Category

Risk Alert

SEC Risk Alert: Investment Adviser Compliance Issues Related to the Cash Solicitation Rule

By | New in Compliance, Risk Alert | No Comments

Risk Alert 

While we were busy handing out candy, the SEC was busy handing out advice! The Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert on October 31, 2018 to provide investment advisers, investors and other market participants with information concerning the most common deficiencies the staff has cited relating to Rule 206(4)-3 (the “Cash Solicitation Rule”) under the Investment Advisers Act of 1940 (the “Advisers Act”). The Risk Alert is intended to assist investment advisers in identifying potential issues and adopting and implementing effective compliance programs, and generally pertains to an adviser’s use of third-party solicitors that are subject to the broader requirements of the Cash Solicitation Rule.

Rule Requirement

Rule 206(4)-3 under the Advisers Act prohibits investment advisers from paying a cash fee, directly or indirectly, to an unrelated third party (a “solicitor”) for referring clients to the adviser unless the arrangement complies with certain conditions, as detailed below:

  • Solicitor agreement: a written agreement is executed between the adviser and the solicitor (a copy of which the adviser must retain) detailing the referral arrangement (e.g., a description of the solicitation activities and compensation to be received, as well as obligations of the solicitor under the arrangement);
  • Adviser’s brochure: at the time of any solicitation activities, the solicitor is required to provide the prospective client with a copy of the investment adviser’s brochure and supplements (i.e., Form ADV Part 2);
  • Solicitor disclosure: at the time of any solicitation activities the solicitor is required to provide a separate and written disclosure document to the prospective client which discloses the solicitor’s relationship to the adviser, and clarifies that the solicitor is being compensated for recommending the adviser, specifying the terms of the compensation arrangement;
  • Client acknowledgement: the adviser receives from the client at a time no later than the execution of the investment adviser’s agreement, a signed and dated acknowledgment that the client received the investment adviser’s brochure and the solicitor’s written disclosure document;
  • Solicitor disqualification: the solicitor may not be a person subject to certain disqualifications specified in the Cash Solicitation Rule; and
  • Compliance: the adviser must make a bona fide effort to ascertain whether the solicitor has complied with the solicitation agreement and must have a reasonable basis for believing that the solicitor has so complied.

Advisers are subject to narrower requirements under the Solicitation Rule when the solicitor is a partner, officer, director, or employee of the adviser or of an entity that controls, is controlled by, or is under common control with the adviser or if the cash fee is paid with respect to solicitation activities for the provision of impersonal advisory services only. The Risk Alert did not enumerate any observed deficiencies related to this type of arrangement.

Recurring Adviser Deficiencies 

The OCIE staff outlined common deficiencies in the Risk Alert, as noted below:

Solicitor disclosure documents: non-provision of disclosure documents to prospective clients pursuant to rule requirement and/or insufficient or obtuse disclosure of required information. Several deficiencies were noted wherein disclosure language regarding compensation were hypothetical or vague. In other situations, disclosure documents failed to clarify that the client would pay a higher fee for advisory services to essentially cover the solicitation fee. The SEC requires all disclosures to be truthful, complete and in Plain English.

Client acknowledgements: untimely or incomplete execution of required client acknowledgments pursuant to rule requirement wherein advisers did not receive a signed and dated client acknowledgement of receipt of the adviser brochure and the solicitor disclosure document. Furthermore, several advisers had received client acknowledgements, but they were undated or dated after the clients had entered into an investment advisory agreement.

Solicitation agreements: advisers paid cash fees to a solicitor without a duly executed solicitation agreement or paid compensation referencing an agreement that did not contain required provisions pursuant to rule requirement.  The SEC determined that solicitors did not perform their duties referenced in the solicitation agreement in a manner consistent with the instructions of the adviser thereby placing the adviser in deficient status.

Bona fide efforts to ascertain solicitor compliance: adviser compliance with rule 206(4)-3 requires advisers to make a genuine effort to ensure that solicitors are complying with cash solicitation rule requirements. The SEC observed that deficient advisers could not represent that they had a reasonable basis to believe that engaged third party solicitors were in full compliance with rule requirements (e.g., there was no evidence of a compliance audit trail with sufficient documentation attesting to solicitor compliance).

