SEC Issues a Risk Alert on the Current State of Outside Compliance Consultants
On November 9, 2015, the SEC’s Office of Compliance Inspections and Examinations issued a Risk Alert, noting that some of the outside CCOs that were examined were not sufficiently competent, knowledgeable of the business of the company or the federal securities laws or empowered with full responsibility, resources and authority to develop and enforce appropriate policies and procedures for the company. Observations of the SEC’s staff include:
Outsourced CCOs should frequently and personally interact with the registered investment advisers (“RIA”) employees (in contrast with impersonal interaction, such as electronic communication or pre-defined checklists) to obtain a better understanding of the RIA’s businesses, operations, and risks.
Outsourced CCOs with a strong grasp of the RIA’s businesses, operations, and risks can better identify and remedy inconsistencies between the compliance policies and procedures and the RIA’s actual business practices.
Outsourced CCOs that served as the CCO for numerous unaffiliated firms, generally, lack sufficient resources to perform compliance duties.
Annual reviews performed by outsourced CCOs, who were able to independently obtain the records they deemed necessary for conducting such reviews, more accurately reflected the RIA’s actual practices than annual reviews conducted by CCOs, who relied wholly on the firm to select the records subject to their review.
It is a bad fact if the RIA’s employees have discretion to determine which documents were provided to the outsourced CCOs.
In light of these findings, the SEC recommends that advisers and funds with outsourced CCOs review their business practices to determine whether their practices comport with their responsibilities as set forth in the Investment Advisers Act and the Investment Company Act.
Please see here for the SEC’s Risk Alert on outside CCOs.
– RIAs that are using or considering using an outside CCO should carefully consider the SEC staff’s observations about how outside CCOs should interact with the employees of the RIA, in order to emulate the best case cited by the SEC staff. Given the thoughtful guidance and the attention to outside CCOs that preceded the guidance, the use of an outside CCO will result in the SEC staff approaching an examination with these views in mind.