Articles Tagged with Compliance

In this first quarter of the year, most investment advisers are working diligently to complete and file their annual updating amendment to Form ADV, including Part 2A, commonly called the “Brochure.” One of the most important requirements in drafting a Brochure is to make sure that all conflicts of interests, together with a description of how the conflict is mitigated or addressed, are fully and fairly disclosed. An administrative action brought by the SEC and settled last week illustrates, and should serve to underscore, the importance of identifying and disclosing such conflicts.

The SEC charged registered investment adviser Moors & Cabot (“M&C”) with breaching its fiduciary duty to investment advisory clients by failing to disclose conflicts of interest relating to revenue sharing payments and other financial incentives that the adviser received from two clearing brokers. The financial benefits included discounts, incentive credits and shared revenue that were contingent upon M&C meeting certain thresholds in total assets maintained in FDIC-insure bank deposit cash sweeps. M&C also received a share of margin interest the clearing firms charged to M&C’s clients who maintained margin loans. M&C also received a portion of postage and handling fees that one of the clearing brokers charged to its clients.

Continue reading ›

For the majority of investment advisers registered with either the SEC or state regulators, annual updating amendment season is once again upon us. Advisers whose fiscal year ends on December 31 are required to file their Form ADV annual amendment within 90 days or by March 31, 2023.

While investment advisers are under a continuing obligation to update their disclosure documents when certain or material information becomes inaccurate, the annual update is a universal requirement designed to ensure that the filing information for investment advisers is up to date. This serves an important function in that it allows clients and potential clients to review the publicly filed ADVs for investment advisers on FINRA’s BrokerCheck and the SEC’s IADP. Additionally, regulators review the filings and the underlying analytics to track industry trends, plan examination targets, and conduct regulatory sweeps.

Continue reading ›

The Securities and Exchange Commission (SEC) recently released the 2022 Examination Priorities from the Division of Examinations, formerly known as the Office of Compliance Inspections and Examinations. This annual release provides insight into the areas that the SEC plans to highlight when examining investment advisers during the coming year.

While the SEC notes the continued impact of COVID-19 on investment advisers and the investment industry, the SEC reported an increase in examinations conducted during FY21, with the total number of completed examinations close to the pre-pandemic levels of FY19.

For FY22 examinations, the SEC will place a significant focus on (1) private funds; (2) environmental, social, and governance (ESG) investing; (3) standards of conduct: Regulation Best Interest (Regulation BI), fiduciary duty, and Form CRS; (4) information security and operational resiliency; and (5) emerging technologies and crypto-assets. Many of these focus areas, such as ESG and Regulation BI, are carried over from previous years and mark a multi-year emphasis for the SEC.

Earlier this month the National Society of Compliance Professionals, a nonprofit membership organization that supports compliance personnel and programs in the financial services industry, published a report entitled “Firm and CCO Liability Framework.” The report is designed as an aid to compliance professionals and as a proposal to regulators, including the Securities and Exchange Commission, to determine situations in which liability of Chief Compliance Officers should be mitigated.

The SEC has provided its own guidance regarding when CCOs may be held liable, some of which we have highlighted in a previous post. Additionally, the New York City Bar Association’s Compliance Committee released a comprehensive report last year that contains a description of the history of regulatory comments and guidance provided on the issue of CCO liability and proposes its own framework of liability.

The NSCP report was motivated in part by a widespread belief among compliance professionals that financial services regulators have expanded the situations in which CCOs will face liability for firm compliance failures. According to a survey contained in the report, 72% of compliance professionals share that belief. Additional survey results contained in the report include: that 35% of compliance professionals claim to have insufficient resources to adequately carry out the obligation to provide firm training on compliance issues; that 20% claim to have insufficient authority either to enforce or to develop compliance policies and procedures; and that 25% claim to be unable to meaningfully raise compliance concerns to the firm’s senior management.