Other regulatory implications: the SEC also cited advisers for non-compliance with other provisions of the Advisers Act, e.g., breach of fiduciary duty under Sections 206(1) and 206(2). For example, OCIE observed advisers that recommended service providers to clients in exchange for client referrals without full and fair disclosure of the conflicts of interest.

Action Plan

We recommend that advisers review and amend, as necessary, disclosure documents and solicitation agreements to be consistent with actual practices.  Payment arrangements must be clear to all parties involved, including solicited clients. We also recommend that advisers adopt an internal control whereby the Chief Compliance Officer or designee performs appropriate due diligence for all engaged third party solicitors to ensure that all parties remain compliant with cash solicitation rule requirements. The frequency of review should be commensurate with the level of activity and risks associated with solicitation arrangements. Of course, all due diligence efforts must be documented in writing, and written policies and procedures must be adopted and implemented to ensure full compliance with the rule. Finally, although the SEC did not call out advisers for solicitation arrangement deficiencies evident with related party solicitors, investment advisers must ensure that related party arrangements follow the requirements of Rule 206(4)-3.

The SEC has stated that examinations within the scope of this review resulted in a range of regulatory actions against advisers, including enforcement actions. As one example, the SEC acted against an adviser deemed to violate the Cash Solicitation Rule by paying a cash fee to a solicitor despite knowing that the solicited clients had not received the necessary disclosures.

For More Information 

View the Risk Alert here: Investment Adviser Compliance Issues Related to the Cash Solicitation Rule (PDF)

OCIE Risk Alert – Compliance Issues Related to Best Execution by Investment Advisers

By | Blog, Risk Alert | No Comments

Introduction
On July 11, 2018, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert addressing deficiencies observed in their recent examinations of investment advisers’ best execution practices. For years, advisers have been required to obtain and document best execution on behalf of client account, yet firms continue to struggle with sustainable and effective best execution policy and procedure, according to SEC staff.

The Investment Advisers Act of 1940 (“Advisers Act”) establishes a federal fiduciary standard for investment advisers. As a fiduciary with responsibility to select broker-dealers and execute client trades, the adviser has an obligation to seek “best execution” of client transactions, taking into consideration the circumstances of each particular transaction. An adviser must execute securities transactions for clients in such a manner that the client’s total costs or proceeds in each transaction are the most favorable under the circumstances.

As the Commission makes clear, the determinative factor in an adviser’s best execution analysis is not the lowest possible commission cost but whether the transaction represents the “best qualitative execution” for the account. Of course, to comply with Rule 206(4)-7, advisers must tangibly demonstrate best qualitative execution. And this presents the greatest challenge to advisers, according to the SEC.

An adviser’s assessment of best execution may be impacted by the adviser’s receipt of brokerage and research services (“soft dollar arrangements”).  Advisers are required to develop and document a reasonable allocation of the costs of the products or services received pursuant to the soft dollar safe harbor. Under Section 28(e) of the Securities Exchange Act of 1934 (“Exchange Act”), an adviser may pay more than the lowest commission rate in soft dollar arrangements without breaching its fiduciary obligation, provided that certain specified conditions are met.

 

OCIE Exam Deficiencies – Best Execution
Below are examples of the most common deficiencies associated with advisers’ best execution obligations, identified by OCIE staff in recent examinations.

