In 2022, the Securities and Exchange Commission (SEC) sought fines and damages totaling over $6.4 billion for regulatory failings. In response, the commission released multiple risk alerts advising registered investment advisers (RIA) on common deficiencies and notices of examination. In this blog, we’ll recap the top SEC risk alerts from 2022 to help your firm prepare for potential examination focus areas in 2023.
Top 2022 SEC risk alerts
The SEC’s Dec. 5 risk alert noted deficiencies in qualified firms’ compliance with Regulation S-ID, which mandates the creation and maintenance of an identity theft protection program. According to the SEC, “EXAMS staff identified practices that are inconsistent with the objectives of Regulation S-ID, which may leave retail customers vulnerable to identity theft and financial loss.” This included:
- Failure to identify covered accounts.
- Establishment of the Program.
- Required elements of the Program.
- Administration of the Program.
On Sept. 19, 2022, the SEC advised RIAs of its intention to include review areas focused on the new Marketing Rule, which took effect on Nov. 4, 2022, in upcoming exams. Included in this risk alert, the SEC distinguished critical areas of note, which they plan to address during said exams. This included:
- Updated and implemented policies and procedures designed to reflect the new rule.
- Whether or not advisers can meet substantiation requirements for any material claims made in advertisements.
- A review of all performance advertising requirements to ensure it does not include prohibitions.
- Adherence to all amendments regarding the Books and Records Rule.
The SEC’s Apr. 26, 2022 risk alert highlighted deficiencies regarding Section 204A of the Investment Advisers Act of 1940, which specifies investment advisers must establish, maintain and implement policies and procedures to prevent the misuse of potential material non-public information (MNPI) by the adviser or any relevant persons identified as "access persons.”
Key deficiencies included the failure to adopt or implement reasonably designed policies and procedures to address the following:
- The risks associated with obtaining or using MPNI from alternative data sources
- Risks related to the access of MPNI by "value add investors", such as directors or officers at a public company.
- Communications with expert network consultants who may obtain MNPI or be related to publicly traded companies.
Additionally, the SEC noted deficiencies in regard to the adviser’s Code of Ethics, which included properly identifying and supervising access persons, and said persons making investments without pre-approval.
On Jan. 27, 2022, the SEC released a risk alert noting key deficiencies found in examinations of RIAs which manage private equity funds or hedge funds. The deficiencies were categorized into four main areas of focus, including:
- Conduct inconsistent with material disclosures.
- Misleading disclosures regarding performance and marketing.
- Failure to conduct a reasonable investigation into an investment, to follow the due diligence process described to clients or investors and to adopt and implement reasonably designed due diligence policies and procedures.
- Potentially misleading hedge clauses.
RIA in a Box LLC is not a law firm, investment advisory firm, or CPA firm. RIA in a Box LLC does not provide legal advice or opinions to any party or client. You should always consult your relevant regulatory authorities or legal counsel if applicable.