Why should an ad- viser spend time preparing for a regulatory exam? Only about 60% of SEC-registered investment advisory firms have undergone a compliance examination. Congress blusters about holding the Securities and Exchange Commission accountable to do more but simultaneously denies funding necessary to make that practical.
The SEC has recently announced an initiative directed at never-before-examined registered investment advisers, but that will affect only about 25% of the more than 4,000 firms that have never been inspected. No army of compliance officials is being mustered to occupy and sweep Wall Street clean of all deficiencies large and small.
So why bother getting ready for an exam? There are two reasons.
First, despite the low odds, exams do happen. And when the regulator comes knocking, the financial adviser's mission is to minimize disruption to the firm's business by getting the review process over as quickly as possible.
An unprepared adviser is in for an exam that will take longer and be more painful than it needs to be. Moreover, an exam that detects multiple deficiencies requires follow-up action by the adviser and future attention by the regulator.
Second, if an adviser understands the modus operandi of examiners and prepares accordingly, the process will force the adviser to think deeply about how well the firm's business model is defined and identify opportunities for the firm to improve its business.
FOCUS AREASAccording to the SEC's Feb. 20 announcement of the initiative, the exams will focus on the advisers' compliance programs, filings and disclosure, marketing, portfolio management and safekeeping of client assets. These areas of concentration were selected because they were deemed by the SEC to be the most important for protecting investors.
Regulators generally set examination priorities on the basis of risk to the public, and the examiner is eager to determine whether the adviser is likely to pose such a risk, i.e., to the adviser's clients. Examiners are recognized for their productivity in conducting exams and uncovering threats to investors.
Consequently, there is little upside to taking more time than is absolutely necessary when there is little or no evidence of risky business practices. Thus the adviser and the examiner have a common interest in reaching a speedy conclusion to the process, assuming that the adviser is truly compliant.
On the North American Securities Administrators Association Inc. website, the state regulatory organization suggests that every exam should begin with a presentation by the firm's chief compliance officer. First impressions are critically important.
In a firm that is both well-run and well-prepared, the CCO can seize the opportunity to showcase a culture of compliance and fiduciary excellence.
Proof of preparedness comes not from having the ability to talk broadly about an advisory firm's structure, target markets and compliance programs. Rather, it is evidenced when the CCO can articulate why and how the firm navigates areas of inherent risk.
For example, dual registration is an area of focus due to the potential for conflicts of interest in compensation arrangements that may involve both fees and commissions. The CCO should be prepared to present (1) why dual registration is important in serving the firm's clients, (2) under what circumstances an adviser may act as a fiduciary adviser, versus a non-fiduciary registered representative, (3) whether an adviser may act in both fiduciary and non-fiduciary roles for the same client, (4) how conflicts are managed to assure clients' best interests, and (5) how the adviser's different roles are disclosed to clients.
The first question, relating directly to serving the client's interests, is the touchstone question. The answers to all other questions must be congruent with the answer to the first.
Similarly, custody can be risky. Direct access to client funds increases the risk of malfeasance.
That doesn't mean that custody is never justified, but it does mean justification is needed.
That is followed by questions about who has access to client funds, procedural or systemic limits on access, monitoring systems, client consent and so on.
The answers to a comparable line of questioning for each major business practice should form a coherent, client-centric justification for the way the firm does business. Incoherence or the lack of a clear connection to client interests is not only a sign of regulatory risk, it points to a fuzzy or flawed business strategy.
Blaine F. Aiken is president and chief executive of fi360 Inc.