The SEC’s Office of Compliance Inspections and Examinations (OCIE) publishes annually its examination priorities to promote transparency and provide insights into the areas it believes pose a heightened risk to investors or to the integrity of the U.S. capital markets. OCIE’s priorities are designed to support the SEC’s mission, which is to protect investors and facilitate capital formation, as well as to maintain fair, orderly, and efficient markets. On December 20, 2018, OCIE announced its 2019 examination priorities. Both the press release and full text are available online; however, we have summarized below the compliance and risk priorities specific to registered investment advisers, which include matters of importance to senior investors and those saving for retirement, digital assets, and a continued focus on cybersecurity. Although these priorities are specifically directed to SEC-registered firms, state regulators typically focus on the same or similar issues for their examination programs.
RETAIL INVESTORS, INCLUDING SENIORS AND THOSE SAVING FOR RETIREMENT
To fulfill OCIE’s commitment to retail investors, examinations will drill down on the following areas:
Fees and Expenses: Disclosure of Investment Costs
Examiners will make certain that investors are provided with full disclosure of the fees and expenses they pay for products and services. Financial professionals must accurately calculate and charge fees in accordance with their disclosures. OCIE will continue to review advisory account fees to ensure they are assessed in accordance with a firm’s client agreements and disclosures.
As part of their examinations, OCIE will concentrate on firms with practices or business models that may create increased risk of inadequately disclosed fees, expenses, or other charges. With respect to mutual fund share classes, OCIE will continue to evaluate incentives paid to financial professionals that may influence their selection of certain mutual fund share classes. In addition, OCIE remains focused on Registered Investment Advisers (RIAs) participating in wrap fee programs, which charge investors a single bundled fee for both advisory and brokerage services.
Conflicts of Interest
RIAs owe a duty to act in the best interests of their clients. Conflicts of interest may keep RIAs from acting in their clients’ best interests. Examinations will review policies and procedures addressing the following:
- Use of Affiliated Service Providers and Products: RIAs sometimes utilize services or products offered by affiliated entities. These arrangements create conflicts of interest related to portfolio management practices and compensation arrangements. OCIE will examine these arrangements to determine their impact on clients and will also look closely at firms’ conflicts of interest disclosures.
- Securities-Backed Non-Purpose Loans and Lines of Credit: A non-purpose loan or line of credit permits borrowers to use the securities in their brokerage or advisory accounts as collateral to obtain a loan, the proceeds of which cannot be used to buy or trade securities. OCIE has observed that RIAs and their employees receive financial incentives to recommend these products to clients and/or customers. OCIE will evaluate this practice to determine whether registrants are fully disclosing the risks to clients and any conflicts of interest that may arise when recommending these loans.
- Borrowing Funds from Clients: Borrowing funds from clients presents a number of conflicts of interest for an RIA. When examiners identify this practice, they will focus on whether adequate disclosures have been given. For example, an RIA must disclose if the financial condition of the firm is deteriorating. (NOTE: Most state-registered advisers are expressly prohibited from borrowing funds from or loaning funds to clients. Contact your consultant with any questions you may have.)
Senior Investors and Retirement Accounts and Products
During examinations of RIAs, OCIE will continue to review the services and products offered to senior investors and those saving for retirement. These examinations will focus on RIAs’ compliance programs and the appropriateness of certain investment recommendations made to seniors, as well as the RIAs’ supervision of their employees and independent representatives.
Portfolio Management and Trading
OCIE will review RIAs’ portfolio management practices for executing investment transactions, fairly allocating investment opportunities, ensuring consistency of investments with the client’s objectives, disclosing critical information to clients, and complying with other legal restrictions.
OCIE will also examine an RIA’s portfolio recommendations to assess whether the adviser’s investment or trading strategies are: (1) suitable for and in the best interests of investors; (2) contrary to, or have drifted from, disclosures to investors; (3) venturing into new and risky investments or products without adequate disclosure of the risks; and (4) appropriately monitored for attendant risks.
Never-Before or Not Recently-Examined Investment Advisers
OCIE will continue to conduct risk-based examinations of certain investment advisers that have never been examined, including new RIAs and existing advisory firms that have yet to be examined. OCIE will also make it a priority to examine certain RIAs that have not been examined for a number of years and may have grown substantially or have changed business models.
The digital asset market, which includes cryptocurrencies, coins, and tokens, has grown quickly and presents risks to retail investors. Digital market participants include RIAs, broker-dealers, and trading platforms. For firms actively engaged in this market, OCIE will conduct examinations focused on portfolio management of digital assets, trading, safety of client funds and assets, pricing of client portfolios, internal controls, and compliance.
OCIE’s examination programs will prioritize cybersecurity with an emphasis on matters such as:
- Proper configuration of network storage devices;
- Information security governance; and
- Policies and procedures related to retail trading information security.
With regard to RIAs, OCIE will emphasize cybersecurity practices at firms with multiple branch offices. Examiners will continue to scrutinize governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response.
OCIE’s published priorities for 2019 are not exhaustive. RIAs can expect examiners to address additional issues during their examinations. Although priorities drive examinations, OCIE uses a risk-based approach to determine their scope.
The full text of OCIE’s press release and priorities can be read at the following links:
Ara Jabrayan is the Managing Member of RIA Compliance Group, LLC, and on the Advisory Board for SmartRIA. His specialties include SEC and state RIA registrations, ongoing compliance assistance, mock exams, and the development of compliance programs. Follow him on LinkedIn, Facebook, or check out his Blog.