  • Not performing best execution reviews. Advisers could not demonstrate that they periodically and systematically evaluated the execution performance of broker-dealers used to execute client transactions (and therefore could not prove that client transactions achieved best qualitative execution).
  • Not considering materially relevant factors during best execution reviews. The staff observed that advisers did not consider the full range and quality of a broker-dealer’s services in directing brokerage.  For example, OCIE detected the following:
    • Advisers did not evaluate any qualitative factors relating to broker-dealer selection, including, among other things, the broker-dealer’s execution capability, financial responsibility, and responsiveness to the adviser.
    • Advisers did not solicit and review input from traders and portfolio managers.
  • Not seeking comparisons from other broker-dealers. The staff observed advisers that utilized certain broker-dealers without seeking out or considering the quality and costs of services available from other broker-dealers.  For example, the staff observed:
    • Advisers that utilized a single broker-dealer for all clients without seeking comparisons from competing broker-dealers initially and/or on an ongoing basis to assess their chosen broker-dealer’s execution performance.
    • Advisers that utilized a single broker-dealer based solely on cursory reviews of the broker-dealer’s policies and prices.
    • Advisers that utilized a broker-dealer based solely on that broker-dealer’s brief summary of its services without seeking comparisons from other broker-dealers.
  • Not fully disclosing best execution practices. The staff observed advisers that did not provide full disclosure of best execution practices.  For example, the staff observed advisers that did not disclose that certain types of client accounts may trade the same securities after other client accounts and the potential impact of this practice on execution prices. In addition, the staff observed advisers that, contrary to statements in their brochures, did not review trades to ensure that prices obtained fell within an acceptable range.
  • Not disclosing soft dollar arrangements. The staff observed advisers that did not appear to provide full and fair disclosure in Form ADV of their soft dollar arrangements. OCIE observations included the following:
    • Advisers that did not appear to adequately disclose the use of soft dollar arrangements.
    • Advisers that did not disclose that certain clients may bear more of the cost of soft dollar arrangements than other clients.
    • Advisers that did not appear to provide adequate or accurate disclosure regarding products and services acquired with soft dollars that did not qualify as eligible brokerage and research services under the Section 28(e) safe harbor.
  • Not properly administering mixed use allocations. The staff observed deficiencies related to soft dollar mixed use allocations.  For example, the staff observed advisers that did not appear to make a reasonable allocation of the cost of a mixed-use product or service according to its use or did not produce support, through documentation or otherwise, of the rationale for mixed use allocations as required under Section 28(e).

 

Action Plan
Below we outline various components of a sound trade management policy which may assist advisers in achieving best execution.

Approved Brokers: Many investment advisers maintain a list of approved brokers, populated with firms that have been vetted by the adviser from a due diligence standpoint.  Due diligence inquiry should address several important variables including financial condition, regulatory history, affiliate party relationships and business continuity planning. In certain advisory business models, the trade counterparty is the client’s custodian. However, even in such models, the adviser generally retains the authority to step away from the custodian when it is necessary to obtain best execution. Typical examples of step away (or “step out”) situations include the purchase of a security not available from the custodian, time sensitive transactions, or transactions in highly illiquid securities that require special trading expertise to avoid material market impact on execution prices. Step out procedures, if adopted, must be fully disclosed to clients in Form ADV and referenced in the advisory agreement where appropriate.

Governance:  Best execution oversight is critical to effective trade management. Because the trader is closest to the trade, he/she is often in the best position to determine if best execution has been achieved on a trade-by-trade basis. However, it is precisely because the trader is closest to the trade that an adviser’s governance framework should include professionals not executing trades. Governance considerations relative to the development and implementation of best execution policy should include:

  • Representatives from portfolio management, trading, operations, risk oversight, and compliance
  • The oversight team should include professionals who are independent of the trade management process, i.e., not compensated on achievement of best execution
  • The forensic review of transaction data is critical to the governance framework
    • transaction cost analysis may include measures such as volume weighted average price (“VWAP”), reversion, implementation shortfall, and others
    • implementation shortfall measures the difference between the average price of an execution and the price prevailing at the time the trade is received by a broker or exchange (arrival time)
    • transaction data may be available from executing brokers, as well as independent vendors
  • The SEC has stated that advisers must “periodically and systematically” evaluate the quality of execution services received from the broker-dealers that are used to execute client trades; the governance framework should specify the frequency with which best execution will be evaluated

Quantitative Factors (Cost): The evaluation of best execution should include the actual cost of trading. Cost factors most often include:

