On July 23, 2019, the U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to share its findings related to a series of examinations conducted to assess the oversight practices of registered investment advisers that previously employed, or currently employ, any individual with a history of disciplinary events. These examinations, collectively referred to as the “Supervision Initiative” entailed examinations of over 50 registrants over the course of 2017. Registrants collectively managed approximately $50 billion in assets for nearly 220,000 clients, the vast majority of whom were retail investors. Advisers were identified for examination through a review of information about disciplinary events and other legal actions involving supervised persons, including legal actions that are not required to be reported on Form ADV (e.g., private civil actions).
The Supervision Initiative focused on advisers’ practices in certain areas, including:
- Compliance programs and supervisory oversight practices: The staff reviewed whether compliance policies and procedures were reasonably designed to detect and prevent violations of the Advisers Act by the firm and its supervised persons, particularly policies and procedures attendant to the activities of previously disciplined employees.
- Disclosures: The staff focused on whether disclosures in public statements, marketing materials, and filings were complete and fair, included all material facts, and were not misleading. Particular emphasis was placed on disclosures related to previously disciplined individuals and their prior disciplinary events.
- Conflicts of interest: The staff assessed whether the adviser identified, addressed, and fully and fairly disclosed all material conflicts of interest that could affect the advisory relationship, particularly those conflicts dealing with compensation arrangements and account management.
General Observations
The Initiative, while reflecting interest in supervision practices attendant to previously disciplined individuals, did not focus exclusively on that topic. Due to the importance that the Commission places on setting the “tone at the top” relative to supervisory practices and to the compliance culture itself, the initiative also focused upon general supervisory practices of the adviser.
In this respect, the Risk Alert contains two classifications of OCIE observations: (1) those which pertain directly to the supervision of previously disciplined employees, and (2) those which pertain to firm-wide practices and issues identified during the Supervision Initiative examinations. The findings flagged below were reflected in examination deficiency letters.
Supervision of Previously Disciplined Employees
Full and fair disclosure: OCIE observed that nearly half of the disclosure-related deficiencies of the advisers examined were due to the firms providing inadequate information regarding disciplinary events as follows:
- Omitted material disclosures regarding disciplinary histories of supervised persons or the adviser itself. Disclosure omissions occurred due to adviser reliance on self-reporting procedures pertaining to employee disciplinary history.
- Disciplinary disclosures were incomplete and/or misleading, e.g., failure to include the total number of events, the date for each event, the allegations, and/or whether the employee was subjected to fines, judgments or awards, or other disciplinary sanctions.
- Did not provide timely updates and subsequently deliver disclosure documents to clients, such as updating Form ADV for new disciplinary events of supervised persons reported on Form U5s.
Compliance programs: Advisers did not implement compliance policies and procedures to address the risks related to employing individuals with prior disciplinary histories to establish:
- Whether employee self-attestations regarding disciplinary events were complete and accurate.
- Whether employee self-attestations reflecting an absence of reportable events or recent bankruptcies were in fact accurate.
General Compliance and Supervision
Supervision: OCIE observed that advisers did not adequately supervise or establish appropriate standards of business conduct for employees in their supervision policy, i.e., policies and procedures did not sufficiently document the responsibilities of supervised persons or did not clearly reference the expectations for certain employees as follows:
- Fees charged by employees were not adequately disclosed and/or the services related to those fees were not reconciled to the assessed fee itself. Examinations determined that several adviser clients paid for certain services they did not receive or were charged undisclosed fees.
- Employees that prepared their own advertising material and/or website content either did not comply with implemented advertising policies and procedures or in fact there were no policies and procedures in place to supervise this activity. Examinations identified several events whereby dissemination of advertising content did not comply with Rule 206(4)-1.
- There were no policy provisions or advisers did not comply with policies and procedures pertaining to the supervision of employees working from remote locations. OCIE observed that geographically dispersed employees were operating in a self-directed manner that was not consistent with firm policy. These conditions evidenced a lack of compliance risk management whereby registrants are required to effectively monitor employee activities.
