Articles Tagged with Office of Compliance Inspections and Examinations

In its latest Risk Alert, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) heeds advisers and broker/dealers to take a fresh look at their policies and procedures in the area of electronic customer record storage in light of shortcomings discovered by OCIE’s staff as part of recently-conducted regular examinations. These shortcomings include weak or misconfigured security settings on a network storage device that, in the worst-case event, could result in unauthorized access to customer information.

OCIE Risk Alerts are highly useful resources for compliance professionals to consider as these published notices serve as a window into not only the recent experiences of OCIE staffers out in the field, but also the thinking of OCIE management as to where it will be directing its staff to focus on in future examinations. In other words, if the management of OCIE warrants it important enough to publish a Risk Alert on an particular topic, registrants can be assured that future exams will likely focus on deficiencies in that area.

This most recent Risk Alert zeros-in on deficiencies uncovered by examiners with respect to how advisers and brokers are protecting their customers’ electronic records—specifically, records kept in the “cloud” or on other types of networked storage solutions. OCIE defines cloud storage as the “electronic storage of information on infrastructure owned and operated by a hosting company or service provider.” Obviously, such storage systems may be especially vulnerable to hacking or other nefarious activities, and as such, warrant robust protections. Continue reading ›

As the partial federal government shutdown, which began at midnight on December 22, 2018, now approaches its fifth week, we write to update our readers on the shutdown’s specific impact on the SEC and securities regulatory activities.  While we have previously discussed many of these points with our clients who currently have matters pending before the SEC, below is more general information regarding the SEC’s most significant functions.

The SEC was able to operate fully and conduct regular business for a limited number of days following the commencement of the general federal shutdown, but was forced to effectively close its doors on December 27, 2018.  Since then, the agency has been operating at a very minimal level with a skeleton crew of staffers able to respond to only emergency situations.  As described on the SEC’s home page, the remaining staff is available to respond only to “emergency situations involving market integrity and investor protection, including law enforcement.”  The vast majority of the SEC’s employees have been furloughed and are not reporting to work at this time.  That said, we note that a number of familiar online filing platforms, such as EDGAR, IARD, and CRD, all remain fully operable. Continue reading ›

On April 12, 2018, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations published a Risk Alert “providing a list of compliance issues relating to fees and expenses charged by SEC-registered investment advisers… that were the most frequently identified in deficiency letters sent to advisers.” According to OCIE, investment advisers often explain the terms of a client’s fees and expenses in their Form ADV and their advisory agreements. If an investment adviser does not follow these terms and participates in improper fee billing, that investment adviser may be violating the Investment Advisers Act of 1940. The Risk Alert is designed to compel investment advisers to evaluate their practices, as well as their policies and procedures, to help ensure compliance with the Advisers Act. Continue reading ›

On May 16, 2018, SEC Co-Directors Stephanie Avakian and Stephen Piekin appeared before the Subcommittee on Capital Markets, Securities, and Investment, a subcommittee of the House of Representatives’ Committee on Financial Services.  At this meeting, Avakian and Peikin emphasized the importance of the budget increases requested by the SEC in February of this year.  The Commission’s Fiscal Year 2019 Congressional Budget Justification; Annual Performance Plan and Fiscal Year 2017 Annual Performance Report includes budget requests for each SEC division, including the Office of Compliance Inspections and Examinations.  As part of OCIE’s budget request, the SEC requested funding for “13 restored positions to focus on examinations of investment advisers and investment companies.”

