This week the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued its overview of investment adviser examination findings since February 2015. The Risk Alert is a rare disclosure of OCIE examination findings. Five of the most common examination deficiencies are discussed in the Alert.
Violations to hit the top five (5) list are as follows:
- Rule 206(4)-7, the Compliance Rule
- Regulatory Filings, general
- Rule 206(4)-2, Custody
- Rule 204A-1, Code of Ethics
- Rule 204-2, Books and Records
The Compliance Rule is the newest of the Rules listed and has become a “catch-all” for all sorts of general compliance deficiencies, especially any involving written policies or annual reviews, which are key components of the Rule.
Regulatory filing deficiencies range from Form ADV to Form D and Form PF (private funds) and cover inaccuracies as well as late filings.
The Custody Rule has been a large focus of examiners in recent years. OCIE findings in this area are more broad and involve violations of the various audit provisions of the Rule and advisers with custody that simply did not recognize their custodial relationship and therefore violated the Rule through neglect (such as access to online accounts via passwords or power of attorney over accounts).
Code of Ethics violations have always been the most common deficiency during exams. Findings include late filings by access persons, unidentified access persons, inadequate policies, and lack of Form ADV Code of Ethics disclosures.
Books and records retention is another common finding. Most firms understand the requirements of Rule 204-2 and strive to meet it, but in today’s world of electronic records this can be at times challenging. The Staff found issues with trading records, advisory agreements, general ledgers, stale client data, outdated fee schedules, and conflicting records.
The SEC Alert points out that some of these findings have led to enforcement actions. Rule 206(4)-7 is often cited now in proceedings and 2016 was a year for many Custody Rule cases.
Now may be a good time to review your compliance policies and procedures in the above areas.