RIA Compliance and Practice Management Blog

How to Conduct an Effective RIA Annual Compliance Meeting

Posted by RIA in a Box

May 31, 2022 3:34:11 PM

RIAB Blog Post - How to Conduct an Effective RIA Annual Compliance Meeting

Every investment adviser registered under section 203 of the Investment Advisers Act of 1940 (15 U.S.C. 80b-3) is required by the Securities and Exchange Commission's (“SEC”) Rule 206(4)-7 to conduct a review of the firm’s compliance program.

The compliance review is an opportunity for the Chief Compliance Officer (“CCO”) to thoroughly assess the adequacy and effectiveness of the RIA firm’s policies and procedures, and therefore minimize risk of compliance deficiencies. The SEC requires the review to take place “no less than annually”. In this blog post, we highlight key considerations to conduct an effective compliance meeting. 

10 Tips for Conducting Your RIA firm's Annual Review

The annual compliance meeting is an excellent time to address any policy updates or procedural changes that resulted from the review of the firm’s compliance program.

We generally recommend that RIA firms consider hosting their annual compliance meeting after the firm’s annual Form ADV amendment period and distribution to clients. This often leads to conducting the meeting in the spring. However, there is no "right" time to conduct the annual meeting, and firms should do what is best to accommodate their unique business practices.

As RIA compliance consultants, we often find that RIA firms can face preventable compliance issues by failing to efficiently perform and document the completion of the mandatory annual compliance program review.

Below, we’ve developed a list of steps you can follow for a productive and efficient annual compliance meeting.

1. Review Regulatory Developments and Update Policies Accordingly

The firm’s CCO will need to review the latest regulatory rule changes and risk alerts to consider any tweaks to the policies and procedures manual.

Be sure to take the time to look back at the top regulatory developments for the year, such as the DOL Fiduciary Rule, the SEC’s Marketing Rule, and NASAA’s Continuing Education Rule.

2. Review Advisory Documents for Accuracy and Relevance

Review each of your firm's advisory documents for accuracy and relevance to your current business practices. This includes, but is not limited to, your Form ADV, policies and procedures manual, business continuity plan, succession plan, and information security policy.

When reviewing your policies and procedures in an annual meeting, don’t forget to alert your staff to any relevant changes that affect them, and then train them accordingly.

3. Complete Your Risk Assessment

Conduct a risk assessment to identify the areas of highest risk to your firm based on its unique business practices, and update your compliance program accordingly.

Performing a risk assessment of different areas throughout the year is critical. This allows you to determine whether your firm’s current compliance procedures are sufficient, or if you need to make changes based on your risk profile. The SEC’s risk assessment flowchart and risk inventory guide offer good starting points for your assessment.

Click here to download a checklist to help you conduct your annual review.

4. Review Client Holdings and Fees Charged

A review of client holdings and fees charged ensures that portfolios are properly managed and clients are being charged correctly according to their fee schedule.

Whether your firm charges fees as a percent of assets under management (“AUM”) or a fixed rate subscription, you’ll want to consider regulatory rules as you review your records.

The SEC also recently released a risk alert regarding fee calculations, which your CCO will need to examine.

5. Review Cybersecurity Practices

Since 2015, the SEC has required that cybersecurity be included as part of an annual compliance review. This should include reviewing existing policies, implementing changes where necessary, staff training, and testing.

To reduce your cybersecurity risk and to meet regulatory requirements, you’ll want to take a proactive approach to protecting your firm’s and your clients’ digitally stored information. You can download a copy of our cybersecurity compliance checklist to get started.

6. Document the Meeting

Just as a meeting outline provides structure, meeting minutes can drive action while also offering evidence of your company’s commitment to compliance.

During your firm-wide compliance meeting, ensure you document the meeting agenda, compliance issues addressed, and any changes to your firm’s practices. Keep a copy of your meeting minutes in an organized and easily accessible place for future reference.

7. Identify and Assign Action Items

Once you’ve finished your annual review, it’s important to document all findings and identify action items that will be taken.

Focus first on your firm’s highest-risk areas, but be sure to address each compliance concern you’ve discovered. Identifying which specific employees will take action can also keep you on track for success.

For instance:

    • Who will handle updating policies?
    • Who will make changes to outdated documents?
    • Who will take the lead in sorting out identified conflicts of interest?
    • Who will oversee ensuring missing disclosures are added?
    • Who will handle tech-related issues?

Make sure you set a hard timeline and follow up to ensure each item is completed.

Learn More About Our Archiving and Review Solution

 

Topics: RIA Operations, RIA Compliance, RIA Technology

RIA in a Box LLC is not a law firm, investment advisory firm, or CPA firm. RIA in a Box LLC does not provide legal advice or opinions to any party or client. You should always consult your relevant regulatory authorities or legal counsel if applicable.

RIA Compliance & Practice Management

Stay up to date on the latest RIA compliance, operations, and technology topics.

Hear from industry experts as they keep you up to date on the latest regulatory developments and practice management topics.

Subscribe to Email Updates

Recent Posts

POSTS BY TOPIC

cta-ria-compliance

cta-ria-operations

cta-ria-technology