SEC exam rundown: Hot exam deficiencies

There have been several recent reports that SEC examiners appear to be giving out more deficiencies. 'It was a book' was how one described a recent deficiency letter.

In June, Form CRS turns two years old, and like any precocious toddler, the form can get you into trouble if you’re not watching it closely.

When it comes to SEC exams, delivering a deficiency for not following the form’s basic rules—such as placing the latest version on your website and failing to provide all requested information—is easy pickings for examiners. This reality struck an adviser following a recent SEC exam.

FINRA, too, takes an interest in Form CRS compliance. A CCO at a dual registrant tells affiliate publication Regulatory Compliance Watch that the SRO slapped the firm with a deficiency during a recent exam over its Form CRS. One lesson is to ensure that you have documentation to support that existing, new and potential clients are receiving the document.

Documenting delivery a challenge

This can be a stern challenge when, for example, a rep meets a potential client on the golf course. One option before the CCO is developing the technology for a rep to send a potential client the form from her cell phone before teeing off.

A B-D discovered trouble in a separate recent exam when the firm’s Form CRS referred readers to additional disclosures on its website — yet the site lacked the promised information, says a compliance consultant. Her tip: Build a web page solely for Form CRS disclosures and provide that direct link on your form.

Another tip the consultant shares is to set up an e-mail folder “just for Form CRS.” First, be sure to have your clients consent to accept electronic delivery of disclosures. Then send them the Form CRS via that dedicated e-mail box with receipt of delivery “and you have everything” you need to prove they received it, she continues. “It records itself,” e.g., who sent it, when and to whom. The e-mail archive makes the records “easily findable,” she insists.

Also revise your compliance P&Ps to require reps to record the electronic delivery ahead of even a prospect meeting and send the Form CRS prior to the meeting, she recommends.

Tips for documentation

“In my experience, the SEC’s just fine with an Excel spreadsheet of name, address and date” along with the method of delivery to confirm receipt of Form CRS, says a second compliance consultant.

Be cautious about modest changes to your Form CRS. One adviser simply updated the date and SEC examiners faulted the firm for not sending the revised form to clients, the consultant states. He recommends you don’t change only the date on the form.

Add language to your advisory agreement permitting a client to acknowledge receipt of all disclosures, including forms ADV and CRS, the consultant advises.

An advisory firm CCO says that after its recent SEC exam the firm had to update its custody numbers on its Form ADV so as to include accounts that permit third-party SLOAs.

There have been several recent reports that SEC examiners appear to be giving out more deficiencies. “It was a book,” says one compliance consultant of the deficiency letter received by a client. It ran scores of pages.

One deficiency letter obtained recently by RCW reveals a B-D was cited for not having compliance P&Ps for Reg BI. Another chastised an adviser for the presence of a hedge clause in its advisory agreement.

Avoid hedge clauses

You would be wise to strip language similar to this if it appears in your agreements: “The Client shall hold harmless and indemnify IA from and against any and all losses, damages, claims, costs, actions, liabilities, suits, proceedings, settlements or expenses including, without limitation, any liabilities imposed or sought to be imposed on or claims asserted against such party, which the IA may incur or suffer in connection with the performance of its obligations under this Agreement.”

A deficiency letter from a third adviser’s recent SEC exam reprimanded the firm for compliance P&Ps that lacked “specificity” for allocations and adhering portfolios to investor objectives.

Priorities vs. experiences

While you can certainly gain guidance on what you may run into on exams from the Division of Examinations’ annual exam priorities, nothing beats the recent experiences of your peers.

One exhorts you to read the SEC’s directions for calculating your firm’s RAUM—and to document your process. Should you permit courtesy accounts (e.g., a long-time client’s child’s account isn’t charged a fee), open a separate master account so you can segregate the unmanaged courtesy accounts, the source conveys.

Issues that arose in a recent advisory exam encouraged the firm to do more in-depth oversight of index providers and fund sponsors, which rankled the CCO. “They’re really trying to regulate through examinations instead of creating rules that would require index providers to register,” the CCO says.

Fees and expenses

A CCO at another advisory firm says that SEC examiners sought to dig deeply into the firm’s expenses by asking to interview administrative assistants and others who process travel reimbursements to make sure that the employees understood the firm’s policy limits.

Another issue to be aware of is tracking changes various staffers make to side letters and LPA provisions. “It’s hard to document” this, notes a CCO because the papers pass through many “different groups in the company.” There’s a risk that compliance may not be apprised of all changes made.

Given examiner interest in the topic, the CCO created a spreadsheet for staff to initial any changes they made. “It’s one more step for everybody to take in an already busy world,” the CCO adds.

Other recent exam deficiencies centered on valuation of products like variable annuities and REITs and even limited partnerships. Be careful if you disclose that products will be valued at the “market price” if you can’t reasonably determine a market price. Too many advisers err by quoting the highest available price even when it’s unrealistic. A compliance consultant stresses you should be taking the lowest value found in a range of prices or expect to witness examiners’ ire.

Here are other tidbits arising from your peers’ recent exam experiences:

      • Add some detail in your compliance P&Ps about reviews you do. Being too vague can lure examiner attention—and trigger a deficiency.
      • Probe your third-party service providers around their use of MNPI and be sure your P&Ps explain “what it is that we’re doing” in this regard, notes a CCO.
      • Know that if you’re a trustee, you have custody in the SEC’s eyes.
      • Update your compliance manual to avoid embarrassments, such as citing the responsibility of an employee who is no longer with the firm.
      • Search your compliance manual if you’re with a B-D or a dual registrant to replace the word “suitability” with “best interest” given Reg BI.
      • Periodically investigate claims made on websites for funds that you manage. Test them for accuracy, especially older claims to ensure they continue to be valid.
      • Have a succession plan. This is especially true for smaller advisers. Examiners “want to see in your business continuity plan or disaster recovery what’s going to happen if the principals get hit by a bus,” says one compliance consultant about a client’s exam.