According to the SEC, the number of registered investment advisers, as well as the amount of assets that they manage, has significantly increased in the last few years.  The SEC also anticipates that the number of registered investment advisers and the complexity of these investment advisers will continue to grow throughout 2018 and 2019.  Moreover, a hiring freeze, which began at the beginning of 2017, has caused the number of compliance staff to decrease.  The SEC anticipates that it will need funding to restore 100 positions that were lost because of the hiring freeze.  Therefore, the SEC believes that without the requested funding, SEC staff will be unable to address its growing responsibilities adequately. Continue reading ›

Investment advisers’ use of clients’ usernames and passwords to access their clients’ accounts to observe the accounts’ performance has come under scrutiny in recent years.  In February 2017, the SEC Office of Compliance Inspections and Examinations (“OCIE”) disclosed in a Risk Alert that investment advisers’ use of client usernames and passwords can create compliance issues with the Custody Rule.  According to OCIE, an investment adviser’s “online access to client accounts may meet the definition of custody when such access provides the adviser with the ability to withdraw funds and securities from the client accounts.”  Accessing a client’s account using a client’s username and password often results in an investment adviser being able to withdraw funds and securities.

The North American Securities Administrators Association (“NASAA”) has also observed in recent years that if an investment adviser logs into a client’s account using the client’s personal information, “the investment adviser is in effect impersonating this client and has the same access to the account as the client.”  As a result, a number of issues arise when investment advisers use their clients’ personal information to gain access to online accounts, including custody, recordkeeping obligations, and potential violations of user agreements. Continue reading ›

Following its publication of a Risk Alert in late 2017 detailing findings from examinations of municipal advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE) continues to examine municipal advisers in 2018.  In 2014, OCIE established the Municipal Advisor Examination Initiative to perform an examination on municipal advisers who recently registered for the first time.  OCIE performed over 110 examinations in the course of the Initiative and found that many municipal advisers did not have adequate knowledge of regulatory requirements for municipal advisers.  As a result, many municipal advisers were found not to be in adequate compliance with regulatory requirements pertaining to registration, recordkeeping, and supervision.  OCIE hoped that in publishing the 2017 Risk Alert, municipal advisers will be compelled to evaluate their policies and procedures to find possible areas for improvement.

Municipal advisers are obligated to register with the SEC pursuant to the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”).  The SEC established its municipal adviser registration rules in September 2013, and the rules became effective in July 2014.  The Dodd-Frank Act also established the Municipal Securities Rulemaking Board (“MSRB”), which exercises regulatory authority over municipal advisers.  OCIE’s examinations of municipal advisers covered “compliance with regulatory obligations including registration, statutory fiduciary standard of care, fair dealing, recordkeeping, and supervision, among other things.”  OCIE discovered that the most common deficiencies among municipal advisers related to registration, books and records, and supervision requirements. Continue reading ›

On February 7, 2018, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) published its Examination Priorities for 2018.  The Examination Priorities cover “certain practices, products, and services that OCIE believes may present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.”  The five priorities that OCIE specifically listed are (1) issues crucial to retail investors, such as seniors and those saving for retirement, (2) compliance and risks in critical market infrastructure, (3) FINRA and MSRB, (4) cybersecurity, and (5) anti-money laundering programs.  This is not an exclusive list, and OCIE invited comments concerning how it can adequately promote compliance.

OCIE intends to continue to make shielding retail investors from fraud a priority.  OCIE plans to focus especially on senior investors and those saving for retirement.  For example, examiners will pay particular attention to firms’ internal controls that are intended to monitor their representatives, especially in relation to products targeted at senior investors.  OCIE will also focus on disclosure of the costs of investing, examination of investment advisers and broker-dealers who primarily offer advice through digital platforms, wrap fee programs, mutual funds and exchange traded funds, municipal advisors and underwriters, and the growth of the cryptocurrency and initial coin offering markets. Continue reading ›

On June 5, 2017, the Securities and Exchange Commission (“SEC”) filed a complaint in the United States District Court for the Southern District of New York against Alpine Securities Corporation (“Alpine”), a Salt Lake City-based broker-dealer.  The complaint alleges that Alpine failed to file Suspicious Activity Reports (“SARs”) in the manner prescribed by the Bank Secrecy Act (“BSA”).  According to the SEC’s complaint, Alpine’s alleged misconduct “facilitated illicit actors’ evasion of scrutiny by U.S. regulators and law enforcement, and provided them with access to the markets they might otherwise have been denied.”

