RIA Compliance and Practice Management Blog

Compliance Considerations for RIAs to Keep in Mind When Hiring

Posted by RIA in a Box

May 4, 2022 1:12:06 PM

RIA Hiring and Compliance

There are many factors to consider when hiring a new team member for your registered investment adviser (“RIA”) firm. Each new member of your team brings their own unique background and experiences to your firm, making it a critical task for the hiring manager to gather certain information about compliance. In fact, it is crucial for your RIA firm to understand the regulatory considerations when hiring any new employee, whether they’re an investment adviser representative, in human resources, or doing administrative work. Each role within your firm requires different levels of compliance oversight and access control. 

Below we discuss the key compliance considerations that your firm should consider throughout the hiring process.

Download the Comprehensive Guide to RIA Compliance

1. Disciplinary Disclosures

This may seem obvious, but it’s an often-overlooked compliance issue. While we understand that even the most valuable employees can make mistakes, there are certain preparations that need to be made in these instances. 

One of the most common oversights is that RIA’s lack the sufficient processes to identify and supervise employees with disciplinary histories. Your firm’s comprehensive background information on potential employees must address these deficiencies to remain compliant.

Your firm’s policies and procedures need to be designed to properly address the risks involved with hiring employees carrying a disciplinary record. This should include additional supervision, increased caution, and due diligence where appropriate—an increased responsibility that shouldn’t be taken lightly during the hiring process. Also, possible additional disclosure requirements for the firm.

2. Cybersecurity Concerns

We’ve said it before, and we’ll say it again: Protecting your RIA from cybersecurity attacks begins with your hiring process. 

Hiring managers should take a proactive approach to building a strong company culture of cybersecurity awareness. This includes asking potential employees questions to assess their current cybersecurity attitude, practices and knowledge.

Here are a few questions that can serve as a good starting point:

  • Have they had comprehensive training in cybersecurity awareness?
  • Do they already have a basic knowledge of current cyber threats?
  • What type of information security measures do they take in everyday situations?

A lack of cybersecurity knowledge isn’t necessarily a way to rule out a potential hire, but rather to accurately assess the level of training and supervision necessary in a digital environment. 

Finding a potential hire open to learning and engaging in proper cybersecurity practices is key to the enduring security of your firm.

3. Familiarity with Systems and Regulatory Rules

Your systems and processes are unique to your firm, so there will always be at least some learning curve with a new hire. You’ll want to get an idea of what systems and processes your potential hire is familiar with, to get a good idea of where they need the most training, from email to record keeping and beyond.

For example, it’s important that the new hire understands the requirements for archiving communications like emails. You will want to ensure that professional communications are not made outside your approved systems, even with 3rd party vendors or TAMPs. Your firm is also responsible for archiving customer correspondence, advertisements, and posts associated with your social media accounts. These records must be kept and reviewed for at least five years from the end of the calendar year in which they were published or distributed. 

Additionally, determine whether the individual will fall under the status of “supervised person” or “access person” to set the tone for additional reporting requirements. An “access person” is subject to the personal securities account-reporting requirements, pursuant to the SEC’s Code of Ethics Rule. This means that securities holdings reports and quarterly transaction reports must be reviewed by the CCO or other designated supervisory personnel. The hiring manager can also gauge the individual’s experience with reporting systems and processes. Additional disclosure may be required if the individual has any outside business activities that create conflicts of interests.

4. Attitude Toward Compliance Concerns

When interviewing job candidates, your hiring manager should try to discover how seriously they take compliance. Dig deeper than the standard high-level questions to find out if they really understand the role they will play in keeping your firm compliant as well as the consequences for non-compliance. Will the new hire add to our “culture of compliance” or subtract from it?

A good way to explore this topic is to ask for examples of how they addressed compliance at previous jobs. Here are some sample questions to get you started:

  • Have they ever gone through an audit? How did they handle that experience?
  • What personal responsibilities have they had in regards to compliance?

The answers to these questions should give you a good idea of what previous experience and attitude your potential hire has toward best compliance practices. 

Want help keeping your team compliant? Click here to schedule a demo of MyRIACompliance®.

Download 10 Steps to Address Cybersecurity Threats

 

Topics: RIA Operations, RIA Compliance, RIA Technology

RIA in a Box LLC is not a law firm, investment advisory firm, or CPA firm. RIA in a Box LLC does not provide legal advice or opinions to any party or client. You should always consult your relevant regulatory authorities or legal counsel if applicable.

RIA Compliance & Practice Management

Stay up to date on the latest RIA compliance, operations, and technology topics.

Hear from industry experts as they keep you up to date on the latest regulatory developments and practice management topics.

Subscribe to Email Updates

Recent Posts

POSTS BY TOPIC

cta-ria-compliance

cta-ria-operations

cta-ria-technology