The Dos and Don’ts of an SEC Examination (PDF-337kb)
The Dos and Don’ts of an SEC Examination Authors: Ildiko Duckor, Sarah A. Good, Corey Harris
This client alert also was published as a bylined article on Law360 on November 18, 2015.
The regulatory environment for SEC-registered advisers has become more complex as the result of a more aggressive and interconnected Securities and Exchange Commission (SEC). The connecting hub within the SEC is the Office of Compliance Inspection and Examination (OCIE), which serves as the “eyes and ears” of the SEC. The OCIE often is the first line of contact between an investment adviser and a potential referral to the SEC Enforcement Division’s Asset Management Unit (AMU), which is devoted exclusively to investigations involving investment advisers, investment companies, hedge funds and private equity funds.
The OCIE’s three main areas of focus for their 2015 exam priorities are (i) protecting retail investors, (ii) issues related to market-wide risks, and (iii) data analysis as a tool to identify registrants engaging in illegal activity.
Overlapping with the OCIE’s frontline examination role is the Compliance Program Initiative, which began in 2013 by sanctioning three investment advisers for ignoring problems within their compliance programs. The Compliance Program Initiative is designed to address repeated compliance failures that may lead to bigger problems. As such, any issues raised in a deficiency letter resulting from an examination are ripe for follow-up as the starting point of a subsequent examination. In the current regulatory environment—where violations of compliance policies and procedures can serve as the basis of enforcement actions—investment advisers and their compliance professionals need to pay close attention to the implementation, follow-through and updating of every aspect of their compliance program.
The “Dos” to consider before and during an SEC Examination
- Do invest in technology. Firms should regularly review their technology infrastructure—especially in the areas of record keeping, reporting and communications—to ensure they have the most effective tools available.
- Do anticipate downstream compliance and reporting impacts. When internal reporting changes are made or improved upon, firms should consider how those changes will impact their external reporting to ensure uniformity and accuracy.
- Do hire the appropriate compliance staff for the size and complexity of your operations. When thinking about the role of Chief Compliance Officer (CCO) and the relevant staff, keep in mind both the current and evolving needs of the firm with an eye toward the OCIE’s perspective as a regulator. For example, have your operations expanded or changed significantly since the compliance role was filled? If so, have the staffing levels and resources for the position been increased to meet the new demands?
- Do continuously improve upon your compliance policies and procedures. The investment environment is not static, and your firm’s approach to compliance should not be static, either. The notion of “set it, and forget it” is a thing of the past, and regulators are looking to see firms that have congruence between their policies and the scope of their current operations.
- Do ensure buy-in from the top down. Top management should serve as the lead in setting the culture of compliance in the firm. This means that the firm’s leaders through their actions and communication with their subordinates emphasize the importance of the compliance procedures to both the front office and back office operations of the firm. Your CCO should be part of top management and not subordinated to it in order to have sufficient clout top to bottom in the hierarchy of the organization.
- Do establish a dedicated contact in the event of an examination. Where an examination occurs, there should be a designated point person to coordinate with the OCIE throughout the entire examination process and serve as the facilitator to ensure a smooth and consistent examination process.
- Do treat the OCIE in a professional and courteous manner. It goes without saying, but we will repeat it nonetheless: “Treat others how you want to be treated.” There is sometimes a misperception that regulators are out to “get” a particular firm, which can lead to a hostile tone of interaction. In the event of an examination, it is important to remember that the SEC is filled with professionals who are doing their jobs with the utmost integrity, even if the firm ultimately disagrees with particular findings.
The “Don’ts” to consider before and during an SEC Examination
- Don’t take a defensive posture. At the beginning of an exam, firms should seek to establish a cooperative and non-combative tone with the examiners. As a general matter, taking a cooperative approach will create a smooth process for both parties. On the other hand, a hostile or combative approach not only lays the foundation for a cantankerous examination and gives the impression that the firm may have something to hide, it also paints the firm in a less-than-positive light.
- Don’t hide, evade or inundate the examiners with information. Some firms may take this approach as a way to force the examiners to find what they are looking for among the deluge of document production. However, this approach is counter-productive in the long run because it serves to both frustrate the examiners and extend the examination process. Extending the examination process often means examiners will be onsite for a longer period of time than would have been needed had the production of information been handled in a more thoughtful manner from the start, ultimately resulting in longer business disruption at the least. Firms also should not be evasive with examiners but should honestly and directly respond to requests for documents and information without unreasonable delay. Being evasive or non-responsive can raise a red flag that the firm has something to hide.
Read more: The Dos and Don’ts of an SEC Examination