The BSA obligates a broker-dealer to file SARs with the Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) to report transactions that the broker-dealer knows or suspects involve funds obtained from illegal activities or that were used to conceal such activities.  Broker-dealers are also obligated, under the “SAR Rule” (31 C.F.R. § 1023.320), to file SARs if they know or suspect that a transaction’s purpose was to evade BSA obligations or that the transaction did not have an obvious business or lawful purpose.  Broker-dealers are also required to file SARs if they know or suspect that a transactions’ purpose is to instigate criminal activity.  In addition, both FinCEN, under the SAR Rule, and the Financial Industry Regulatory Authority (“FINRA”), under FINRA Rule 3310, require that broker-dealers establish and enforce anti-money laundering programs that are tailored to guarantee compliance with the BSA and its regulations.  Since Alpine was a FINRA-member firm, it was obligated to comply with FINRA’s rule regarding the adoption and enforcement of an anti-money laundering program.

The SEC alleged that while Alpine had adopted an anti-money laundering compliance program, it did not adequately put this compliance program into practice.  For example, evidence showed that Alpine’s records included information revealing incidents of “money laundering, securities fraud, or other illicit financial activities relating to [Alpine’s] customers and their transactions.”  These constituted so-called “material red flags” and were required to be reported in Alpine’s SARs.  However, the SEC alleged that at least 1,950 of Alpine’s SARs did not report these material red flags.  Evidence also showed that Alpine filed SARs on about 1,900 deposits of a security, but did not file SARs upon the subsequent liquidation of deposits.

In December 2016, then acting Chairwoman of the Securities and Exchange Commission (“SEC”) Mary Jo White drafted a proposal that, if adopted, would enable third-parties, such as private sector organizations, to perform compliance exams of investment advisers.  Chairwoman White drafted this proposal in order to “increase SEC oversight of the approximately 11,800 registered investment advisers.”  In 2016, the SEC conducted evaluations of only 11% of all registered investment advisers.

However, Michael Piwowar, the current SEC Chairman, has expressed opposition to the proposal.  Piwowar claims that allowing third parties to conduct investment adviser exams would not increase the SEC’s efficiency because the SEC would still be required to monitor the third parties that it hires to conduct the exams.  He is also of the opinion that requiring SEC employees to conduct the exams would better enable the SEC to become aware of “trends in the industry.” Continue reading ›

On February 7, 2017, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released a list of five compliance topics that are the most commonly identified topics “in deficiency letters that were sent to SEC-registered investment advisers.”  OCIE published this list in a National Exam Program Risk Alert in order to help advisers who are conducting their annual compliance reviews.

The first compliance topic was compliance with the Compliance Rule, Rule 206(4)-7, which requires an investment adviser to create and execute written policies and procedures that are reasonably tailored to prevent the investment adviser and its supervised persons from violating the Advisers Act and to detect potential violations.  The rule also requires an investment adviser to review the sufficiency of its policies and procedures at least annually and to appoint a chief compliance officer.  According to OCIE, common violations of the Compliance Rule include not having a compliance manual that is reasonably suited to the adviser’s method of doing business, failure to conduct annual reviews or annual reviews that did not cover the sufficiency of the investment adviser’s policies and procedures, failure to follow policies and procedures, and compliance manuals that are outdated.

The second topic that OCIE identified was compliance with the Advisers’ Acts rules on regulatory filings.  For example, Rule 204-1 provides that investment advisers must make amendments to their Form ADV on at least an annual basis, and the amendments must be made “within 90 days of the end of their fiscal year and more frequently, if required by the instructions to Form ADV.”  For investment advisers to private funds, Rule 204(b)-1 provides that an investment adviser must file a Form PF if the investment adviser is advising a private fund or fund with assets of $150 million or more.  Finally, Rule 503 of Regulation D of the Securities Act of 1933 provides that issuers of private funds must file a Form D, and investment advisers usually file the Form D for their private fund clients.  OCIE determined that the most frequent violations of these rules were inaccurate disclosures on Form ADV Part 1 or Part 2A, late modifications to Form ADVs, faulty and late Form PF filings, and faulty and late Form D filings.

Contact Information