In a March 12 address before the 2009 IA Compliance Best Practices Summit, Lori A. Richards, Director of the SEC's Office of Compliance Inspections and Examinations, urged CCOs to "step up" to reinforce and strengthen their firm's Culture of Compliance.
Your role as Chief Compliance Officers and compliance personnel could not be more important than at this moment. While our oversight system needs strong and tough regulators, no regulator can be in the room when firm employees make decisions and choices that will impact investors. That's where having a "Culture of Compliance" that emphasizes doing what's right is so critical. You can step up to reinforce and to strengthen your firm's Culture of Compliance now.
Richards highlighted some steps she recommends advisory firms take "to help assure that the conduct of the firm and its employees meets standards owed to advisory clients, and that the firm is truly preventing problems, misdeeds and misconduct in the first place."
First on Richards' list was to review the firm's compliance program all SEC-registered investment advisers are required to have in place. Constant improvement and refinement of a firm's compliance program will help keep it "evergreen." To help maintain an evergreen compliance program, Richards urged a "thorough and careful review of new compliance risks due to changes in the firm's business, its structure, its products, its service providers or other changes is critical — to assure that the compliance program is "square on" today's compliance risks."
In particular, Richards elaborated on four areas that deserve a fresh look at investment advisory firms:
1. Disclosure: Is the firm disclosing its activities and conflicts of interest in a way that is fully consistent with its obligations as a fiduciary?
I suggest that advisory firms conduct a review of their existing practices – and match those against disclosed practices. For example, are you disclosing accurate and complete information regarding:
- conflicts of interests created by business arrangements or affiliations?
- compensation arrangements with solicitors, finders, or other service providers?
- fees paid by clients to the firm or affiliates and the services provided for such fees? and
- the use of client commissions to pay for products and services?
2. Custody: Have you confirmed that advisory clients' assets are safe?
The ultimate goal is to attain a high level of confidence that the transactions and portfolio positions reported to clients by the adviser fully and fairly reflect actual investments and transactions made by the adviser. You should be taking similar steps. Let me outline steps that you might take:
- Obtain custodian statements from the custodian. Compliance personnel could request that the custodian for each (or a sample of) advisory clients provide a copy of the most recent statement that the custodian sent to clients.
- Compare custodian statements with advisory records. Compliance personnel could then compare transactions and portfolio positions on the custodian statements with the adviser's books and records for consistency. And, compliance personnel could also compare the names and addresses of clients as shown on the custodian statements to the names and addresses of clients as maintained by the adviser – as a check to see if custodian statements are being sent to advisory clients.
- Review the adviser's reconciliation process. Compliance personnel could review any routine reconciliation process used by the adviser and the documentation of that reconciliation (e.g., for the same period covered by the custodian statements obtained from custodians).
- Take additional steps to confirm assets when custody is with the adviser or an affiliate. When advisory clients' assets are in custody with the adviser or an affiliate, compliance personnel should consider the risk of theft, and/or falsified transactions or account balances reported to clients. In these situations, consider obtaining confirmations of trades or holdings higher up in the custody chain — from entities that are independent of the adviser (e.g., prime brokers, depositories or counterparties of OTC derivative positions). After obtaining this information, compliance personnel could reconcile these transactions or holdings to the positions held by advisory clients.
- Review client account statements sent by the adviser. Compliance personnel could also consider periodically reviewing account statements sent to clients by the adviser to ensure that the transactions and positions reported and the names and addresses of clients are consistent with reports of the custodian.
3. Performance Claims: Are you certain that they are accurate?
This is an area too where SEC examiners often find problems. These problems range from errors in performance calculations due to carelessness to intentional deception. Among the problems are:
- Overstating the firm's performance returns, assets under management, or length of operation;
- Not including the disclosures necessary to prevent the performance claims from being misleading (e.g., firms did not disclose whether results reflected dividends, did not disclose differences with an index used to compare the adviser's performance); and
- Inappropriately including or excluding information or data in composites (i.e., such as advertising past specific recommendations).
Given the importance of providing accurate performance information, some advisers retain an outside firm to verify their performance claims. This is a best-practice. Other strong practices include:
- Using greater care when crafting performance composites for marketing materials. Firms should review client account holdings and verify that each account is appropriate for inclusion in a composite, including sector and security concentrations; compare client account asset levels to composite asset minimums; review accounts that are excluded from composites to ensure that reasons for the exclusion are adequate and documented; and periodically review composite disclosures to ensure the information reported is accurate.
- Conducting special tests to ensure that complete records with respect to marketing and performance advertisements are kept. Firms should periodically test recordkeeping practices to ensure that all documents necessary to substantiate advertised performance are being appropriately created and retained.
- Establishing procedures to periodically review marketing materials to make sure the information reported is truthful and not misleading. In particular, when an adviser asserts that its composite performance claims are consistent with GIPS standards, that statement must in fact be accurate.
4. Resources: Does your compliance program have adequate resources to do the job? Can it leverage off of other functional groups?
At the SEC, many of us have cautioned against making resource reductions to compliance programs that could undercut their effectiveness.
. . .
If a lack of resources undercuts the CCOs ability to perform an effective review, or undercuts the effectiveness of their implementation, the CCO should include this information in the CCO's annual report or other indication of the annual review.
. . .
Also, consider alternative ways to better target resources towards monitoring firm activities that pose the greatest risk for harm to investors.
. . .
Consider also investments in technological resources for front-end compliance and for monitoring. Those firms that invested in technology are seeing their investment pay off now, but new investments in technology may save money in the long run if they help firms to detect and correct or avoid compliance problems altogether.
The full text of Ms. Richards' March 12, 2009 address is available at: http://www.sec.gov/news/speech/2009/spch031209lar.htm