Outsourced CCOs to be named on Form ADV

Firms with an outsourced chief compliance officer could run a greater risk of SEC inspection, experts say

Private funds managers using third-party compliance teams may be at increased risk of a regulatory exam when new disclosure requirements are introduced later this year.

From October, outsourced chief compliance officers must be named on Form ADV, which is used by private fund managers to register with the Securities and Exchange Commission.

The agency said the requirement will help it to identify all advisors relying on a
particular service provider, and improve its ability to “assess potential risks” linked to using certain third-party compliance teams.

Compliance sources say this could increase the chances of firms that outsource the function being inspected, because the the SEC relies on a risk-based approach to determine whether it will examine a firm – the higher the risk rating, the more likely an exam will take place.

“I think that is true in part [that outsourcing will be perceived as a risk factor],” said Doug Cornelius, CCO at Beacon Capital Partners, “but it depends on the outsourcing itself. If the SEC sees a trend that a particular outsourcing firm is doing a bad job, it will certainly take a closer look at the advisors that use that outsourcing firm.”

Small firms are more likely to outsource to avoid having to increase staff, so the change could push them higher up the SEC’s examination hit list. Many of these firms turned to outsourcing as the SEC began to question the effectiveness of dual-hatting the CCO role with other functions such as CFO or COO, a tactic many had been using.

“[CFOs and COOs] may already have a full workload and/or lack the time or expertise to effectively administer the compliance program. This can lead to undetected issues and deficiencies if the registrant is examined by the regulators. It can also lead the regulator to question a firm's dedication to its compliance function,” Joseph DiBartolo, director at Alaric Compliance Services, told pfm.

The new disclosure requirement is the result of a 2015 investigation into 20 investment managers that fully outsourced the function. While the results were generally positive, the exams did identify three areas of contention, including “inconsistencies” when outsourced CCOs were representing a multitude of funds, fund managers not implementing suggestions put forward by outsourced CCOs, and, in the worst cases, the outsourced CCO being clueless about the firm’s activities.

“A CCO, either as a direct employee of a registrant or as a contractor or consultant must be empowered with sufficient knowledge and authority to be effective,” the SEC says.

At the time the agency recommended registered investment advisors with outsourced CCOs review their business practices to determine that their outsourced CCO is able to establish, implement, monitor and review an effective and robust compliance program.