The Office of Compliance Inspections and Examinations (OCIE) has provided a risk alert to SEC-registered investment advisers (RIAs) outlining the five compliance topics most frequently identified in deficiency letters issued to RIAs in the last two years. RIAs should take note of the deficiencies and weaknesses and review their compliance programs, business policies, and procedures and take necessary corrective actions to ensure compliance with the Investment Advisers Act of 1940 (Act) and its related rules.
1. Compliance Rule
Rule 206(4)-7 of the Act requires RIAs to adopt and maintain written compliance policies and procedures that are reasonably designed to prevent violations of the Act. The RIA must designate a compliance officer to administer such policies. OCIE has noted that some compliance manuals are not sufficiently tailored to the RIA’s business practices, compliance manuals are not current, annual reviews are not timely or sufficient, and there is a lack of compliance with the policies and procedures adopted by the RIA.
2. Regulatory Filings
Rule 204 of the Act requires certain regulatory filings, including but not limited to filing Form ADV and amending it at least annually, and Form PF. OCIE has noted various deficiencies related to forms being completed with inaccurate or incomplete disclosures, and being filed untimely.
3. Custody Rule
Rule 206(4)-2 of the Act specifically addresses “Custody of Funds or Securities by Investment Advisers” (Custody Rule). RIAs must comply with the Custody Rule if it, or its related persons, holds client funds or securities, either directly or indirectly, or has any authority to obtain possession or custody of them. OCIE has identified some of the typical weaknesses or violations of the Custody Rule:
- RIAs with online access to client accounts did not realize they had custody of client accounts and, therefore, did not comply with the requirements of the Rule.
- RIAs did not provide a complete list of client accounts over which they have custody to the accountant performing the surprise examinations.
- RIAs did not recognize that serving as a trustee to clients’ trusts or other positions of certain authority results in the RIA having custody over the clients’ accounts.
4. Code of Ethics Rule
Rule 204A-1 of the Act requires an RIA to adopt and maintain an “Investment Adviser Code of Ethics” (Ethics Rule). The Ethics Rule requires an RIA to adopt and maintain a code of ethics that includes establishing a standard for business conduct for the RIA’s supervised persons, requiring “access persons” to disclose personal security transactions and positions to designated persons on a periodic basis, and obtaining pre-approval of the RIA before investing in any initial public offering or private placement. An RIA must provide a copy of its code of ethics to supervised persons, obtain written acknowledgement of its receipt, and describe its code of ethics in Form ADV as well in brochures distributed to clients and potential clients.
OCIE noted several deficiencies in RIAs’ compliance of the Ethics Rule, including that access persons were not properly identified and the RIAs’ codes of ethics were missing pertinent information to comply with the Ethics Rule. In addition, OCIE noted a lack of description and inaccurate disclosures in RIAs’ Form ADVs as well as untimely filing of information required to comply with the Rule.
5. Books and Records Rule
Rule 204-2 of the Act requires that RIAs maintain certain books and records related to their advisory business. OCIE noted multiple deficiencies in compliance with this Rule, including RIAs that did not maintain all of the required records, such as incomplete books and records that were inaccurate or inconsistent with other records and schedules maintained by the RIA.
Read the complete risk alert.
Cohen & Company is not rendering legal, accounting or other professional advice. Any action taken based on information in this blog should be taken only after a detailed review of the specific facts and circumstances.