When was the last time you asked your chief compliance officer (CCO) how he or she was doing? Because your CCO may likely have something to say ─ and don’t be surprised if you get an unenthusiastic answer.
The SEC’s Division of Examinations, formerly the Office of Compliance Inspections and Examinations (OCIE), periodically releases Risk Alerts about compliance program deficiencies. These alerts could have CCOs worried about their responsibility to implement an effective compliance program at their firms, especially as asset managers expand their business activities and transform where and how they work. Even if your firm isn’t regulated by the SEC, you’ll want to keep reading, because all regulators have similar expectations.
What’s surprising is that the Division of Examinations continues to find deficiencies related to the SEC’s Compliance Rule. Years ago, I worked on implementing the requirements at a large asset manager, with the full backing of senior management to get it done right. Maybe it’s easier to implement something out of the gate, while it’s fresh and new and people are paying attention, versus the need to maintain something and keep it current, which doesn’t always get the attention it deserves.
The Division of Examinations cites examples of notable deficiencies or weaknesses in the following broad areas:
Regulators around the globe have conduct rules for registered advisers. For example, in the United States, Rule 206(4)-7 and Rule 38a-1 (the Compliance Rule) requires advisers to:
• Adopt and implement written policies and procedures reasonably designed to prevent violations of the Investment Advisers Act of 1940
• Review policies and procedures no less frequently than annually
• Designate a CCO
As you think through your 2021-2022 priorities and budgets, use the effort as an opportunity to emphasize the need for talent and technology to support your compliance program and regulatory obligations. By answering the following questions, you can bring to light areas where you might be falling short and take action:
See the Risk Alert for more information and examples of deficient or weak policies and procedures that the Division of Examinations disclosed in the following key areas: portfolio management, marketing, trading practices, disclosures, advisory fees and valuation, safeguards for client privacy, required books and records, safeguarding of client assets, and business continuity plans.
Unfortunately, topics like this usually don’t receive much attention until you’re dealing with a tough regulator inquiry, a regulatory exam, a black swan event, or when a negative headline about an industry peer grabs senior management’s attention. It’s up to the CCO to lead a strong team of compliance experts, work with the business to adopt relevant policies and procedures, provide oversight, and set and continually reinforce a tone from the top that emphasizes everyone’s role as a fiduciary.
Is your firm supporting your CCO in this endeavor? Compliance resources, projects, and technology are often underserved and only funded when mandated, such as complying with a new reporting requirement. Make sure you’re listening to your CCO and supporting advancements to stay ahead of your firm’s compliance program needs. And include your CCO in any post-COVID-19 “return to work” strategies, so that your program continues to progress as your firm’s work environment evolves. Your firm’s reputation and continued success may depend on it.
And the next time you ask your CCO how he or she is doing, hopefully you’ll get a smile and the response, “I’m doing just fine ─ thanks for asking.”
Contact us at firstname.lastname@example.org to discuss this topic or learn more about Cutter research membership and Cutter consulting services.
Stacia Graham has more than 20 years of experience in investment management, including various compliance-related roles. She brings a deep understanding of end-to-end asset management processing and project management to her role as Managing Director on the research team at Cutter.