On December 20, 2018, the Office of Compliance Inspections and Examinations (“OCIE”) of the Securities and Exchange Commission (“SEC”) issued its 2019 examination priorities letter. OCIE releases examination priorities annually in order to provide a summary of key areas where OCIE intends to focus resources in the coming year.
While the scope of any examination is determined through a risk-based approach, both in selecting registered entities to examine and in determining the scope of risk areas to examine, the annual examination priorities letter provides valuable guidance into the main areas that OCIE will be targeting during their examinations. This year, OCIE has organized its priorities around six broad themes: (i) matters of importance to retail investors, including seniors and those saving for retirement; (ii) compliance and risk in registrants responsible for critical market infrastructure; (iii) select areas and programs of Financial Industry Regulatory Authority (“FINRA”) and Municipal Securities Rulemaking Board (“MSRB”); (iv) digital assets, including cryptocurrencies, coins, and tokens; (v) cybersecurity; and (vi) anti-money laundering programs. Of these six topics, five are carried forward from the 2018 OCIE priorities letter. OCIE has added a focus on digital assets this year which reflects the growth in that space as well as the additional regulatory scrutiny that the SEC, among other agencies, is placing on investments in the digital arena.
As always, the items covered by these six themes are not exhaustive. The priorities letter should serve as a guide to advisers and others as to the main topics that OCIE will be focusing on this year. Each of these themes is summarized below:
Matters of importance to retail investors, including seniors and those saving for retirement
OCIE has indicated that it will focus on whether proper disclosure has been made surrounding the costs of investing. This includes a review of fees and expenses charged to advisory accounts and ensuring that the fees are assessed in accordance with the client agreements and firm disclosures. OCIE published a risk alert on this topic in April 2018. OCIE also noted that it will focus on selecting firms with practices or business models that may create increased risks of inadequately disclosing fees, expenses, or other charges.
OCIE will review policies and procedures addressing (i) use of affiliated service providers and products, (ii) securities-backed non-purpose loans and lines of credit, and (iii) borrowing funds from clients. In their review of these practices, OCIE will assess, among other things, whether the related conflicts of interest have been adequately disclosed. A risk alert referenced in the examination priorities letter noted OCIE observations that some advisers incorrectly value assets based on original cost rather than fair market value, while other advisers wrongly include certain assets in the fee calculation that the advisory agreement excluded. That risk alert also cautioned advisers to disclose any markups for third-party services or fee-sharing arrangements with affiliates and avoid any misallocation of expenses to clients where they should be borne by the adviser.
In its risk alert released on October 31, 2018, OCIE stressed proper disclosure of relationships with third parties soliciting clients on the adviser’s behalf. Specifically, that alert observed that some advisers do not adequately disclose the nature of the relationship with their solicitors or the terms of the compensation arrangement and any costs to the client. It also highlighted that many firms failed to receive and maintain client acknowledgements of the required solicitation disclosures. In its July 11, 2018 risk alert, OCIE focused on the services performed by executing brokers and the requirement that investment advisers maintain and document their compliance with best execution practices on a periodic basis. Each of these three risk alerts identified enforcement actions the SEC has brought against advisers that failed to fulfill these fiduciary obligations. These actions serve as reminders to the industry that the SEC can and does take enforcement action when required to remedy faults in investment advisers compliance programs.
OCIE also expressed concern for whether investment advisers are allocating investment opportunities fairly, ensuring investments are consistent with the clients’ objectives, disclosing critical information to clients, and complying with other legal restrictions. In particular, OCIE has indicated that it will focus examinations on whether investment or trading strategies are (i) suitable for, and in the best interests of, the particular investors based upon their investment objectives and risk tolerance; (ii) contrary to, or have drifted from, disclosures to investors; (iii) venturing into new, risky investments or products without adequate risk disclosure; and (iv) appropriately monitored for attendant risks.
