New Patterns Appearing in SEC Exams
When sworn in as Chairman on May 2017, Jay Clayton was expected by many to usher in a period of significant adjustment at the Securities and Exchange Commission (SEC), particularly around exams and enforcement. But activity over the past year does not match those expectations as the Office of Compliance Inspections and Examinations (OCIE) continues to increase the number of inspections it conducts year-over-year with more than 2,000 RIA audits conducted in 2017. The 2018 exam priorities also show a continual focus on protecting the retail investor.
Discussions with clients and Regional OCIE Directors indicated that patterns are starting to appear in the regulator’s approach to exams, in the ways firms are selected for examination, and in the manner in which regulators conduct their examinations.
Timing of exams – The SEC continues to evolve the way it conducts exams by using a wider variety of exam formats and driving exam structure through technology-aided analysis. For example, over the past year, examiners have utilized unannounced exams and so-called “new registrant calls,” which are high level telephone calls that enable the SEC to become familiar with a firm and identify potential issues in a more expeditious manner. Correspondence exams have also been introduced, which are quicker than traditional in-person exams and are focused on understanding the compliance culture at firms.
This also means that long gone is the traditional notion of “the exam,” which historically meant that request letters and the like that were sent to firms were more cookie-cutter in nature. Over the past several years, the SEC’s examination framework has been superseded by a range of different exam initiatives (e.g., use of Presence Exams, the SEC’s Never-Before-Examined Initiative, as well as a host of sweep exams). Generally speaking, the focus of any given examination is likely to be more targeted to a specific area or two. These areas are often driven by the nature of the firm and the risks inherent to their business.
Selection of firms to examine – These new types and timings of exams are the result of a change in approach at the SEC. Over the years, the SEC has worked to apply new technology to sift through vast quantities of data. One example is analysis of trade blotter data to identify potential insider trading or front-running. Another is the automated analysis the SEC performs on Form ADV and PF filings, where searches may alert staff to potential issues or inconsistencies at firms. When it comes to exams, the new data collection, aggregation and analysis process gives the SEC the ability to analyze more deeply each firm’s risks and be better able to identify specific issues they would like to address when they do directly engage with firms. Overall, these changes in examination strategy by the regulator means exams are now more focused, with examiners often turning up at an individual firm with areas of concern that they wish to address.
Enforcement approach – Firms could potentially expect less “rulemaking via enforcement” under the Clayton chairmanship, and a refocusing on more “meat and potatoes” enforcement practices. More and more, many findings letters do not specifically note that a violation has occurred, but the examiner may make a recommendation as to how the compliance program can be further enhanced. An example could be where the examiner finds that an adviser is handling a compliance issue well – such as, obtaining CCO sign off for all new advertising materials – but that the advisor has not memorialized the process in an official policy. Another example could be where a compliance manual is not sufficiently tailored to the way the firm operates in a specific area.
The focus on protecting retail clients is also expected to increase, which could mean private fund managers will experience slightly less regulatory attention. However, firms should not assume that because they are not in the “retail” space in the traditional sense that certain priorities do not apply. If firms have pension funds or other clients whose ultimate customer is in retail, they should review the priorities as well.
Good overall preparation in advance by firms is essential to exam success. Firms need to ensure that they generate the right documentation around their compliance processes. Getting the basics right matters – firms should ensure that not only are employees following compliance policies and procedures, but that they are able to easily evidence the procedures being followed. Policies and procedures documentation should be reviewed regularly and updated as needed – with an eye toward capturing the firm’s material risks and conflicts and reflecting current trends in the industry.
To help jump-start this process, firms may wish to consider engaging in a mock exam. A mock exam can help compliance teams evaluate their ability to provide required information and respond to SEC inquiries in the event of an actual audit. Mock exams can also help identify gaps in a firm’s compliance framework, particularly in areas of SEC examination focus.
Firms should also consider how they will address compliance issues and violations they have encountered with regulators during an audit. In many cases, a firm that is up front in providing information on issues uncovered may have better credibility with an SEC examiner and therefore foster a better relationship with examiners than if examiners uncovered those issues themselves.
While the SEC’s exam priorities may be largely the same again this year, it’s not an excuse for firms to rest on their laurels. There are a range of areas in which firms should be exploring the robustness of their compliance approach, through testing, documentation, and mock exams.