By
Cory Roberson, Principal at FIN Compliance and FIN Lancer
August 17, 2018. As
mentioned in a previous blog, RIA Exam -
Preparing for an Audit in 2018, we’ve seen an uptick in the number of advisory
examination requests this year. A
pending audit may present an unwelcome addition to an advisor’s busy schedule,
but there is a window of time to prepare.
In addition, to the relief of many advisors, examiners are known to
offer extensions for scheduling the examination. Let’s review some ways that firm’s
can update documentation for audit prep purposes.
The Audit
Process revisited
Typically, firms are greeted with
an email from an examiner that includes a document request list outlining the
audit processes and requirements (ref. SEC Form 2389). The list will specify the dates for records
requested to review (e.g. last quarter or last fiscal year).
The actual
exam may include a series of phone calls and/or visits to the office. During in-person visits, which may last over
a few days, examiners will review firm documents to ensure its guidelines are
met (e.g. Advisors act or similar state securities acts). A sample testing of fees, accounting, client
files, and trading is usually performed during this period.
Next, comes the waiting period as
examiners compile their results.
Afterwards,
examiners will send a summary of results, that will include a discrepancy
letter (or guidance) for making corrections. The process of fixing discrepancies might feel
like a punch in the stomach to a firm, but examiners often grant extensions to
make changes.
With
that said, any further delays beyond an extension in responding to an examiner or
fixing discrepancies, can incur a heavy fine or other censure. In addition, significant gaps in filings or unlicensed
activity can incur a fine(s) or other censure(s).
Advisors can contact a compliance person
and/or attorney familiar with guidelines to review its risk areas.
We advise
that firms prepare ahead of time as discrepancies are a common occurrence amongst
advisors registered with the SEC, FINRA, and/or state securities regulators. Within this framework, advisors can mitigate potential
issues by updating documentation on a periodic basis.
As a
general practice, firms should review/update: Client documentation (at the time
of client visits); Trading/Cybersecurity records (on an ongoing basis), Fees/accounting
(on a monthly/quarterly basis), and Procedures manual (at least once a year).
The
following is not an exhaustive list of items to review. Firms can use sample document request lists
to prepare. Further reviews may be
needed depending on the firm and its business model.
What are Common Discrepancies?
There
is guidance for determining the most common discrepancies amongst firms. Every year, usually around the month of
September, the North American Securities Administrators Association (“NASAA”)
issues their examination findings of more than 1000 firms (see 2017: NASAA Examinations report ).
Reasons
for documentation before (after) an audit
Many
compliance procedures, including trade monitoring, must be packaged into documentation
as proof of a review for an examiner. Do
not expect your regulator to rely on your FinTech or RegTech solution without
the process of an actual person explaining the review process and generating an
audit trail. Online solutions, including
RIA Review, can be used in tandem with producing the documentation needed for
examiners.
Our Forms and Documents Store
Our
forms and templates store consist of sample audit request lists, checklists,
manuals, and agreement templates to manage a portion of your firm’s audit prep.
Sample
Audit – Document Request Lists (complimentary)*
SEC
Examination Request List (based on an actual review in
2018) provides
a comprehensive list of the following areas: (1) Organization/Business
Activities, (2) Client/Firm Documentation, (3) Compliance Program, Risk Management and Internal
Controls Compliance
(e.g. Compliance manual, Risk Assessment Annual Review), (4) Financial Records
(e.g. GAAP, bank, loans), (5) Client account (e.g. list summarized on a
spreadsheet), (6) Trading/Brokerage forms (e.g. blotter, brokerage
arrangements), (7) Custody information (when applicable), (8) Conflicts of
Interests (e.g. Code of Ethics, other business activities), (9)
Advertisements/Presentations, (10) Pooled Investment Vehicles (e.g. PPM,
partnership agreements, investor list, financials). complimentary.
The California
Department of Business Oversight Examination Request List (based on an actual review in 2018) includes a list for: (1) Accounting records (e.g.
GAAP Format, financial requirements); (2) Agreements/contracts (e.g. advisory, Financial
Planning Contracts, Investment Policy Statements), (3) Client Documentation
(e.g. Client lists), (4) Corporate Records (e.g. LLC/LP, etc.), (5) Advisory
Administration (e.g. Business Continuity, Advertising), and (5) Firm Personnel documents
(e.g. Advisors, employees, access persons). complimentary.
Generally, all examiners
will investigate updates of client documentation (e.g. agreements, investment
policy statements), accounting (financials, fees), procedural reviews, and
general documentation (e.g. ADV, advertising, registration). Regulators, such as the California Department
of Business Oversight, expect for firms to update investment policy statements
at least every three years.
