On March 27, 2023, the SEC’s Division of Examinations (Division) published a Risk Alert that will be of great interest to newly-registered investment advisers. The observations will also be invaluable to investment advisers that have been in business for some years. The Division’s observations will help new Registered Investment Advisers (RIAs), as well as seasoned advisory personnel and Chief Compliance Officers (CCOs), to improve their compliance programs.

Purpose of examinations of newly-registered advisers

Examinations of newly-registered advisers have been a priority for the SEC for a number of years. These examinations provide an opportunity for early engagement between RIAs and examiners. They enable the SEC to:

  • Provide investment advisers with information about the Division’s examination program;
  • Conduct preliminary risk assessments;
  • Facilitate discussions regarding the advisory firm’s operations and risk characteristics; and
  • Promote compliance with applicable statutes, rules and regulations.

Examinations of newly-registered advisers frequently focus on whether the RIA has:

  • Identified and addressed conflicts of interest;
  • Provided clients with full and fair disclosure so they are capable of providing informed consent; and
  • Adopted thorough and effective compliance programs.

Along with document requests, examiners interview advisory personnel to ascertain the RIA’s business and investment activities, organizational affiliations, compliance policies and procedures, and disclosures to clients. The firm’s disclosures to clients, as well as its policies and procedures and SEC filings, must be consistent with the RIA’s actual practices. To understand the RIA’s business model and operations, examiners will typically ask firms to provide:

  • Organizational charts;
  • Documentation that substantiates the firm’s eligibility for SEC registration;
  • Ownership and control information regarding the firm and its affiliates;
  • Information pertaining to current and former advisory personnel;
  • Financial information such as the firm’s balance sheet, trial balance and income statement;
  • Information regarding any threatened, pending, or settled litigation or arbitration involving the RIA or any of its supervised persons;
  • Client demographic information, including the advisory services provided, type of accounts serviced such as private funds, trading authority granted, advisory personnel servicing and overseeing accounts, assets under management, third-party service providers, and investment strategies;
  • Information related to the RIA’s compliance program, risk management practices, and internal controls;
  • Data used to facilitate testing for regulatory compliance; and
  • Communication utilized by the RIA to inform or solicit new and existing clients.

Specifically, examiners look at the new RIA’s social media, website, blogs and marketing materials.

Findings from Division’s examinations of newly-registered RIAs

The Risk Alert detailed the findings of the Division’s examiners in three areas:

  • Compliance policies and procedures;
  • Disclosure documents and filings; and
  • Marketing.

Examiners found that some RIA’s compliance policies and procedures:

  • Did not adequately address certain risk areas impacting the firm, such as portfolio management and fee billing;
  • Omitted procedures to enforce the firm’s policies, such as claiming the RIA seeks best execution even though it does not have a process to evaluate the execution quality of its broker-dealer; and
  • Were not adhered to by advisory personnel, usually because they were not aware of the policies or procedures or those policies or procedures were not consistent with their business model or operations.

In addition, examiners learned that some RIAs annual compliance reviews did not address the adequacy or effectiveness of the firm’s policies and procedures. Certain firms:

  • Used off-the-shelf compliance manuals that were not tailored to the RIA’s operations;
  • Did not allocate sufficient resources to compliance;
  • Had undisclosed conflicts of interest;
  • Outsourced certain business and compliance functions without evaluating how they were performed or whether they were consistent with the RIA’s policies and procedures; and
  • Did not implement business continuity plans, including succession plans.

Examiners observed that some RIAs’ disclosure documents and filings were inaccurate or contained

omissions regarding fees and compensation, business or operations, services offered to clients such as the use of models, disciplinary information, websites and social media accounts, and conflicts of interest. In some cases, filings were not made in a timely manner.

Examiners observed that some RIAs’ marketing materials appeared to contain false or misleading information, including inaccurate information about members of the firm’s professional experience or credentials, third-party rankings, and performance. Advisers were also unable to substantiate certain factual claims.

Takeaways

Ideally, an examination is a good opportunity for new RIAs to get off on the right foot with regulators. Even if an RIA has made mistakes, advisers can demonstrate to examiners that they are committed to building a culture of compliance. If they show little regard for their compliance obligations, however, RIAs may face another examination sooner than expected.

As examiners review an RIA’s advertisements, they will ensure that firms are complying fully with the Marketing Rule, which had a compliance date of November 4, 2022. The observations in this Risk Alert predated the Marketing Rule. In some respects, newly-registered investment advisers may have an advantage over RIAs that are used to complying with the prior Advertising Rule’s requirements and have not familiarized themselves with the new rule.

The Risk Alert encouraged RIAs to review their compliance policies and procedures and strengthen them. RIAs should update their policies and procedures after reading a Risk Alert like this one rather than waiting for their annual review.

The Risk Alert is available at https://www.sec.gov/files/risk-alert-newly-registered-ias-032723.pdf.

 

About RIA Compliance Group: RIA Compliance Group is an investment adviser compliance consulting firm based in Delray Beach, Florida. The firm’s mission is to provide affordable, timely, practical, and cost-effective compliance advice. We help investment advisers to comply with the myriad of state and SEC regulations and compliance obligations facing their firms. RIA Compliance Group takes pride in giving personal service and real world compliance advice, not theoretical concepts and legalese. The firm interacts on a daily basis with SEC and state securities regulators.

RIA Compliance Group, LLC – 701 SE 6th Ave, Suite 201, Delray Beach, FL 33483 – Tel: 561-600-0564 – sales@ria-compliance.com