  • Commission rates
  • Flat trade fees
  • Transaction prices
  • Exchange fees
  • Service fees
  • Step out fees

Qualitative Factors: Cost is not the only best execution factor to be considered. As noted, the SEC concedes that the objective of best execution is not necessarily to achieve the lowest cost of execution. Qualitative factors should also be evaluated when selecting broker-dealers, including:

  • Execution capability (market access, natural order flow, security types, capital commitment, IPO access, etc.)
  • Quality of research (including soft dollars)
  • Operational capability (service, errors, etc.)
  • Quality of execution (market intelligence, confidentiality, minimizing market impact, access to liquidity, handling of difficult orders, trade error history, etc.)
  • Organizational factors (financial soundness and stability, reputation, sales coverage, etc.)

The creation of a scorecard that is used by governance professionals is a common means of evaluating the qualitative aspect of best execution. It is imperative that advisers implement policies, procedures and controls which reflect these qualitative attributes of the firm’s best execution practices and further, incorporate these qualitative variables in best execution management reports.

Security Type Considerations: The security type certainly impacts best execution protocol. However, no security type is exempt from best execution analysis, whether private equity, bonds, equities, or mutual funds. Cost factors to be considered in each case may include, without limitation:

  • Private equity:
    • Deal execution speed
    • Certainty of financing
    • Operational and strategic expertise, including industry, geography, management team, market potential, product considerations, and growth capabilities
  • Bonds:
    • Bid-ask spreads
    • Odd-lot pricing
    • Competing bids and offers
    • Access to bonds, including new issues
    • Availability of liquidity or volume
  • Equities:
    • Market venue and market conditions
    • Character of the market for the security (e.g., price volatility, relative liquidity, etc.)
    • Size and type of transaction
    • Accessibility of price quotes
    • Number of markets checked
    • Terms and conditions of the order
  • Mutual funds:
    • Expense ratios
    • Investment manager fees
    • Portfolio turnover (higher turnover = higher trading expenses)
    • Share class availability

Soft Dollars: The Risk Alert specifically calls out soft dollars as an area of deficiency cited in examinations. The entire soft dollar landscape is shifting in today’s marketplace for many reasons, including MIFID II. Soft dollars present a conflict of interest because they represent a mechanism for an adviser to use client assets, in the form of commission dollars, to pay for services that would otherwise come out of the adviser’s hard dollar budget. Some brokerage services are not fully protected under the safe harbor, which means the adviser must carefully allocate costs between hard and soft dollars, which requires careful analysis and objectivity. Services paid with soft dollars must be proven to assist in the formulation of investment advice and must meet strict safe harbor guidelines. Not all clients are required to participate in soft dollar arrangements, however advisers must make it clear that those clients whose commissions are used to satisfy soft dollar commitments may likely be footing the bill for those not participating in such arrangements. Disclosures must be clear, detailed, and unambiguous. 

Written Policies: Although there is no best execution rule per say, best execution is specifically named as one of the areas advisers are expected to consider in establishing their written compliance programs under SEC Compliance Rule 206(4)-7. The factors listed above, along with other procedures and controls, should be memorialized in written policies and procedures.

Books and Records: It is vital that investment advisers document their best execution activities. As with most compliance activities, the SEC’s view is if there is no written documentation to evidence the adviser’s pursuit of best execution, the adviser has not met its fiduciary duty to seek best execution.

Disclosures: Do what you say you do! Brokerage disclosures must match the adviser’s actual practices, policies, and procedures. Conflicts of interest inherent in trading practices must be identified, mitigated, and disclosed to the extent they are not removed. Typical conflicts related to best execution include soft dollars, directed brokerage, performance fees, IPO access, step-out trades, block trading, trade rotation and allocation, obtaining client referrals from trade counterparties, cross trading, principal trading, and use of affiliated broker-dealers.

