Each week we’re giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser ("RIA") compliance and regulatory issues. This week's recap focuses on Form CRS disclosure issues, the newest risk alert from the Securities and Exchange Commission ("SEC") on cybersecurity, and the impact COVID-19 has had on succession planning. Here's our top investment adviser compliance articles for the week of September 11th, 2020:
1. Brokerages push to extend delay of on-site inspections (Author – Mark Schoeff Jr., InvestmentNews)
The Financial Industry Regulatory Authority Inc. (“FINRA”) has considered extending the deadline for 2020 onsite inspections to March 31, 2020. The proposal states, “Finra emphasizes that this extension of time does not relieve firms from the on-site inspection requirement of branch offices and non-branch locations currently prescribed by the rule.” However, the Securities Industry and Financial Markets Association (“SIFMA”) believes that even with the new deadline extension, it will be impossible to complete all 2020 onsite inspections by next March. Kevin Zambrowicz, SIFMA managing director and associate general counsel said, “it will be virtually impossible to complete the 2020 on-site branch inspection cycle by the revised March 31, 2021, deadline due to the continuing and increasing operational challenges, travel restrictions, health and safety risks, and uncertainties presented by the COVID-19 pandemic.”
2. What’s Causing Disciplinary Disclosure Failures on Form CRS? (Author – Patrick Donachie, WeatlhManagement)
With the Form CRS deadline in the rearview mirror, it is becoming apparent that some firms may have been dishonest or failed to properly provide certain information. The Wall Street Journal has found that “as many as 20% of firms who reported on their forms they had no previous disciplinary incidents actually did.” Many in the industry feel that these are honest mistakes rather than firms trying to hide certain information. Max Schatzow, an attorney and author of the investment adviser blog AdvisorCounsel, said, “The instructions to Form CRS are pretty straightforward; there’s not a ton of wiggle room there. I don’t think a lot of these firms intentionally made omissions, but they probably work with compliance professionals, and got a form or template document, said it looks good, and said to go ahead and file it. That’s probably the most likely situation for firms that had incorrect disclosures.”
3. Small RIAs Delay Succession Planning During Pandemic: DeVoe Survey (Author – Mark Schoeff Jr., InvestmentNews)
Mark Shoeff Jr. dives deeper in the survey published by DeVoe & Co., and RIA consultant and investment bank. The survey found that “7% of firms plans to delay the handover of their operations to the next generation of leaders”, in their latest survey of 128 RIA firm owners, principals, and executives. Shoeff Jr. says, “about 90% of advisers surveyed said the lack of succession planning is a major problem for the sector,” and COVID-19 has only made that more obvious. The study says,” COVID was a shot across the bow for any advisory firm that is operating without a succession plan. We now live in a world where going into the office can be a life or death decision. The increasing realization of the magnitude of this succession problem is good for the future of the industry. A silver lining is that COVID will likely drive more RIAs to take action.”
4. SEC Warns of Rise in ‘Credential Stuffing’ Cyberattacks (Author – Melanie Waddell, ThinkAdvisor)
The Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) has issued a risk alert that warns about the increase in cyberattacks among financial advisors. Cyber attacker’s newest tactic is ‘credential stuffing’, which is when “bad actors target client accounts via compromised client login credentials and can result in loss of customer assets and unauthorized disclosure of personal information,” Melanie Waddell explains. The OCIE risk alert provides further explanation, “Cyber attackers obtain lists of usernames, email addresses and corresponding passwords from the dark web. Then they use automated scripts to try the compromised usernames and passwords on other websites, such as a registrant’s website, in an attempt to log in and gain unauthorized access to customer accounts.” The alert also suggests that firms update their password policies “to incorporate a recognized password standard”.
5. SEI Wealth Platform Adds Integration with RIA in a Box (Author – Samuel Steinberger, WealthManagement)
Samuel Steinberger discusses the integration of the SEI Wealth Platform and RIA in a Box’s MyRIACompliance platform and how clients who utilize both platforms will benefit. “Joint clients of the two services will be able to automate their compliance and registration processes and facilitate filings like Form ADV and Form CRS. Advisors using the two services will also be able to view up-to-date AUM figures, through data custodied at SEI. The partnership automates some instances of data entry, too”, Steinberger explains.
Don't forget to check out last week's top RIA compliance news articles that focuson RIA in a Box's integration with the SEI Wealth Platform, COVID-19 cyber threats, and feedback the Department of Labor ("DOL") received on the fiduciary rule replacement.