The SEC’s Office of Compliance Investigations and Examinations released a risk alert covering examinations of fund transfer agents that also serve as paying agents. The sweep was conducted October 2014 through September 2017, and staffers looked into possible misappropriation of funds and assessed the TAs’ policies, procedures, and controls for paying agent activities. The risk alert highlights risks and issues associated with paying agent activities, identifies significant exam deficiencies related to the safeguarding of funds and securities, and provides a listing of some common features of robust safeguarding policies, procedures, and controls that may be helpful to fund directors in their oversight of third-party service providers. OCIE staff observed several deficiencies including: misappropriation of shareholder funds and the theft of physical certificates, and TAs keeping physical certificates in unsecured locations for long periods of time, resulting in the reissuance of those certificates to different shareholders. OCIE staff also observed that some TAs lacked adequate policies, procedures, and controls for the safeguarding of funds and securities and instances where TAs did not secure access to vaults, computers, and areas of the firm that handle disbursement operations. OCIE also highlighted robust policies on safeguarding physical securities, including the use of locked vaults to store certificates, restricted vault access to a limited number of personnel, and the use of video cameras throughout vault areas.