to build on our past experience to enhance our risk-based oversight of all mutual funds and their advisers.
Data and Information That Would Enable a Surveillance Program For Mutual Funds
What data would be needed to create a robust surveillance program for mutual funds? In my view, this question should be explored further in the months ahead by the mutual fund industry and the SEC staff. To give you a general sense of the types of data and information I'm talking about, however, data might include general, fund-level information, such as for example: NAV per share; the shadow price for money market funds; the total net assets and shares outstanding; percentage of the portfolio that is fair valued; percentage of the portfolio that is illiquid; a description of each share class and the primary investment objective or style of the fund. Data might also include specific information concerning each portfolio security held by the fund. Additional data from advisers might include the identity of the audit firm, the custodian of customer assets, and other data.
Currently, many fund complexes already periodically provide portfolio holdings information to shareholders — daily, weekly or monthly — by posting it to their websites or sending it to third party data vendors. Thus, many funds already have a process in place for collecting certain types of information.
With timely access to certain types of fund-specific information, our Surveillance staff could carry out a number of analyses that would provide important oversight of mutual funds. Many of these analyses are now performed only during routine inspections. For example, as I noted, we could potentially identify indications of mispricing, valuation anomalies, liquidity concerns, deviations from investment objectives and risk-taking beyond that which was disclosed.
In addition, many other regulators in the U.S and abroad require that regulated firms provide the regulator with information concerning any serious violations, or indicia of violations, as part of their regulatory oversight programs. Some fund firms now voluntarily self-report such incidents to the SEC staff, often along with information concerning their remediation efforts. When such serious breaches are reported, our role is to protect investors by ensuring effective remediation and redress to harmed investors. Would investor protection be improved by requiring fund firms to report such incidents to the SEC staff?
If a mutual fund surveillance program were to be initiated, there would need to be significant discussion and analysis of the types of data and information needed, as well as the frequency with which it would be provided. The SEC's staff in OCIE and in the Division of Investment Management, as well as in the Offices of Economic Analysis and Risk Assessment, have a keen interest in this issue, and are looking forward to further work together on this issue. Critically, information and data would need to be required to be submitted in a standard format, on a specified timeframe, and be timely. Of course, the SEC staff must too be prepared to and be able to collect and use the data submitted and to maintain the infrastructure for such a surveillance program.
The Means by Which Data and Information Could be Made Available to the SEC
How would this type of information be provided to the SEC? There are various ways that this type of information and data could be made available to the SEC. In my view, the industry and the SEC staff should seek to explore alternatives that would facilitate providing this information in a useable format and in a cost-effective way.
One mechanism for delivering information and making it accessible to the SEC would be to ensure it is filed in an XML-tagged format or another type of structured format to facilitate analyses. Registrants already file reports with the SEC via EDGAR. Therefore, funds and their advisers could file portfolio information following similar procedures used now to file forms 13F and SH.
A possible alternative approach would be for funds to post the required data and information in a tagged or structured format to a shared space in their IT environment and enable the SEC staff at will to access that space electronically to both view and download the information. Under this approach, the staff would use web-crawler type technology to regularly access each fund's space for the posted information.
I believe that the SEC and the mutual fund industry can and should take steps to improve SEC oversight of mutual funds, and in particular, improve oversight by the greater use of technology and data analysis. I believe that technology and data analysis hold great promise in our oversight of mutual funds. This morning I've outlined: the SEC's risk-based approach to oversight; the need for routine access to data to support an effective risk-based approach; the benefits of creating a mutual fund surveillance program; the recent experience by advisers and the SEC staff with respect to electronic data; some of the general types of information that might enable a surveillance program for mutual funds; and some possible means by which that information could be made available to the SEC staff.
To make the ideas I outlined with you this morning real would ultimately require rulemaking by the SEC, and possibly legislation, to implement. I hope that the SEC staff and the fund industry will work together to further explore the ideas I have described this morning, based on our shared commitment to seek the greatest level of investor protection.
I want to thank you for your attention. I know that because you are here today, you care as much as I do about fund compliance. There are a lot of topics on the agenda for this conference that are important and timely, in addition to valuation, portfolio trading and disclosure, these include paying for distribution expenses, anti-money laundering strategies, Regulation S-P and global compliance efforts.
Let me close by encouraging you to consider the ideas I've outlined today, and ways that the SEC staff and fund firms might work together to make them a reality.
Thank you. Have a good conference.