2022 Division Exam Priorities

Main Contributor: Gretchen Sturdivan, CSCP Creative Director & Client Service Manager

Hindsight is 2021

It remains an annual highlight to read through the Division of Examinations’ (“Division”) Exam priorities, as we comb through what they deem to be significant focus areas and adjust our compliance programs accordingly. The Division provides Risk Alerts throughout the year to emphasize the areas they find as higher risk in the name of protecting investors, but these exam priorities, while not exhaustive, do give us a bone.

The Division noted the uptick in remote exams conducted during 2021 is now on par with pre-pandemic examination rates and of those 3,040 exams conducted, 2,100 received deficiency letters – 70% of advisors examined were tasked with remediation in the name of compliance. Many were prompted to return fees to investors and make fee calculation corrections, driving home the significance of the Risk Alert they distributed in November of last year.

The percentage of RIAs they examined has increased, however, we do not expect this trend to continue, as the Division’s staffing capabilities cannot keep up with the growth of RIAs. Over the last five years, the number of RIAs has increased by 20% and the total AUM of those RIAs is a nearly 70% increase from 5 years ago: now over $113 trillion. They also point out that more than 35% of RIAs manage a private fund, which brings us to our first Exam Priority.

Private Funds’ Compliance Program Elements

According to the Division, there has been a 70% increase in the assets managed by advisors to private funds in the last five years. Over 35% of all RIAs now manage private fund assets in various strategies. This is a significant amount of the market as well as significant growth, and they are now coming under scrutiny in full form. Specifically, as it relates to:

1. The calculation and allocation of fees and expenses,

2. preferential treatment of investors,

3. compliance with the custody rule, including the “audit exception,”

4. adequacy of disclosures around cross trades and principal transactions, and

5. conflicts around liquidity.

Apparently, these items aren’t quite enough to bring under the microscope because the Division will also review private fund advisers’ portfolio strategies, risk management, and investment recommendations and allocations.

SCS Suggests

Though it may seem like a daunting list, when we step back, coming out of a successful exam will require implementing practical policies and procedures that are in line with your actual, daily practices. Review those policies at least annually, or when you know of a material change, to ensure your practices never stray too far away from your documented framework. Conduct forensic testing as often as makes sense with your risk level to document that your fees and disclosures are accurate and that you don’t see any patterns of preferential treatment of investors. As always, a well-documented annual review that supports your practices are in line with your policies will serve your future self well.

ESG = Mislead?

Environmental, Social, and Governance (“ESG”) strategies are rapidly gaining traction, as advisors work to meet investor demand. While it sounds green and fancy, it is also something the Division has already issued a Risk Alert about last April. In the risk alert, they highlighted the accuracy of disclosures and the implementation of policies, as both things have the potential to mislead investors. In the 2022 Exam Priorities, this focus continues as the risk remains that disclosures could include materially false or misleading statements or omissions – a concept we also see woven throughout the New Marketing Rule.  It's pretty clear the SEC is focusing on protecting retail investors through many avenues.

At any rate, the Division sees the risk of misinformed investors to be strengthened by the lack of standardization in ESG investing terminology (i.e., sustainable, socially responsible, impact investing, etc.). Seeing any of those terms can make an investor feel like they are investing altruistically, but does anyone actually know what it means? It appears greenwashing is spreading its tentacles beyond the grocery store aisles. The Division is also concerned by the variety of approaches to ESG investing because advisors are marketing with a blanket term, but investors may not know the nuances of what each approach entails.

The Division will be looking at those advisors who engage in ESG-related services to ensure accurate disclosure of their ESG investing approaches, accurate proxy voting records that are in line with policies, and accurate representation of the ESG factors considered or incorporated into portfolio selection for performance advertising and marketing.

SCS Suggests

Misleading investors (especially retail investors) continues to be a driving force behind the SEC’s rule-making, risk alerts, and exam priorities. ESG investing is not exempt from this fanfare and in fact, may put you at higher risk for review. This is not to say you should avoid entering the pool altogether but to encourage strong policies, and accurate, clear, prominent, and descriptive disclosures that prioritize transparency for investors. You will see this throughout the Marketing Rule as well, and it all comes back to fiduciary duty.

