On November 6, 2019, the Securities and Exchange Commission ("SEC") released its Division of Enforcement 2019 annual report which highlights the 862 enforcement actions pursued during its most recent fiscal year. This latest annual report shows continued focus from the SEC "on the Main Street Investor" and it seems likely that such focus is unlikely to change in the coming years. During the 2019 fiscal year, the SEC filed 526 stand alone enforcement actions, 210 follow-on administrative proceedings, and 126 enforcement actions related to delinquent filings.
Increased Enforcement Actions Against RIA Firms
Stand alone enforcement actions pursued against investment advisers or investment companies totaled 191 which represents a nearly 77% annual increase compared to the 108 stand alone enforcement actions filed in the 2018 fiscal year.
As seen in the recently released 2019 North American Securities Administrators Association ("NASAA") enforcement report which looks at enforcement activity at the state regulatory level, the number of registered investment adviser ("RIA") and investment company enforcement actions is increasing:
The increase from 108 to 191 standalone enforcement actions taken against RIA firms and investment companies represents a 76.9% annual increase.
Continued Focus on the Retail Investor: Share Class Selection Disclosure Initiative
A significant driver in this increase of enforcement actions against RIA firms is the 95 investment advisory firms that self-reported misconduct as a result of the Share Class Selection Disclosure Initiative which was launched in February 2018. According the the report:
Under the Initiative, the Division agreed to recommend standardized settlement
terms for investment advisory firms that self-reported failures to disclose conflicts of interest
associated with the selection of fee-paying mutual fund share classes when a lower- or no-cost
share class of the same mutual fund was available. The majority of these actions were brought in
March 2019, just over a year after we announced the Initiative, with the remainder brought in
Furthermore, the SEC's Office of Compliance Inspections and Examinations ("OCIE") staff has continually listed mutual fund share class selection and broader disclosure related to the costs of investing as a top examination priority in recent years highlighting the issue in its 2017, 2018, and 2019 top examination priority lists. It's evident that mutual fund share class selection is and will remain in the SEC spotlight. Any RIA firm in a position to choose between different share classes for its clients needs to fulfill its fiduciary obligation and continue to stay focused on ensuring proper regulatory compliance.
Continued Focus on Cyber-Related Misconduct
The report highlights examples of cybersecurity-related investigations that occurred in 2019 in which regulated entities did not have the proper cybersecurity infrastructure in place which resulted in enforcement actions or warnings by the SEC. Specifically, a Report of Investigation was released as a result of an investigation involving email compromises. According to the report, "While the Division ultimately did not recommend enforcement action, the Commission issued a report to caution issuers and other market participants that these cyber-related threats of spoofed or manipulated electronic communications exist and should be considered when devising and maintaining a system of internal accounting controls."
Although the enforcement report did not specifically cite examples involving RIA firms in cybersecurity-related investigations, the 2019 SEC OCIE staff also warned advisers that it would continue to focus on cybersecurity as an examination priority. As part of its 2019 top examination priority list, OCIE staff noted they will "emphasize cybersecurity practices at investment advisers with multiple branch offices, including those that have recently merged with other investment advisers, and continue to focus on, among other areas, governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response."
Be sure to check back soon as we continue to provide more detailed data and information on RIA regulatory compliance enforcement focus areas and trends. As always, the Chief Compliance Officer ("CCO") of every investment advisory firm needs to continue to ensure that compliance programs and are being designed and implemented to help prevent activity which could lead to potential enforcement action. In particular, CCOs should continue to pay close attention to new and emerging regulator focus areas.