 

Conclusion
The closing statement of the Risk Alert bears consideration: “In sharing the information in this Risk Alert, OCIE encourages advisers to reflect upon their own practices, policies, and procedures in these areas and to promote improvements in adviser compliance programs.”  As we say often, forewarned is forearmed. The SEC has tipped its hand when it comes to its expectations around best execution policies and controls, and therefore investment advisers must adjust their playbook accordingly! 

Source
View the Risk Alert Here: Most Frequent Best Execution Issues Cited in Adviser Exams 

SEC Risk Alert – Frequent Fee and Expense Deficiencies in Adviser Exams

By | Blog, New in Compliance, Risk Alert | No Comments

April 12, 2018:  The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to highlight recurrent deficiencies observed in their recent examinations of investment advisers’ policies and procedures governing client fee and expense assessments. The deficiencies were identified by OCIE while conducting more than 1,500 investment adviser examinations over the past two years.  This Risk Alert emphasizes the importance of advisers’ provision of clear and thorough disclosures in Form ADV and client investment advisory agreements.  The Risk Alert further underscores prior Commission guidance relating to adviser obligations to develop, implement, and test effective risk-based compliance policies to minimize the risk of misrepresentation in client communications and the risk of misappropriation in the management of client assets.

Most Frequent Compliance Issues – Advisory Fees and Expenses 

The following issues were deemed to be significant and prevalent in nature, although they do not constitute all fee and expense-related findings detected by OCIE.

Read More

SEC Risk Alert – Observations from Cybersecurity Examinations OCIE Cybersecurity 2 Initiative

By | New in Compliance, Risk Alert, SEC

August 7, 2017:  The U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) has released results of its Cybersecurity 2 Initiative. In this Initiative, National Examination Program Staff examined 75 firms, including broker-dealers, investment advisers, and investment companies (“funds”) registered with the SEC to assess industry practices and legal and compliance issues associated with cybersecurity preparedness. The OCIE Cybersecurity 2 Initiative examinations involved more validation and testing of procedures and controls attendant to cybersecurity preparedness than was previously performed in OCIE’s 2014 Cybersecurity 1 Initiative. Read More

SEC National Exam Program Risk Alert Cybersecurity: Ransomware Alert

By | New in Compliance, Risk Alert, SEC

May 17, 2017:  The SEC just issued a Risk Alert (Cybersecurity: Ransomware Alert) to investment advisers and broker dealers informing them of the targeting of companies by hackers propagating a new and aggressive ransomware. On May 12, 2017, this attack, referred to as WannaCry, WCry, or Wanna Decryptor, rapidly affected numerous organizations across over one hundred countries. The WannaCry ransomware infects computers with a malicious software that encrypts computer users’ files and demands payment of ransom to restore access to the locked files.

Initial reports indicate that the hackers that perpetrated the attack are gaining access to enterprise servers either through Microsoft Remote Desktop Protocol (RDP) compromise or through the exploitation of a critical Windows Server Message Block version 1 vulnerability.[1] Most significantly, some networks have been affected through phishing emails and malicious websites.

To protect against the WannaCry threat, investment advisers are urged to (1) review the alert published by the United States Department of Homeland Security’s Computer Emergency Readiness Team[2] and (2) evaluate whether applicable Microsoft patches for Windows XP, Windows 8, and Windows Server 2003 operating systems are properly and timely installed.  The Microsoft patches to prevent the infection have been available since March for supported operating systems.  In addition, within 24 hours of the attack, Microsoft had provided the necessary security patch for non-supported Windows XP.  This highlights the need to keep current operating systems and have a disciplined and managed patching strategy.

This latest Risk Alert highlights the importance of conducting penetration tests and vulnerability scans on critical systems and implementing system upgrades on a timely basis. SEC staff also notes that appropriate planning to address cybersecurity issues, including developing a rapid response capability, is important and may assist firms in mitigating the impact of any such attacks and any related effects on investors and clients.

On the broader topic of cybersecurity, OCIE’s National Examination Program staff recently examined 75 SEC registered broker-dealers, investment advisers, and investment companies to assess industry practices and legal, regulatory, and compliance issues associated with cybersecurity preparedness.  The SEC observed a wide range of information security practices, procedures, and controls across the industry, varying greatly based on registrant operations, lines of business, risk profiles, and enterprise size.

