OCIE to Prioritize Reg BI Compliance in 2020 Examinations
The SEC Office of Compliance Inspections and Examinations ("OCIE") set out their 2020 examinations priorities in an annual report issued last week. The report reminds registered entities that all its priorities are within the SEC’s mandate to protect investors, facilitate capital formation, and maintain fair, orderly and efficient markets. The report is, in effect, a notice to the industry and chief compliance officers to address potential vulnerabilities in compliance programs and practices in order to minimize retail investor and market risks.
This year, OCIE leaders highlighted a wide variety of continuing and emerging concerns. Bates Group tracks these risks and articulated priorities from year to year (see chart below).
OCIE 2020 PRIORITIES
SEC Examination Priorities Year-To-Year Comparison Chart 2020
© 2020, Bates Group LLC
Source: OCIE 2020 National Exam Program Examination Priorities (Compiled by Alex Russell, Bates Group LLC)
OCIE explained that these priorities should be viewed in light of the rapidly changing registered investment adviser market, the recently adopted rules on broker-dealer and investment adviser conduct standards (Regulation Best Interest) and other significant financial technology and market developments. A good portion of the report is dedicated to explaining this context. Here’s what OCIE had to say.
Registered Investment Advisers: Beware
OCIE leadership explained that examination coverage for RIAs was increasingly imperative, given (i) that the OCIE is “the primary, and often only, regulator responsible for supervising this segment of financial firms;” (ii) that the number of RIAs it supervises is now 13,475, up from 11,500 five years ago; and (iii) that RIAs now have $84 trillion in assets under management, up from $62 trillion five years ago. Examinations of RIAs constituted 2,180 of the 3,089 examinations OCIE completed in FY 2019. By contrast, OCIE examined 350 broker-dealers, 110 securities exchanges, 90 municipal advisors and transfer agents and 15 clearing agencies. These numbers do not include OCIE examinations of the Financial Industry Regulatory Authority (FINRA).
Notably, the OCIE pointed out that its examination coverage rates over registered investment advisers (RIAs) may suffer in 2020 due to perennial staff shortages. However, the Office made clear that it prioritizes keeping pace with year-over-year increases in examination rates for RIAs. In FY 2018, OCIE’s examination coverage of RIAs was 17 percent, and in FY 2019 it was 15 percent. OCIE made a point of noting that the decline in the past year was the result of a 35-day lapse in appropriations, and that examinations of RIAs actually increased by 10 percent over a five-year period.
Regulation Best Interest: Be Ready
Compliance with Regulation Best Interest (Reg BI) interpretations related to the standard of conduct for investment advisers and the new Client Relationship Summary (Form CRS) are major 2020 examination priorities. The OCIE reminded firms that the compliance date for Reg BI and Form CRS is June 30, 2020, and to expect that OCIE will “engage” during its examinations on firms’ progress toward implementation of the new rules. This is significant, in part, because the SEC continues to clarify Reg BI obligations (see e.g. the revised FAQs just issued by the Division of Trading and Markets).
OCIE stated that it has already “integrated” the Reg BI interpretations into its examination program for RIAs. Beyond the compliance implementation date, its examinations will include an assessment as to a firm’s actual Reg BI implementation, “including policies and procedures regarding conflicts disclosures, and for both broker-dealers and RIAs, the content and delivery of Form CRS.”
OCIE restated past examination priorities as they relate to retail investors. (See Comparison Chart above.) These include a focus on certain complex products and vulnerable investors. Consistent with its Reg BI focus, OCIE stated that its 2020 examinations will look at disclosures relating to fees, expenses and conflicts of interest and the “controls and systems [intended] to ensure those disclosures are made as required and that a firm’s actions match those disclosures.” This includes supervision of outside business activities and “any conflicts that may arise from those activities.”
For RIAs, OCIE plans to examine whether they have fulfilled their fiduciary duties of care and loyalty. The OCIE relayed that it “has a particular interest” in the accuracy and adequacy of disclosures provided by RIAs concerning offers to clients on new and emerging investment strategies, such as strategies focused on sustainable and responsible investing, which incorporate environmental, social, and governance (ESG) criteria.
For broker-dealers, OCIE highlighted that examinations will focus on transfer agent handling of microcap distributions and share transfers, sales practices, and supervision of high-risk registered representatives. More generally, OCIE emphasized that it will assess recommendations and advice given to (i) seniors and “those targeting retirement communities” and (ii) teachers and military personnel. In conjunction with Reg BI compliance issues, OCIE said it will focus on higher-risk products like private placements, as well as on non-transparent products such as mutual funds and ETFs, municipal securities and other fixed income and microcap securities.
Industry and Technology Risk: Be Careful
The theme of information technology risk cited in the report is broad. OCIE will be “monitoring industry developments and market events” to assess broad risks and consequences for both firms and retail investors.
For registered entities, OCIE said it will examine the use of technology by third-party vendors and information security in general, including proper configuration of network storage devices and retail trading information security. The OCIE also emphasized that it will examine for (i) SEC registration eligibility, (ii) cybersecurity policies and procedures, (iii) marketing practices, (iv) adequacy of disclosures, and (v) the effectiveness of compliance programs. For RIAs in particular, OCIE said it will focus on the protection of clients’ personal financial information including on governance and risk management, access controls, data loss prevention, vendor management, training, and incident response and resiliency.
As to retail investors, on digital assets and electronic investment advice, OCIE will be examining for (i) investment suitability, (ii) portfolio management and trading practices, (iii) safety of client funds and assets, (iv) pricing and valuation, and (v) supervision of employee outside business activities.
Resources and Examinations
OCIE leaders acknowledged the resource challenges to fulfilling its mandate and said that it will continue to invest in expertise, technology tools and data analytics to “identify potential stresses on compliance programs and operations, conflicts of interest, and … issues that may ultimately harm investors.” OCIE implied that it will use these tools to determine how to select firms for examinations and remarked that “broker-dealers may be selected for examination based on factors such as employing registered representatives with disciplinary history, engaging in significant trading activity in unlisted securities, and making markets in unlisted securities.”
For RIAs, OCIE said it would look at selecting firms that have never been examined or have not been examined for years in order to determine whether compliance programs “have been appropriately adapted in light of any substantial growth or change in their business models.” In addition, OCIE stated that it will “prioritize examinations of RIAs that are dually registered as, or are affiliated with, broker-dealers, or have supervised persons who are registered representatives of unaffiliated broker-dealers.” It will examine compliance programs to address best execution risk, prohibited transactions, fiduciary advice, and conflict disclosures related to these arrangements. OCIE will also examine firms that use third-party asset managers to advise clients in order to consider the extent of these RIAs’ due diligence practices, policies, and procedures. OCIE promises to be diligent about narrowly targeting and protecting the investor information it collects and noted some of the cross-border compliance issues it faces in covering almost a thousand off-shore RIAs that manage over $10 trillion in assets.
The OCIE also emphasized that it will be examining for the following:
- Anti-Money Laundering (AML) Programs – OCIE seeks to prioritize examining broker-dealers and investment companies for compliance with their AML obligations. In particular, the Office will review for customer identification programs and customer due diligence, beneficial ownership compliance, and Suspicious Activity Report (SARs) compliance. OCIE will also review to ensure timely and independent tests of AML programs.
- Algorithmic Trading – OCIE will examine for controls and supervision around the use of automated trading algorithms, explaining that broker-dealers have expanded their use into multiple asset classes, which has the “potential to adversely impact market and broker-dealer stability.” This includes “the development, testing, implementation, maintenance, and modification of the computer programs that support their automated trading activities and controls around access to computer code.”
- Broker-Dealers that Hold Cash and Securities – OCIE will be examining to determine if broker-dealers are safeguarding these assets “in accordance with the Customer Protection Rule and the Net Capital Rule,” and to check for compliance with internal processes, procedures, and controls.
- MSRB – OCIE will prioritize review of municipal advisor fiduciary duty obligations to clients, fair dealing with market participants, and the disclosure and conduct of municipal advisers regarding conflicts of interest.” OCIE also said it will review for compliance with recently adopted MSRB rules on advertising.
- FINRA – OCIE plans to continue to conduct risk-based oversight examinations of FINRA, including oversight of the examinations FINRA conducts of certain broker-dealers and municipal advisors.
In its report, OCIE leadership deliver several messages to the firms it examines, including identifying the hallmarks of effective compliance. Most importantly, they underscore that the people and compliance programs play a critical role and really do matter. Effective compliance requires (i) establishing a culture of compliance for the firm; (ii) a commitment by firm executives that compliance is “integral” to firm success: and (iii) “tangible” support for compliance in all operations and throughout all levels of the firm. They stress that the chief compliance officer must be fully empowered with the “responsibility, authority, and resources to develop and enforce policies and procedures of the firm.” And, finally, they remind firms that compliance should be “incorporated” into firm operations and business developments, including product innovation and new services.
For more information concerning Bates Group's Practices and services, please visit:
Bates Compliance Solutions
Reg BI Services and Support
RIA Compliance Services
Broker-Dealer Compliance Services
Bates Investor Risk Assessment for Vulnerable and Senior Investors
Bates AML and Financial Crimes
Regulatory and Internal Investigations
Retail Litigation and Consulting
Institutional and Complex Litigation