What to Expect from Electronic Communications Exam Requests
A look at what the regulators are asking for and considerations for production
SEC examinations of Registered Investment Advisers are on the rise. The SEC Fiscal Year 2018 Congressional Budget Justification indicates that the estimated percentage of investment advisers examined in FY 2017 and FY 2018 is 13%, up from 10% and 11% in 2015 and 2016, respectively. We have also seen increased regulatory scrutiny around advisers’ use of electronic communication, as evidenced by recent request letters sent by SEC’s Office of Compliance Inspections and Examinations (“OCIE”). Naturally, advisers are starting to see more and more electronic communications requests during routine compliance examinations.
We generally have seen requests for electronic communications falling into a number of categories:
- All communications related to particular compliance areas (i.e. valuation of a particular security, communications around a specific portfolio trade, determination of AUM during a specified period, etc.)
- All communications sent to or from a particular employee or employees of the adviser during a specified period
- All communications with a particular client or underlying investor
Requests we have seen generally cover a two-year time frame and many explicitly request email and “IM communications” or communications on a third party’s email system (e.g. Bloomberg, AOL, Google, etc.). It is also not uncommon for requests to include outlook calendars from the applicable time period in conjunction with the requested communications.
Upon receipt of a document request list, advisers need to immediately jump into action to (i) extract relevant communications per the request, (ii) create a privileged communication log and extract any applicable communications from the export, to the extent applicable, and (iii) determine if the adviser will be requesting confidential treatment under the Freedom of Information Act (“FOIA”) as it relates to the document production.
- Extract relevant communications per the request. Many archiving platforms give advisers the ability to create custom exports based on specific criteria. Advisers should either manually export or work with their archiving service provider to export the communications requested by the SEC. Firms should be able to utilize the filtering capabilities to extract the relevant communications. For this reason, it is of utmost importance that a firm is capturing all forms of business communications, including any relevant IM services, social media messages, or text messages, which may fall inside the scope of the regulator’s requests.
- Create a privileged communications log. Prior to the provision of any documents or communications, advisers should review the documents for responsiveness and privilege. Firms may want to review the information within the communications in order to anticipate questions upon provision to the SEC. Additionally, any communications that are withheld on the basis of privilege will need to be identified in a privilege log, which must be produced to the examiners. Firms should consider proactive measures to be able to more easily identify privileged communications in the case of an examination. This can include (i) developing standards for labeling privileged email communications in the subject or text, and (ii) setting privilege “rules” within the archiving platform so they can easily be excluded upon extract. Regardless of these measures, however, firms must still review these excluded communications and provide a log to the staff identifying the communications and the grounds on which privilege is claimed.
- Coordinate FOIA requests and Bates-stamping. Firms should consider requesting confidential treatment of any documents produced which are not otherwise public in accordance with SEC Rule 83, 17 CFR Sect. 200.83, which provides a procedure by which persons submitting information may request that it be withheld when requested under FOIA. Generally, firms submit a request under FOIA as part of the initial request response, and Bates-stamp any documents provided in conjunction with the examination. Often times, the SEC will request email communications in an Outlook Data File (.pst). In order to comply with the request, many firms upload both a .pst file as well as corresponding Bates-stamped PDFs of all individual communications. Many Bates-stamping providers have the ability to convert each communication into a .PDF, with attachments following the parent document as an additional .PDF, or otherwise can merge the original communication and its attachments into a single .PDF file.
Other Practice Tips:
- If a communications request seems atypically burdensome, advisers should consider reaching out to the staff to request to limit the scope, or to alert to any potential delays.
- The process for Bates-stamping large communication exports can take a considerable amount of time. Advisers should coordinate with a provider as soon as practical upon receiving a request to ensure documents are provided within applicable deadlines.
- Firms should proactively review emails in preparation for an examination. See here for practical considerations related to electronic communications monitoring.
- Employees should be trained on proper use of electronic communications to avoid unnecessary scrutiny. Additionally, advisers should ensure that the platforms utilized to retain communications are functioning as they should on a periodic basis to avoid complications in the event of an examination.
As OCIE’s examinations of RIAs continue to gain speed and scrutiny around electronic communications intensifies, advisers should be prepared to produce firm communications during an inevitable examination.