iThe Securities and Exchange Commission (SEC)’s Division of Examinations (Division) announced its 2024 examination priorities (Exam Priorities) in October. In 10 years of priority announcements, this is by far the earliest annual announcement; the 2023 priorities were issued in February 2023. These priorities particularly address areas of concerns based on recent examinations, and often forecast referrals to the Division if material rule violations or deficiencies are uncovered. The announcement for 2024 focuses on six different types of market participants subject to SEC regulation or oversight, as well as four risk areas impacting many market participants.
Market Participants:
| 1. | Investment Advisers |
| 2. | Investment Companies |
| 3. | Broker-Dealers |
| 4. | Self-Regulatory Organizations (SROs) |
| 5. | Clearing Agencies |
| 6. | Other market participants including Municipal Advisors, Security-Based Swap Dealers, Transfer Agents, and those associated with crypto assets and emerging financial technologies |
Risk Areas:
| 1. | Information Security and Operational Resiliency |
| 2. | Crypto Assets and Emerging Financial Technology |
| 3. | Regulation Systems Compliance and Integrity (SCI) |
| 4. | Anti-Money Laundering |
This GT Alert discusses the Exam Priorities related to each of these market participants and the four common risk areas impacting many market participants.
Market Participants
| 1. | Investment Advisers |
The Division will examine advisers’ adherence to their duty of care and duty of loyalty obligations to clients. In reviewing advisers’ adherence to these fiduciary duties, the Division continues to focus on:
| – | Investment advice provided to clients about products, investment strategies, and account types; |
| – | Processes for determining that investment advice is provided in clients’ best interests; |
| – | Economic incentives that an adviser and its financial professionals may have to recommend products, services, or account types; |
| – | Disclosures relating to conflicts of interest, and whether a client has sufficient information to provide informed consent; |
| – | Compliance programs, policies and procedures to reflect advisers’ business, compensation structure, services, client base, operations and applicable current market risks; |
| – | Assessment of advisers’ controls to protect clients’ material non-public information; and |
| – | Disclosure assessments to review the accuracy and completeness of regulatory filings for selecting and using third-party and affiliated service providers, overseeing branch offices, and obtaining informed consent of material changes to advisory agreements. |
In addition, the Division will continue its recent focus on investment advisers to private funds, and will particularly review the following topics:
| – | Portfolio management risks; |
| – | Adherence to contractual requirements regarding limited partnership advisory committees; |
| – | Calculation and allocation of private fund fees and expenses; |
| – | Due diligence practices; |
| – | Conflicts, controls, and disclosures regarding private funds managed alongside registered investment companies and use of affiliated service providers; |
| – | Compliance with Advisers Act requirements, timely completion of private fund audits by a qualified auditor, and distribution of private fund audited financial statements; and |
| – | Policies and procedures for reporting on Form PF to the SEC’s Form ADV. |
| 2. | Investment Companies |
The Division will focus on evaluation of registered investment company compliance programs, fund governance practices, disclosures to investors, and accuracy of reporting to the SEC. Specific examination focus areas may include:
| – | Assessment of fees and expenses; |
| – | Review of written compliance policies and procedures about oversight of advisory fees, and any associated fee waivers and reimbursements; and |
| – | Derivatives risk management assessments. |
| 3. | Broker-Dealers |
The Division will evaluate whether broker-dealers have established, maintained, and enforced written policies and procedures reasonably designed to achieve compliance with Regulation Best Interest (BI), Form CRS, financial responsibility rules and trading practices. Focus areas will include:
| – | Recommendations to retail customers and compliance with Regulation BI; |
| – | The content of relationship summaries and delivery obligations under Form CRS; |
| – | Compliance with the Net Capital Rule, Customer Protection Rule, lending programs, reward programs, and non-brokerage services; |
| – | Assessment of broker-dealer credit, interest rate, market, and liquidity risk management controls; and |
| – | Review of equity and fixed income trading practices. |
| 4. | SROs |
The Division will scrutinize SRO compliance with rules governing operations, enforcement activities and fulfillment of regulatory duties. Focus areas will include:
| – | Exchange order handling; |
| – | Exchange surveillance, investigation, and enforcement programs to detect and discipline member firm violations; |
| – | Exchange oversight of regulatory service agreements; |
| – | Risk assessment of FINRA’s operations; and |
| – | Assessment of compliance with MSRB rules, and applicable federal securities laws. |
| 5. | Clearing Agencies |
The Division will examine at least once annually, each clearing agency designated as systemically important. Examination will focus on clearing agencies’ core risks, processes, and controls and will cover the nature of clearing agencies’ operations and assessment of financial and operational risk. Examinations of registered clearing agencies include both risk-based examinations and Corrective Action Reviews.
| 6. | Other Market Participants |
The Division’s focus areas for other market participants include:
| – | Compliance with fiduciary duty obligations, recordkeeping, and registration requirements; |
| – | Security-Based Swap Dealers’ compliance with obligations under Regulation SBSR, capital, margin, and segregation requirements; and |
| – | Transfer agent processing, safeguarding of funds and securities, and regulatory filings. |
Risk Areas
| 1. | Information Security and Operational Resiliency |
The Division will focus on registrants’ policies and procedures, internal controls, oversight of third-party vendors, governance practices, and responses to cyber-related incidents. Part of this review will consider whether registrants adequately train staff regarding their identity theft prevention program and their policies and procedures designed to protect customer records and information. The Division will also assess risks associated with the use of third-party providers.
For broker dealers and investment advisers, the Division will assess firms’ practices to prevent account intrusions and safeguard customer records and information. In connection with the rule changes to shorten the standard settlement cycle for most broker-dealer transactions, the Division will assess registrant preparations to meet the compliance date of May 28, 2024.
Finally, the Division will review broker-dealer and adviser practices to promote cyber resilience.
| 2. | Crypto Assets and Emerging Financial Technology |
The Division will examine how companies involved with crypto assets and emerging financial technologies offer, sell, recommend, and solicit advice regarding trading. Specifically, the Division will assess whether companies:
| – | Meet and follow their standards of conduct when recommending or advising customers and clients about crypto assets; |
| – | Review, update, and enhance their compliance practices, risk disclosures, and operational resiliency practices; |
| – | Comply with the custody requirements under the Advisers Act (Rule 206(4)-2) for crypto assets that are funds or securities; and |
| – | Address technological risks associated with the use of blockchain and distributed ledgers. |
| 3. | Regulation SCI |
The Division will evaluate whether SCI entities have implemented policies and procedures to ensure the security and resiliency of their systems and meet the requirements of Regulation SCI.
| 4. | Anti-Money Laundering (AML) |
The Division will examine whether broker-dealers and certain registered investment companies:
| – | Have AML programs tailored to address the risks associated with the firm’s location, size, and activities; |
| – | Conduct independent testing; |
| – | Establish adequate customer identification programs; |
| – | Meet Suspicious Activity Report (SAR) filing obligations; and |
| – | Monitor Office of Foreign Assets Control sanctions. |
Conclusion
The 2024 Exam Priorities announcement was not only unusually early but also unusually detailed. This GT Alert is a mere summary of the full announcement. Firms registered with the SEC should be aware that the Exam Priorities list is not exhaustive, and examinations may cover many issues not stated in this list. Indeed, many priorities from the 2023 list, particularly including ESG matters, were not emphasized in the 2024 Exam Priorities. The current Exam Priorities align with recent SEC announcements and activity, such as recent, recently amended, or pending rules and regulations. Accordingly, registered firms should take note of these priorities when reviewing compliance programs to ensure their compliance programs address the Division’s focus if such priorities relate to their programs and practices. As always, firms should pay close attention to the 2024 Exam Priorities, as they may signal future enforcement priorities in the form of sweep examination programs and other actions.