Q. What about request lists for other states?
A. The North
American Securities Administrators Association (“NASAA”) enacted the Uniform
Securities Act (ref. 1956) as a regulatory framework for state examiners. In addition, states legislatures also base most
of its advisory regulations on the SEC Investment Advisors Act. As such, the state examination process is
similar to the guidelines referenced in California.
With that said,
states do exercise their own authority in amending the act to its own
preferences from time to time (some rules differ). Many state websites will post their audit
request lists on their websites, but advisors can contact us to put together a
state-specific examination list for a fee.
*SEC Books and Records Rule 204-2 (and similar state
rules)
Documentation – Agreements and
Manuals (Fee)
Advisory firms,
who pass a “de-minimis” threshold of a number of clients in a state outside of
its home office, are required to register the practice and at least one
investment advisor representative in that jurisdiction. Firm can use our State Di-Minimis Checklist which includes a summary of registration thresholds
in other states for a fee.
Who is an
Investment Advisor Representative (“IAR”)?
Under SEC Rule 203(a) and similar state guidelines, an investment advisor
representative (“IAR”) is defined as any (persons) who:
Makes securities-based recommendations;
Manages accounts or portfolios of clients;
Oversees recommendations or advice;
Solicits or offers sales of securities; ***.
Supervises employees.
Firms can use this
De-minimis checklist in addition to working with solicitors (“persons
offering referral services”). Some states may/may
not require IAR registration for the solicitor. If a solicitor is required
to file with your firm, the practice will also be responsible for making sure
they are registered in appropriate jurisdictions. Fee
Our Investment Advisory
agreement** template contains the general terms, services, and
stipulations for entering into advisory services. Advisors can customize this agreement based on
the actual services/fees offered by their firm.
Clients must sign the agreement and receive a copy of the firm’ brochure
(ref. Brochure Rule), privacy policy, and if required, a summary of the
business continuity plan (ref. CA DBO CCR 260.238.3).
For: Advisory and Portfolio management services
An Investment
Consulting agreement template
features general terms, services, and an overview for entering into a fixed,
flat, or hourly arrangement. Firms can
tailor as needed. Fee
For: Consulting, research, and other related
services.
The Financial Planning
Agreement template also features general terms, services, and an overview
for entering into a fixed, flat, or hourly financial planning arrangement. Firms can tailor as needed. Fee.
A Solicitor agreement*** template features general terms, an overview of referral
services, and a disclosure statement
for entering into a referral arrangement with an investment advisor. Clients must receive a: (1) Disclosure
statement and (2) Firms should tailor as needed. Fee.
For: Referrals, third-party sale persons
Typical Steps
Include:
Firm: providing services
should be licensed with either state, SEC, or FINRA.
IAR/Principal: working with the client should be licensed
with the firm.
Solicitor: May or may not need to be licensed or qualify
to be an IAR.
Firm: Enters into a
written agreement with solicitor.
Firm: provides the
solicitor with a copy of the solicitor disclosure
document.
Solicitor: sends required
documents to prospective or “solicited” client.
Firm: discloses solicitor
arrangement on ADV.
Firm: enters into a
signed arrangement during client onboarding.
Both the firm and solicitor can be fined if they conduct referral-based
activities without required procedures in place.
Policies and Procedures manual (state) features a general overview of policies and procedures, including a list
of State Securities Laws to tailor based on the jurisdiction of your “home
office” location. Fee.
Policies and Procedures manual (SEC) features a general overview of policies and procedures, including a list
of regulatory updates released by the SEC Office of Compliance Inspections and
Examinations and the SEC Division of Investment Management. Fee
Compliance Management System
(ongoing review)
Need more? In case you need a
system for conducting your review, there is compliance management protocol for
audit-prep purposes at RIA Review. All
of the forms aforementioned are available to Premium and Premium Plus Users.
There are three
versions available including:
Free Version - for those who want
to try out a limited version.
Premium Version ($995/yr) - for state-registrants with basic reporting needs.
Premium Plus Version ($1195/yr) - for SEC and State Registrants that also require an annual
review.
There are also short
training videos featured on the platform to premium/premium plus users.
Review our blog RIA Review – Compliance Management System for a full overview of features.
Compliance and Business Management
FIN Compliance (FINCompliance.io) is a
consortium of compliance services including: RIA Consults-Roberson Consults
Group, a compliance consulting firm, RIA Review, a compliance-management
software tool (SaaS), B-D Review, a RIA/Broker-Dealer compliance management
software tool, and FINLancer is a business
management portal featuring: E-signature tools; Invoicing integration,
Vendor Directory, continuity directory*, business client document portal, and
more (available by Q3 2019). Access all services
on one site: FINCompliance.io.
Impact
FIN Missions (FINmissions.com) provides business support group
sessions for other entrepreneurs. In addition, Cory has volunteered
for more than fifteen youth programs in locations such as like S. Korea, China,
S. Africa, Thailand, and India.
No comments:
Post a Comment