The following observations gleaned from this sweep certainly informed this week’s SEC guidance relative to mitigating the cyber security risk posed by WannaCry ransomware, especially with respect to small and mid-sized registrants:

  • Cyber-risk Assessment: Five percent of broker-dealers and 26 percent of advisers and funds (collectively, “investment management firms”) examined did not conduct periodic risk assessments of critical systems to identify cybersecurity threats, vulnerabilities, and the potential business consequences.
  • Penetration Tests: Five percent of broker-dealers and 57 percent of the investment management firms examined did not conduct penetration tests and vulnerability scans on systems that the firms considered to be critical.
  • System Maintenance: All broker-dealers and 96 percent of investment management firms examined have a process in place for ensuring regular system maintenance, including the installation of software patches to address security vulnerabilities.  However, ten percent of the broker-dealers and four percent of investment management firms examined had a significant number of critical and high-risk security patches that were missing important updates.

The Commission has provided guidance and information that firms must consider when addressing cybersecurity risks and response – https://www.sec.gov/about/offices/ocie/cybersecurity-examination-sweep-summary.pdf .  While not a functional regulator for advisers, FINRA has also provided guidance which is especially useful for smaller enterprises with commensurately smaller cyber risk profiles – http://www.finra.org/industry/cybersecurity.

For the past two years, Horrigan Resources has partnered with an IT specialist to offer cybersecurity risk assessments to our clients. Although each firm presents unique risks and challenges, the overarching themes relative to risk mitigation have been rapid response to red flags, and swift handling of ‘low hanging fruit’. Risk mitigation may entail material capital expenditure over time however the key is to know and triage risk, recognize that cyber risk management is ongoing and continuous, and be proactive.

Not unlike compliance, attaining a secure IT environment is a journey without a destination. Continuous and prudent attention to business risk, awareness of the threat environment, and ongoing employee training and awareness are great starting points to reduce cyber risk. Follow this link for the Risk Alert: https://www.sec.gov/files/risk-alert-cybersecurity-ransomware-alert.pdf.

May 19, 2017

prepared by Horrigan Resources, Ltd.

www.horriganresources.com

(724) 934-0129

Not customized advice. Not legal advice.

[1] See, U.S. Department of Homeland Security/ U.S. Computer Emergency Readiness Team (US-CERT), Alert (TA17-132A), Indicators Associated with WannaCry Ransomware (May 12, 2017, last revised May 15, 2017) (“U.S. Cert Alert TA-132A”).

[2] https://www.us-cert.gov/ncas/alerts/TA17-132A

Risk Alert: OCIE is Scouting Investment Advisory Branch Offices

By | New in Compliance, Risk Alert

December 12, 2016:  The Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) announced via Risk Alert its new Multi-Branch Adviser Initiative. The initiative is no surprise given that the 2016 Examination Priorities published in January highlighted OCIE’s interest in examining advisers’ supervisory practices over advisory personnel located in branch offices.

OCIE’s interest is prompted by the fact that advisers are increasingly expanding their geographical footprints, staffing personnel in locations far removed from the adviser’s principal place of business. The Staff is worried about the risks of the “out of sight, out of mind” mentality.

Accordingly, OCIE has launched its Multi-Branch Adviser Initiative to examine advisers operating multiple branch offices to ascertain compliance with federal securities laws in view of the additional and unique risks that arise when operating in this manner. Read More

The OCIE Finds its Voice – and it’s a Whistle

By | New in Compliance, Risk Alert

October 27, 2016:  The U.S. Securities and Exchange Commission (“SEC” or “Commission”) has been proclaiming near and far that its whistleblower program has surpassed $100 million in awards and payments to whistleblowers. Enforcement chiefs have touted the value of the whistleblower program for generating quality leads since the whistleblower rule became effective in 2011.

Advisers and Broker-Dealers Take Note

Well…what exactly does this mean for advisers and broker-dealers? Read More