Here's a new twist for SEC examinations.
Been audited recently? If not, you may not be aware of subtle shifts and additions to the SEC's RIA Document Request List. That's the list of items SEC officials will fax an advisor after they call to notify him or her that they intend to conduct an on-site audit.
"What is taking a lot of advisory firms by surprise is the risk management assessment items on the SEC's list. Their reaction is usually, 'Hmmm, guess they're serious about this,'" says Beth Dickinson of Dickinson Regulatory Alliance and Advisor Backoffice Solutions,
According to the spring issue of Compliance Update, the quarterly client newsletter produced by the Princeton, N.J., law firm of Stark & Stark, RIAs should also be concerned with the list's "one size fits none" quality in that it requires the production of items that many advisors will find unfamiliar or inapplicable to their circumstances, not to mention items about which the Investment Advisor Act is silent.
"For example, firms that do not have performance fee arrangements might be asked about performance fees, or firms that don't have affiliated funds might be asked about affiliated funds," says Oren Chaplin, associate and a member of Stark & Stark's Securities Practice Group.
Nevertheless, states Compliance Update, RIAs are well advised to comply with these requests rather than face the possibility of longer, more frequent SEC inspections.
Compliance Update goes on to note that investment advisors are used to thinking about investment and portfolio risk, but what the SEC is talking about is operational and compliance risk. Explains Chaplin, "An SEC examiner might want minutes substantiating that a risk committee meeting was held, or might want to see the advisor's standard operating procedures for risk identification and assessment."
The list allegedly requires the advisor to produce a matrix or spreadsheet showing his or her standard operating procedures for the risk assessment process. Indeed, on a copy of a recent SEC audit list obtained by this author titled "Investment Adviser Examination--List of Books and Records Requested for Review," item A3c states: "Provide...a current inventory of compliance risks. Please provide this information, if possible, in Word, Excel or the equivalent format on 3.5-inch disks or CD-ROM/DVD."
What is the SEC looking for, exactly? "The RIAs compliance risk procedures should address the 10 major areas required by Rule 206(4)-7," says Chaplin. These are: