A risk-based compliance program as promulgated by the SEC entails an explicit overlay of the client business model (products and services offered, client markets served, and product and service delivery channels) with the applicable regulatory regime. HRL commences all client engagments with executive interviews which at a minimum include the CCO and CEO of the enterprise. This process relies heavily upon a risk management documentation review relative to adequacy and congruence to the regulatory regime. The HRL documentation review is executed using an offsite or onsite protocol, at the direction of the client, with the intent being to minimize client dislocation and inconvenience that may attend consulting engagements. In this respect an accurate portrayal of the client compliance risk profile is formulated by HRL to appropriately reference the compliance resource requirements of our clients.
With the exception of the on-call service and comport365®, the current client engagement generally entails HRL’s preparation and presentation of the findings and recommendations report in oral or ® format. This report will include rule citation and regulatory guidance as the underlying rationale for all findings and recommendations. Management input is then solicited for final edit and inclusion of the report in the enterprise official books and records.
Step 1: Understand all aspects of our client’s business model relative to compliance, including:
- organizational structure
- professional expertise
- product and service offerings
- product distribution capabilities
- third party affiliations and service provider relationships
Step 2: Assess the efficacy and reliability of the compliance culture and dedicated compliance resources, including:
- registration and training protocol
- marketing and client service models
- communications and disclosures pursuant to fiduciary responsibilities
- trade management practices
- integration of the compliance regimen with operational processes
- formal delegation of compliance responsibilities to firm personnel
Step 3: Identify inherent and prospective compliance and reputation risks, gaps, and deficiencies in light of current regulatory requirements and industry standards.
Step 4: Deliver a compliance findings and recommendations report which is supported by regulatory rationale.
Step 5: If needed, escalate service offerings to include field audits, compliance program content development, staff training, and related implementation assistance as necessary to attain full compliance.