- Slides: 46
How New Technology and Regulations Will Impact the Future of RIA Compliance May 24, 2017 FPA of Georgia
GJ King President, RIA in a Box GJ is the President of RIA in a Box® which provides compliance and operations support to over 1, 500 registered investment adviser (RIA) firms. He is a frequent industry speaker on the topics of RIA compliance, operations, and technology best practices. GJ previously worked in the investment management division of Goldman Sachs serving as a trusted advisor to a select group of high net worth entrepreneurs, families, and foundations. King holds an MBA from the Graduate School of Business at Stanford University and a BA from Brown University.
Disclosures • RIA in a Box is not a law firm, CPA firm, or registered investment advisory firm. • None of the information presented, advice given, or services rendered should be considered legal, tax, accounting, or investment advice.
Today’s Topics Technology • System Adoption • How it Comes Together New Rules • DOL Fiduciary Rule • Form ADV Changes Audit Future • Stats to Know • Big Data • Exam Scope & Frequency
Today’s RIA Technology Landscape
Integrated RIA Compliance Technology Portfolio Management & Reporting Compliance Platform CRM Archiving Document Storage
Your CRM System • • • 48% of RIA firms use a CRM system today* • 2015 AUM growth rate: 4. 6% vs. 2. 0% average • Most popular solutions are Redtail and Salesforce General client information and notes • Good business practice that is crucial during any regulatory issue Integrated calendar and tasks • Documentation of compliance program implementation Client suitability information • Top deficiency cited during regulatory exams Client location • Is your firm registered in all proper jurisdictions? Documented processes via workflows • Internal review and approval processes for investment recommendations Source: 2016 RIA in a Box Technology Survey
Your Portfolio Management & Reporting System • • 48% of RIA firms use a portfolio management and reporting system today* • 2015 AUM growth rate: 3. 8% vs. 2. 0% average • Most popular solutions are Morningstar Office and Orion Form ADV filing information • Automatically aggregate and normalizes data across multiple custodians • Calculate total regulatory assets under management (“AUM”) • Discretionary vs. Non-discretionary • AUM by client type Systemized advisory fee billing • Manual fee calculation is a major compliance risk • Opportunity to determine a “reasonable fee” Systemized review of client portfolio performance • Are there any outliers? Source: 2016 RIA in a Box Technology Survey
Your Document Storage System • 46% of RIA firms use a document storage system today* • • 2015 AUM growth rate: 4. 8% vs. 2. 0% average Most popular solutions are Drop. Box and Box • Official books and records • Foundation of your firm’s compliance program • Organized client documentation • Ability to produce required client files • Business continuity • Ability to access files and continue operations during a business disruption Source: 2016 RIA in a Box Technology Survey
Your Archiving System • ~50% of RIA firms use an archiving system today • • Some systems focus exclusively on email Some systems archive across all channels (social media, text, etc. ) • Can lead to serious regulatory issues • Centralizes capture of all information to allow for easier review • Ability to demonstrate program implementation during an exam • Requirement to keep correspondence and advertising records • Easier compliance monitoring • Demonstrate “Culture of Compliance”
Your Compliance Software Platform • 39% of RIA firms use compliance software today • Some systems focus exclusively on employee trade monitoring • Some systems serve more broadly as your firm’s compliance hub • Implement a comprehensive yet efficient program • Perform only relevant tasks based on your firm’s profile • Centralized compliance program documentation • Organize all competed activities in a digital compliance log • Supervise staff • Track and document all staff attestations and activities • Automatically capture all employee trade data • More efficiently review employee trades vs. client trades Source: 2017 Investment. News Adviser Technology Study
DOL Fiduciary Rule • This rule does impact RIA firms but it is manageable • June 9, 2017: Comply with the Impartial Conduct Standards • Example impacted investment recommendation scenarios: • IRA rollover from a Qualified Retirement Plan • IRA rollover from another IRA • Switch from commission-based to fee-based IRA
Impartial Conduct Standards Best Interest CRM & Doc Management Reasonable Compensation Portfolio Management No Misleading Statements CRM & Doc Management
Five Steps to Comply 1. 2. 3. 4. 5. Qualify for streamlined Level Fee Exemption Educate and train all staff members Create an “IRA Investment Recommendation Checklist” Implement a process to review recommendations Establish additional procedures to ensure compliance
Form ADV Changes • This rule impacts all state and SEC-registered RIA firms • October 1, 2017: New Form ADV becomes effective • Significant changes include: • • • Disclose company social media pages Disclose use of outsourced Chief Compliance Officer More detailed AUM information by client type More detailed information on Separately Managed Accounts More detailed information on Wrap Fee Programs
Three Steps to Comply 1. Begin to organize portfolio management and reporting information to mirror Form ADV data fields 2. Ensure that all social media pages are properly archived 3. Document all new required information by October 1, 2017
Establishing the Culture of Compliance While the above statement is a sometimes overused phrase in the RIA compliance world, our team of former regulators can assure you that it is taken very seriously by every regulator in every jurisdiction. If you are successful in demonstrating a “culture of compliance” at your firm and willingly cooperate with the examiners, your exam is more likely to have better results.