Finally, OCIE has indicated that it will continue its focus on (i) reviewing the services and products offered to seniors and those saving for retirement, focusing on, among other things, compliance programs of investment advisors, the appropriateness of certain investment recommendations, and the supervision by firms of their employees and representatives; (ii) conducting risk-based examinations of never-before or not recently examined investment advisers; (iii) prioritizing the examinations of exchange traded funds (“ETFs”), the activities of their advisors, and oversight practices of their boards of directors; (iv) conducting select examinations of Municipal Advisors that have never been examined, concentrating on whether these Municipal Advisors have satisfied their registration requirements and professional qualifications; (v) ensuring broker-dealers entrusted with customer assets abide by the Customer Protection Rule; and (vi) examining broker-dealers involved in selling stocks of companies with a market capitalization of under $250 million.
Compliance and risk in registered entities responsible for critical market infrastructure
OCIE will continue its practice of conducting annual examinations of clearing agencies designated by the Financial Stability Oversight Council as systemically important. In addition, OCIE will continue to monitor entities subject to Regulation Systems Compliance and Integrity which was adopted to strengthen the technology infrastructure of the U.S. securities markets. OCIE will also examine transfer agents by assessing transfers, recordkeeping, and the safeguarding of funds and securities; and will also examine national securities exchanges by looking into internal audit and surveillance programs.
Focus on select areas and programs of FINRA and MSRB
OCIE’s examinations of FINRA will focus on the quality of FINRA’s examination of broker-dealers and municipal advisors that are duly registered as broker-dealers while its examination of the MSRB will focus on the effectiveness of its internal policies, procedures, and controls.
The SEC has recognized the significant growth of market participants in the digital asset space and has taken steps to address this new market. As such, OCIE will continue to monitor, through high level inquiries, the offering, selling, trading, and managing of digital assets, and may particularly target these firms for examination. Where the digital assets are securities, OCIE will examine advisers for regulatory compliance. For firms actively engaged in the digital asset market, OCIE will conduct examinations focused on, among other things, portfolio management of the digital assets, trading, safety and custody of client funds and assets, pricing of client portfolios, compliance, and internal controls. As the digital asset space is still developing, advisers in this space should be prepared to discuss how they account for the particular risks inherent in investments through digital assets.
OCIE will continue to work with firms to identify and manage cybersecurity risks and to encourage market participants to manage these risks as well. OCIE will prioritize cybersecurity and focus examinations on proper configuration of network storage devices, information security governance generally, and policies and procedures related to retail trading information security. In addition, OCIE will emphasize cybersecurity practices at investment advisers with multiple branch offices, including those that have recently merged with other investment advisers, focusing on, among other areas, governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response.
The examinations priorities letter also referenced a risk alert regarding electronic messaging which counseled advisers to account for text, SMS, instant messaging, personal email, and social networking in their compliance programs and how their use may affect the advisers’ recordkeeping and compliance obligations. The alert included a sweeping recommendation that advisers monitor social networking posts to verify whether the firms’ policies on permitted use are being followed and to archive posts that qualify as business communications. The alert also recommended that firms perform regular internet searches or set up automated alerts to identify unauthorized business being conducted online.
Anti-Money Laundering Programs
OCIE examinations will have a focus on determining whether advisers have implemented appropriate anti-money laundering (“AML”) programs. These reviews are expected to address whether the adviser conducts sufficient customer due diligence and whether the AML program includes reasonable steps to understand the nature of customer relationships, and to properly address any risks. Examinations will also assess whether advisers are timely filing complete and accurate Suspicious Activity Reports if required. The examination will also consider whether advisers are conducting robust and regular independent tests of their AML programs.
The full text of the OCIE 2019 Exam Priorities can be found here.
Although these areas are designated by the OCIE as particularly important areas of focus, examiners may select additional items to review during the course of the examination and as the year progresses.
As we have in the past, we will continue to monitor these issues and will provide future client updates. This QuickStudy is for guidance only and is not intended to be a substitute for specific legal advice. If you would like more information on the matters discussed here, please contact the authors.