SEC Staff Issues Risk Alert on Compliance Topics Frequently Identified in Deficiency Letters to Investment Advisers

Practical Law Legal Update w-005-9415 (Approx. 6 pages)

SEC Staff Issues Risk Alert on Compliance Topics Frequently Identified in Deficiency Letters to Investment Advisers

by Practical Law Corporate & Securities

Compliance Rule

Under the Compliance Rule, an investment adviser may not provide advice to clients unless the adviser:

Adopts and implements written policies and procedures reasonably designed to prevent violation, by the adviser and its supervised persons, of the Advisers Act and the rules that the SEC has adopted under the Advisers Act.
Reviews, no less frequently than annually, the adequacy of its policies and procedures, and the effectiveness of their implementation.
Designates a chief compliance officer responsible for administering the compliance policies and procedures that the adviser adopts.

The risk alert sets out the following deficiencies or weaknesses typically identified by the staff in connection with the Compliance Rule:

Compliance manuals were not reasonably tailored to the adviser's business practices. The staff noted that:
- certain compliance programs did not take into account important individualized business practices such as the adviser's particular investment strategies, types of clients, trading practices, valuation procedures, and advisory fees; and
- some advisers use "off-the-shelf" compliance manuals that have not been tailored to the adviser's individual business practices.
Annual reviews were not performed or did not address the adequacy of the adviser's policies and procedures. The staff:
- observed that certain advisers did not conduct annual reviews of their compliance policies and procedures, as required by the Compliance Rule;
- identified advisers whose annual reviews did not address the adequacy of the advisers' policies and procedures and the effectiveness of their implementation; and
- observed that advisers did not address or correct problems identified in their annual reviews.
Adviser did not follow compliance policies and procedures. The staff also noted that certain advisers appeared to not be following their compliance policies and procedures. Examples include advisers that:
- did not perform certain internal reviews of their practices required by their compliance manual; and
- did not adhere to certain practices relating to marketing, expenses, or employee behavior required by their compliance manual.
Compliance manuals were not current. The staff noted that certain compliance manuals contained information or policies that are no longer current, such as:
- investment strategies that were no longer pursued;
- personnel no longer associated with the adviser; and
- stale information about the firm.

Regulatory Filings

Filing requirements for investment advisers include:

Rule 204-1 under the Advisers Act, which requires advisers to amend their Form ADV at least annually, within 90 days of the end of their fiscal year, and more frequently, if required by the instructions to Form ADV.
Rule 204(b)-1 under the Advisers Act, which requires advisers to one or more private funds with private fund assets of at least $150 million to complete and file a report on Form PF.
Rule 503 under Regulation D of the Securities Act, which generally requires issuers to file a Form D. Advisers typically file Form Ds on behalf of their private fund clients, and the form must be filed no later than 15 calendar days after the first sale of securities in the offering of a private fund.

The risk alert sets out the following deficiencies or weaknesses typically identified by the staff in connection with adviser regulatory filing obligations:

Inaccurate disclosures. The staff observed that some advisers made inaccurate disclosures on Form ADV Part 1A or in Form ADV Part 2A brochures, such as inaccurately reporting:
- custody information;
- regulatory assets under management;
- disciplinary history;
- types of clients; and
- conflicts.
Untimely amendments to Form ADVs. The staff also observed that some advisers did not:
- promptly amend their Form ADVs when certain information became inaccurate; or
- timely file their annual updating amendments.
Incorrect and untimely Form PF filings. The staff observed that certain advisers with an obligation to file Form PF did not complete the form accurately or completely.
Incorrect and untimely Form D filings. The staff observed that certain advisers did not accurately complete and timely file Form Ds on behalf of their private fund clients.

Custody Rule

Advisers with custody of client cash or securities must comply with the Custody Rule, which contains a number of requirements designed to enhance the safety of client assets by protecting them from unlawful activities or financial problems of the adviser.

The risk alert sets out the following deficiencies or weaknesses typically identified by the staff in connection with the Custody Rule:

Advisers did not recognize that they may have custody due to online access to client accounts. An adviser's online access to client accounts may meet the definition of custody when that access provides the adviser with the ability to withdraw funds and securities from the client accounts. The staff observed that certain advisers may not have properly identified custody as a result of them having access to online accounts using clients' personal usernames and passwords.
Advisers with custody obtained surprise examinations that did not meet the requirements of the Custody Rule. The staff observed that:
- certain advisers did not provide independent public accountants performing surprise examinations with a complete list of accounts over which the adviser had custody; or
- certain advisers did not otherwise provide information to accountants to permit the accountants to timely file accurate Form ADV-Es.
- surprise examinations may not have been conducted on a "surprise" basis (for example, if exams were conducted at the same time each year).
Advisers did not recognize that they may have custody as a result of certain authority over client accounts. The staff observed that certain advisers did not recognize that they may have custody over client accounts:
- as a result of having (or related persons having) powers of attorney authorizing them to withdraw client cash and securities; and
- when advisers or their related persons served as trustees of clients' trusts or general partners of client PIVs.

Code of Ethics Rule

The Code of Ethics Rule requires an adviser to adopt and maintain a code of ethics, which must:

Establish a standard of business conduct that the adviser requires of all its supervised persons.
Require an adviser's "access persons" to periodically report their personal securities transactions and holdings to the adviser's chief compliance officer or other designated persons.
Require that access persons obtain the adviser's pre-approval before investing in an initial public offering or private placement.

Advisers must also:

Provide each supervised person with a copy of the code of ethics and any amendments.
Require their supervised persons to provide them with a written acknowledgement of their receipt of the code of ethics.
Describe the code of ethics in their Form ADV Part 2A brochure and indicate that the code is available to any client or prospective client on request.

The risk alert sets out the following deficiencies or weaknesses typically identified by the staff in connection with the Code of Ethics Rule:

Access persons not identified. The staff observed that some advisers did not identify all of their access persons (for example, certain employees, partners, or directors) for purposes of reviewing personal securities transactions.
Codes of ethics missing required information. The staff also noted that certain advisers' codes of ethics did not:
- specify review of the holdings and transactions reports; or
- identify the specific submission timeframes.
Untimely submission of transactions and holdings. The staff observed that certain access persons submitted transactions and holdings less frequently than required under the Code of Ethics Rule.
No description of code of ethics in Form ADVs. In addition, the staff observed that certain advisers did not:
- describe their codes of ethics in their Part 2A of their Form ADVs; or
- indicate that their codes of ethics are available to any client or prospective client on request.

Books and Records Rule

Under the Books and Records Rule (Advisers Act Rule 204-2), advisers must make and keep certain books and records relating to their investment advisory business, including typical accounting and other business records. The risk alert sets out the following deficiencies or weaknesses typically identified by the staff in connection with the Books and Records Rule:

Did not maintain all required records. The staff observed that certain advisers may not have maintained all the books and records required by the Books and Records Rule, such as:
- trade records;
- advisory agreements; and
- general ledgers.
Books and records were inaccurate or not updated. The staff observed that certain advisers had errors and omissions in their books and records, such as inaccurate fee schedules and client records, or stale client lists.
Inconsistent recordkeeping. The staff observed that certain advisers maintained contradictory information in separate sets of records.

To learn more about the regulatory obligations of investment advisers under the Advisers Act, see Practice Note, Investment Adviser Regulation: Overview.

SEC Staff Issues Risk Alert on Compliance Topics Frequently Identified in Deficiency Letters to Investment Advisers | Practical Law