Standards of Conduct

Again, the Division will continue to focus their reviews on how RIAs are acting as fiduciaries in the best interest of retail investors and not placing their own interests ahead of their clients. This should go without saying, yet conflicts of interest, trading practices, and disclosures continue to get in the way of successful exams. An exam will review any incentive practices that favor certain products or strategies, best execution obligations, robust ADV disclosures, and adequate account selection for retail investors. For example, the Division will review if you are holding more expensive asset classes or products when lower ones are available and likewise, if you offer a proprietary product that comes at a higher cost than an outside investment.  

SCS Suggests

Having a strong culture of compliance at your firm, that highlights the importance of each advisor’s fiduciary duty will be a strong foundation for your Compliance Program. Maintain policies designed to address conflicts, train staff, and conduct periodic testing to ensure you are doing everything in your control to protect retail investors and mitigate risk factors that are not acting in the clients’ best interest. Take the time to find out from your team all the potential conflicts that exist around product offerings, fees, outside business activities, and relationships. This can be completed with a disclosure questionnaire and/or interviews with key personnel.

The Back Burner isn’t Meant for Information Security

The work-from-home normalcy may feel refreshing for many employees, but it also opens up a Pandora’s Box of IT issues. While everyone is spread out and working remotely, it makes client information that much more challenging to secure and protect. Unsurprisingly, the Division is ensuring this is also an exam focus and will review if firms have taken appropriate measures to mitigate these risk areas:

1. safeguard customer accounts and prevent intrusion,

2. oversee vendors and service providers,

3. address malicious email activities (i.e., phishing),

4. respond to incidents and breaches,

5. identify and detect red flags related to identity theft, and

6. manage the operational risk of a remote workforce.

SCS Suggests

Invest in your IT department, or outsource as appropriate, to ensure you have safeguards in place to protect client information. Tighten up your BCP plan and your disaster recovery plan to address the impact of climate risk and substantial disruptions to normal business operations. Train and remind your staff regularly on the importance of the controls in place to prevent cyber risks and document the results of all training efforts. The Division will review the improvements to these plans over the year and a firm’s ability to anticipate and prepare for disruptions to their business.

Robo, Crypto, Risko

Apparently, we are not the only ones seeing an uptick in Robo Advisors (automated digital investment advice) in the market and the offering of crypto-assets. This exam priority is unsurprising and is right in line with the Risk Alert issued last year. The piece the Division wants to highlight during exams is whether or not the full suite of unique risks this investment model generates was considered when designing a Compliance Program. They will review whether:

1. operations and controls in place are consistent with disclosures made and the standard of conduct owed to investors,

2. advice and recommendations, including by algorithms, are consistent with investors’ investment strategies and the standard of conduct owed to investors, and

3. controls take into account the unique risks associated with such practices.

If you offer crypto-assets, exams will review the custody arrangements for such assets and will assess the offer, sale, recommendation, advice, and trading of crypto-assets. The Division wants to see that advisors meet their standard of conduct, and routinely review, update, and enhance their compliance practices and risk disclosures to stay current with financial technologies. It’s also worth knowing that they will review Mutual Funds and ETFs that offer exposure to crypto-assets as well to assess liquidity and operational controls around portfolio management, among other things.

SCS Suggests

While it is still a bit of the “Wild Wild West” out there (too soon?), the standard compliance practices should also be applied and carry you through, should you decide to dabble in these emerging technologies. Acting as a fiduciary, developing a strong Compliance Program, and designing clear disclosures and trading practices will help you navigate this ever-changing landscape. Given the unique nature of this category, make sure your policies and Compliance Program are tailored to your firm’s specific risks.

Conclusion

While these exam priorities are in line with the risk alerts from the past year and what we’ve witnessed in exams, it does provide a clear direction for us to focus our energy on these areas of our compliance program that may need a little more attention. A nice reminder to routinely review policies, test your higher-risk areas, and ensure your practices are consistent with your program. Remember the focus the Division is placing on retail investors and make sure you are always acting in each client’s best interest, in line with a strong culture of compliance. Oversight practices help mitigate risk for a firm and compliance definitely comes into view during an exam. Make it a focus this year to conduct a risk assessment and tailor your compliance program to your actual practices, setting you up for exam success.