On November 2, 2018, the Securities and Exchange Commission ("SEC") released its 2018 enforcement report which highlights the 821 enforcement actions pursued during its most recent fiscal year. This latest annual report shows continued focus from the SEC "on the Main Street Investor" and it seems likely that such focus is unlikely to change in the coming years. During the 2018 fiscal year, the SEC filed 490 stand alone enforcement actions, 210 follow-on administrative proceedings, and 121 enforcement actions related to delinquent filings. Stand alone enforcement actions pursued against investment advisers or investment companies totaled 108 which represents a 31.7% annual increase compared to the 82 stand alone enforcement actions filed in the 2017 fiscal year. The SEC Division of Enforcement also notes that it has been forced to operate efficiently as total headcount for the division is down roughly 10% compared to the 2016 fiscal year. As such, the division has "paid careful attention to case selection, attempting to open and pursue investigations that are likely to have the most meaningful impact for investors and the markets."
Increased Enforcement Actions Against RIA Firms
As seen in the recently released 2018 North American Securities Administrators Association ("NASAA") enforcement report which looks at enforcement activity at the state level, the number of registered investment adviser ("RIA") and investment company enforcement actions is increasing:
Given the increasing number of SEC-registered RIA firms and increasing SEC RIA examination frequency, it's possible this trend may continue in future years. Since 2012, the number of SEC-registered investment advisory firms has increased 13.7% from 11,658 firms to 13,250 firms as of October 31, 2018. In addition, the volume of federally-registered investment adviser examinations has increased 117.0% from 974 audits conducted in the 2012 fiscal year to 2,114 audits performed in the 2017 fiscal year. However, it is important to note that the percentage of examined firms referred to the Enforcement Division has actually declined from 13% in the 2013 fiscal year to 7% in the 2017 fiscal year.
Focus on the Share Class Selection Disclosure Initiative
On February 12, 2018, as part of its focus on protecting the "main street investor," the SEC Division of Enforcement announced the Share Class Selection Disclosure Initiative ("SCSD Initiative"). As part of the initiative, RIA firms had until June 12, 2018 to self-report potential violations related to mutual fund share class recommendations. The 2018 report states "scores of investment advisers participated in the SCSD Initiative, which will result in charges against them."
This latest enforcement focus on mutual fund share recommendations follows a series of previous guidance issued by the SEC Office of Compliance and Inspections ("OCIE") including a July 13, 2016 risk alert noting "the staff will focus on the adviser’s practices related to share class recommendations and compliance oversight of the process." Furthermore, SEC OCIE staff has continually listed mutual fund share class selection and broader disclosure related to the costs of investing as a top examination priority in recent years including in 2017 and 2018.
Mutual fund share class selection is and will remain in the SEC spotlight. Any RIA firm in a position to choose between different share classes for its clients needs to fulfill its fiduciary obligation and continue to stay focused on ensuring proper regulatory compliance.
For a number of years, the SEC OCIE Division has continued to discuss its concern and focus on RIA information security which has included a series of cybersecurity-focused examination sweeps. These efforts have led the OCIE division to issue a series of risk alerts on February 3, 2015, September 15, 2015, and August 7, 2017. In addition, the OCIE Division has continually listed cybersecurity as a top examination priority in recent years including in 2017 and 2018.
While the SEC Enforcement Division notes it presently has "more than 225 cyber-related investigations ongoing," to date there have not been a large number of investment adviser cybersecurity-related enforcement actions. However, this is likely to change moving forward given the continued examination focus and large volume of ongoing investigations. In addition, the enforcement report notes that during the 2018 fiscal year, the SEC Enforcement Division took its "first action charging violations of Regulation S-ID, known as the Identity Theft Red Flags Rule, which is designed to protect customers from the risk of identity theft."
Be sure to check back soon as we continue to provide more detailed data and information on RIA regulatory compliance enforcement focus areas and trends. As always, the Chief Compliance Officer ("CCO") of every investment advisory firm needs to continue to ensure that compliance programs and are being designed and implemented to help prevent activity which could lead to potential enforcement action. In particular, CCOs should continue to pay close attention to new and emerging regulator focus areas.
RIA in a Box LLC is not a law firm, investment advisory firm, or CPA firm. RIA in a Box LLC does not provide legal advice or opinions to any party or client. You should always consult your relevant regulatory authorities or legal counsel if applicable.