Oversight: OCIE observed that many advisers did not confirm that employees who were identified as responsible for executing certain compliance action items were doing so in a compliant manner pursuant to policy and/or did not document the execution of their duties. In some instances, the action items included key regulatory and business responsibilities for advisers managing investor assets, such as:
- Monitoring the appropriateness of client account types, e.g., firms did not review whether at account opening the type of account selected was appropriate (e.g., wrap fee versus separately managed account), document that an assessment of the type of account took place, or document the factors considered in making these assessments.
- Maintaining true, accurate, and current books and records, including those necessary to provide investment supervisory or management services to clients (e.g., maintaining a list of all accounts in which the adviser is vested with discretionary authority or to identify individuals with access to sensitive information).
Compliance policies and procedures: OCIE observed that advisers had adopted policies and procedures that were inconsistent with their actual business practices and disclosures. Most frequently cited areas of non-compliance were those addressing commissions, fees, and expenses (e.g., solicitation fees, management fees, compensation related to hiring personnel, and oversight of firm compensation practices, including such practices within branch offices).
Annual compliance reviews: OCIE observed that in many cases, firms were non-compliant with the annual review requirement due to a lack of documentation and/or insufficient or non-existent identification of compliance risk sets required to be referenced in the review, e.g., failure to identify and disclose and manage new or emergent conflicts of interest.
Disclosure of Conflicts of Interest
Conflicts of interest originate at both the business level and employee level. The fiduciary standard requires advisers to identify, mitigate, and in some cases disclose material conflicts of interest. OCIE observed that several advisers had undisclosed compensation arrangements, which resulted in conflicts of interests that may jeopardize the impartiality standard which advisers must adhere to relative to the provision of investment advice to clients as follows:
- Forgivable loans were made to the advisers or their employees whereby the terms were contingent upon certain relationship incentives that have the potential to unduly influence the development or execution of investment advice.
- Employees were required to incur all transaction-based charges associated with executing client transactions, which created incentives for the supervised persons to trade less frequently on behalf of their clients.
Recommended Policy Mitigation
- Adopt policies and procedures that specifically address what must occur prior to hiring professionals that have disclosed prior disciplinary events. Adopt written policies and procedures specifically addressing what to do before hiring such individuals. Best practices include investigation of the disciplinary event(s) and ascertaining whether barred individuals were eligible to reapply for their licenses.
- Enhance due diligence practices associated with hiring new employees, especially those who will be access persons. In addition to specific event due diligence, best practices include written procedures requiring background checks (e.g., confirming employment histories, disciplinary records, financial background, and credit information), conducting internet and social media searches, fingerprinting personnel, utilizing third parties to research potential new hires, contacting personal references, and verifying educational claims.
- Cross
reference due diligence and self-reporting with regulatory filings:
- Require potential new hires to provide copies of their Form U5s.
- Check CRD/IARD for employee-related filings and re-check the filing information 30 – 60 days post hiring to flag new filings submitted by prior employers.
- Establish heightened supervision practices attendant to employees with disciplinary histories. OCIE observed that many advisers had not adopted supervision practices or compliance procedures that addressed the risks associated with employees having prior disciplinary histories (e.g., disciplinary histories relating to misappropriation, unauthorized trading, forgery, bribery, and making unsuitable recommendations). Advisers with explicit policy in this regard are more likely to identify misconduct by supervised persons.
- Adopt written policies and procedures which address client complaints. Advisers with effective client complaint policies are more likely to identify complaints and concerns earlier than those firms without effective policies.
Final Takeaway
The most important takeaway from this Risk Alert is the reminder that advisers must adopt and implement a risk-based compliance program. Hiring employees with disciplinary records ratchets up the adviser’s risk rating in the eyes of the SEC. If the regulator ascribes more risk to this condition, so should the firm. And by all means, document the steps taken throughout the hiring and supervisory process. Implementing a thoughtful and careful hiring and supervisory system can help protect the adviser’s revenue stream and reputation.
For More Information
Follow this link for the Risk Alert: Observations from Examinations of Investment Advisers: Compliance, Supervision, and Disclosure Conflicts of Interest (PDF)