Continue reading ›

The SEC, on June 5th, adopted a comprehensive set of rules and interpretations that will have a profound effect on the brokerage and advisory industries going forward, first and foremost by revising the standard-of-conduct applicable to broker-dealers and their registered representatives in dealings with retail customers. Even casual observers will likely be familiar with the various proceedings just concluded at the SEC, which resolve debates that have raged in the investment industry for decades as to the need to align the higher fiduciary “standard-of-conduct” applicable to investment advisers with the lesser suitability standard applicable to broker-dealers. While the June 5th releases do not equalize the two standards—as many commentators would have desired—they do significantly raise the standard applicable to broker-dealers from suitability to “best interests.” The SEC’s releases number four separate documents, each covering a distinct aspect of the standard-of-conduct controversy, and run over 1200 pages. Accordingly, this note will seek to identify the major headlines from the various releases. Look for future writings, wherein we will explore the nuances of the June 5th releases in greater detail.

As noted, the SEC released a package of Final Rules and Interpretive Releases comprising four separate components: (1) Final Rules implementing Regulation Best Interest (“Reg BI”), the new enhanced standard for brokers; (2) Final Rules implementing a new Form CRS Relationship Summary (“Form CRS”), a new disclosure document applicable to both brokers and advisers (that, for advisers, will function as a new Part 3 to Form ADV); (3) an Interpretive Release clarifying the SEC’s views of the fiduciary duty that investment advisers owe to their clients; and (4) an Interpretive Release intended to more clearly delineate when a broker-dealer’s performance of advisory activities causes it to become an investment adviser within the meaning of the Advisers Act. All four components of the regulatory package were approved by a 3-1 vote of the SEC’s Commissioners, with Commissioner Robert Jackson being the sole dissenter.

While the June 5th releases are the culmination of a decades-long controversy, they are the proximate result of a formal rulemaking commenced on April 18, 2018, at which time the SEC published initial proposed versions of Reg BI, Form CRS and the advisory interpretations. The Final Rules for Reg BI and Form CRS will become effective 60 days after they are formally published in the Federal Register; however, firms will be given a transition period until June 30, 2020 to come into compliance. The two Interpretive Releases will become effective upon formal publication.  Continue reading ›

The North American Securities Administrators Association—also known as “NASAA”—a cooperative association consisting of the chief securities regulators for each of the 50 United States, as well as Canadian and Mexican jurisdictions, has recently voted to adopt a model information security rule. NASAA’s new model information security rule could—if widely implemented by the individual NASAA Member jurisdictions—ultimately have a broad impact on the compliance programs of state-registered investment advisers.

Among its many roles as a confederation of individual regulators, NASAA frequently drafts and circulates “model rules” to its Members, who eventually vote on and adopt these draft rules for use by the various Member jurisdictions. A “model rule” is a familiar regulatory tool, which essentially provides a template upon which laws, rules, and other regulations can be drafted. For example, many of the individual states’ securities acts are variants of the Uniform Securities Act of 2002, a model act created by a group of legal scholars, regulators and veteran attorneys. NASAA’s new model rule is just such a template for regulators. Individual states and other jurisdictions may—at their discretion—adopt it in whole, in part, or not at all. That said, we believe that, especially given the growing importance of cybersecurity issues, it will be used more likely than not as the states come around to developing rules to parallel those already in place at the federal (SEC) level.  Continue reading ›

In its latest Risk Alert, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) heeds advisers and broker/dealers to take a fresh look at their policies and procedures in the area of electronic customer record storage in light of shortcomings discovered by OCIE’s staff as part of recently-conducted regular examinations. These shortcomings include weak or misconfigured security settings on a network storage device that, in the worst-case event, could result in unauthorized access to customer information.

OCIE Risk Alerts are highly useful resources for compliance professionals to consider as these published notices serve as a window into not only the recent experiences of OCIE staffers out in the field, but also the thinking of OCIE management as to where it will be directing its staff to focus on in future examinations. In other words, if the management of OCIE warrants it important enough to publish a Risk Alert on an particular topic, registrants can be assured that future exams will likely focus on deficiencies in that area.

