RIA Compliance and Practice Management Blog

SEC Risk Alert Identifies Most Common RIA Examination Deficiencies

Posted by RIA in a Box

Feb 8, 2017 8:50:30 AM

2017 SEC top RIA examination deficiency categoriesYesterday, the Securities and Exchange Commission ("SEC") Office of Compliance Inspections and Examinations ("OCIE") released a new National Exam Program Risk Alert identifying the five compliance areas most commonly cited in deficiency letters sent to registered investment adviser ("RIA") firms registered with the SEC . The OCIE is the SEC division which conducts examinations of registered investment adviser ("RIA") firms and this new list of top deficiencies can help investment advisers better prepare for a regulatory examination.  The risk alert focuses on deficiency letters from over 1,000 RIA audits conducted over the past two years. This latest SEC OCIE staff guidance also follows similar examination deficiency guidance provided by the North American Securities Administrators Association ("NASAA") in its 2015 RIA coordinated examination report.

Download our 2017 RIA Technology Landscape Infographic

The five areas with the most compliance issues identified by the SEC OCIE staff are:

  1. Rule 206(4)-7 (the “Compliance Rule”) under the Investment Advisers Act of 1940 (the “Advisers Act”)
  2. Required regulatory filings
  3. Rule 206(4)-2 under the Advisers Act (the “Custody Rule”)
  4. Rule 204A-1 under the Advisers Act (the “Code of Ethics Rule”)
  5. Rule 204-2 under the Advisers Act (the “Books and Records Rule”)

In the risk alert, the OCIE staff also provides additional guidance and observations related to typical audit deficiencies found in each of the five compliance areas:

  • Compliance Rule
    • Our recent blog post titled "Rule 206(4)-7 Continues to Cause Preventable RIA Compliance Issues" discusses many of the areas of weakness cited in the risk alert including:
      • Compliance manuals are not reasonably tailored to the adviser's business practices
      • Annual reviews are not performed or did not address the adequacy of the adviser's policies and procedures
      • Adviser does not follow compliance policies and procedures
      • Compliance manuals are not current
  • Regulatory Filings
    • The Form ADV is the primary filing document for all RIA firms. Despite much guidance provided on the proper completion of the Form ADV and the requirement to file an annual Form ADV amendment, it continues to frequently cause compliance issues for investment advisory firms. Such issues are often related to inaccuracies or failure to disclose conflicts. The most common deficiencies related to regulatory filings are:
      • Inaccurate disclosures
      • Untimely amendments to Form ADVs
      • Incorrect and untimely Form PF filings
      • Incorrect and untimely Form D filings
  • Custody Rule
    • Many firms fail to recognize that they may be deemed to have custody of client funds. Common scenarios which can lead to an RIA firm having custody include bill-paying services, check-writing authority, online login access to client accounts, serving as trustee, or serving as the general partner of a pooled investment vehicle ("PIV"). The most common deficiencies related to custody are:
      • Advisers did not recognize they may have custody due to online access to client accounts
      • Advisers with custody obtained surprise examinations that do not meet the requirements of the Custody Rule
      • Advisers did not recognize they may have custody as a result of certain authority over client accounts
  • Code of Ethics Rule
    • Proper implementation of a Code of Ethics is one of the key foundations of an RIA firm's compliance program. Firms need to ensure that the Code of Ethics is followed and fully implemented and also need to make sure that all relevant persons are properly identified as "access persons." The most common deficiencies related to the Code of Ethics are:
      • Access persons not identified
      • Code of Ethics missing required information
      • Untimely submission of transactions and holdings
      • No description of Code of Ethics in Form ADVs
  • Books and Records Rule
    • Every SEC-registered RIA firm is required to keep certain books and records. Investment advisory firms need to ensure that books and records are being regularly reviewed to identify and correct any information that is no longer accurate, contradictory, or may be missing. The most common deficiencies related to books and records are:
      • Did not maintain all required records
      • Books and records are inaccurate or not updated
      • Inconsistent recordkeeping

As RIA compliance consultants, we strongly recommend that the principals and Chief Compliance Officer of all investment advisory firms registered with the SEC, regardless if the firm has been recently examined or not, review the contents of this latest SEC RIA compliance risk alert. The official risk alert includes more detailed information on each of the most common deficiency areas identified during investment adviser audits.

Download Our Free How to Prepare for an RIA Regulatory Exam Checklist


Topics: RIA Compliance

RIA in a Box LLC is not a law firm, investment advisory firm, or CPA firm. RIA in a Box LLC does not provide legal advice or opinions to any party or client. You should always consult your relevant regulatory authorities or legal counsel if applicable.

RIA Compliance & Practice Management

Stay up to date on the latest RIA compliance, operations, and technology topics.

Hear from industry experts as they keep you up to date on the latest regulatory developments and practice management topics.

Subscribe to Email Updates

Recent Posts