This most recent Risk Alert zeros-in on deficiencies uncovered by examiners with respect to how advisers and brokers are protecting their customers’ electronic records—specifically, records kept in the “cloud” or on other types of networked storage solutions. OCIE defines cloud storage as the “electronic storage of information on infrastructure owned and operated by a hosting company or service provider.” Obviously, such storage systems may be especially vulnerable to hacking or other nefarious activities, and as such, warrant robust protections. Continue reading ›

The SEC’s Office of Compliance Inspections and Examinations recently conducted examinations of privacy notices and safeguarding policies of SEC-registered investment advisers and broker-dealers adopted pursuant to Regulation S-P. As a result of these examinations, the SEC issued a Risk Alert identifying common deficiencies that are important to keep in mind when adopting, implementing and reviewing compliant privacy notices and effective safeguarding policies.

Regulation S-P requires financial institutions such as investment advisers and broker-dealers to adopt written policies and procedures to safeguard nonpublic personal client information. These policies must be reasonably designed to protect the confidentiality and security of nonpublic personal client information from any anticipated threats or hazards and any unauthorized access or use. The policies should address administrative, technical, and physical safeguards.

Investment advisers and broker-dealers must also provide initial and annual privacy notices to their clients describing the types of information collected and disclosed, the types of affiliated and non-affiliated third parties the information is disclosed to and, unless exempted from the opt-out notice requirement, an explanation of the client’s right to opt out of disclosure of nonpublic personal information to a non-affiliated third party. The privacy notice should also generally describe the firm’s safeguarding policies and procedures.

On February 4, 2019, the Commissioner of Securities of the State of Georgia and the Office of the Secretary of State announced its intent to amend the rules governing examination requirements for registered representatives of a broker-dealer and investment adviser representatives.  According to the Commissioner, the primary purposes of these amendments are to harmonize Georgia’s rules with the Financial Industry Regulatory Authority’s new rules implementing the Securities Industry Essentials (“SIE”) Exam and to update the requirements regarding examinations to applicants.  The SIE Exam, which tests a FINRA registration applicant’s knowledge of securities-related topics, was launched to simplify FINRA’s qualification examination program after the program’s efforts to address new securities products and services resulted in FINRA offering multiple exams with immense content overlap.  FINRA also launched the SIE Exam in order to provide greater consistency and uniformity to the securities industry application process.

The State of Georgia requires applicants for registration as a registered representative of a broker-dealer and/or an investment adviser representative to take certain prerequisite examinations.  Georgia Rule 590-4-5-.02 details the examination requirements for registered representatives, while Georgia Rule 590-4-4.09 details the examination requirements for investment adviser representatives.

The proposed amendments to Rule 590-4-5-.02, detailing registered representative examinations, would require an applicant applying for registration as a broker-dealer to present proof to the Commissioner that its personnel have passed at least one of a list of specified examinations within a two-year period preceding the date of the application.  The amendments also eliminate the Series 87 Research Principal Examination as a potential examination that could be passed.  The amendments also would provide that an applicant who is applying to be a registered representative would need to present the Commissioner with proof that he or she has passed the required examinations within either a two-year period immediately preceding the application date or a four-year period in the case of an applicant who has taken the SIE Exam.  The amendments also provide that the Commissioner “may reserve the right to find the applicant qualified by other examinations or significant and comprehensive experience in the securities business.”

FINRA has alerted its Member Firms to be on the watch for a fraudulent phishing email scheme targeted at compliance personnel. A phishing scheme typically uses email or some other type of electronic message to trick the recipient into clicking a malicious link or infected file attachment by mimicking a message from a trustworthy party. This particular scheme employs an email purportedly originating from an Anti-Money Laundering compliance officer at an otherwise apparently legitimate Indiana-based credit union. The email—which was received recently by a number of FINRA Member Firms—specifically targets compliance personnel by appearing to be a communication regarding an attempted transfer of money by a client of the recipient’s firm to the credit union which has been placed on hold due to concerns about potential money laundering. The scam is designed to get the recipient to open an attachment, which, according to FINRA “likely contains a malicious virus or malware designed to obtain unauthorized access to the recipient’s computer network.”

FINRA noted the following additional aspects of the fraudulent email that recipients should be alert for:

  • An otherwise legitimate reference to a provision of the USA Patriot Act allowing financial institutions to share information with each other.
  • An actual email address that appears to be from Europe, rather than the U.S.-based credit union.
  • Numerous instances of poor grammar and sentence structure.

Continue reading ›

Contact Information