Keep the Proper Books & Records • Know the rules applicable to your firm • SEC Rule 204 -2 • Georgia Rule 590 -4 -4 -. 14 • Are you aware of your jurisdiction’s Books & Records requirements? • Inspection of the firm’s books and records is a key audit focus • Don’t wait to prepare these until requested by the examiner • Unique Georgia requirements • Specific supervision rules including annual office inspection
Elements of Effective Compliance Program Written Policies & Procedures Risk Assessment & Compliance Calendar Annual Review Staff Training & Attestations Code of Ethics
Policies & Procedures SEC has stated: Even small advisers may have arrangements, such as soft dollar agreements, that create conflicts… Advisers of all sizes, in designing and updating their compliance programs, must identify these arrangements and provide for the effective control of the resulting conflicts. . . We would expect smaller advisory firms without conflicting business interests to require much simpler policies and procedures than larger firms.
Policies & Procedures Rule 206(4)-7 under the Investment Advisers Act of 1940 requires SEC registered investment advisers to: 1) adopt and implement written policies and procedures reasonably designed to prevent violation, by you and your supervised persons, of the Act and rules under the Act. 2) conduct a review, no less than annually, of the adequacy of the policies and procedures and the effectiveness of their implementation. 3) designate a Chief Compliance Officer (CCO) to administer the policies and procedures.
Policies & Procedures (Cont. ) At a minimum, the SEC has stated the policies and procedures should address the following (if applicable to an investment adviser’s business): 1. Portfolio management processes – allocation of investment opportunities among clients, consistency of investments with investor goals, disclosures 2. Trading practices – procedures to determine best execution, allocation of aggregated trades among clients 3. Proprietary trading of the adviser and personal trading of supervised persons (Code of Ethics) 4. Accuracy of disclosures to clients and regulators – brochure, advertising 5. Accurate creation and secure maintenance of required records
Policies & Procedures (Cont. ) 6. Marketing – use of solicitors 7. Processes to value client holdings and assess fees based on those valuations 8. Safeguards to protect client assets from conversion or inappropriate use by advisory personnel 9. Safeguards to protect client information 10. Business continuity plans
Code of Ethics 1. Requirement to have language that all supervised persons will comply with security laws. 2. Requirements for reporting of access persons’ personal securities transactions and holdings and pre-approval of IPO investments and limited offerings. 3. Procedures to report violations of the Code and sanctions for violations. 4. Requirement to provide copy and obtain annual acknowledgments.
Risk Assessment Neither Rule 206(4)-7 nor similar state rules require a risk assessment; but, the SEC’s initial request for information during an exam asks for: • Inventory of compliance risks that forms the basis for policies and procedures • Documents mapping the inventory of risks to written policies and procedures
Risk Assessment Four Step Process: 1. Prepare risk inventory 2. Assign a “rating” to each risk identified in your inventory 3. “Map” risks to specific procedures and/or disclosures 4. Review and update, as needed
Compliance Calendar Use a compliance calendar to monitor and test your policies and procedures. The calendar should indicate: 1. What is the specific task to be performed 2. When and how often will the specific task be performed 3. Who will be responsible for performing the task
Compliance Monitoring & Testing Your calendar will have tasks designed to monitor and test your policies and procedures. • Monitoring: Keeping track of and checking your procedures on a continuing basis. • Testing: Submitting your procedures to evaluation to determine their ability, or inability, to detect and prevent compliance violations.
Compliance Monitoring & Testing Policy: The firm’s Chief Compliance Officer (CCO) shall be responsible for approving all company advertising and ensuring it is in compliance with jurisdictional regulations. No advertisement shall be distributed without the CCO’s approval. Task: Review and approve advertising. When: 1. As needed: Review and note approval when advertisement placed; 2. Quarterly / Annually: Spot check advertisement records to ensure prior approval was obtained and perform a general internet search for “unapproved” advertising
Compliance Monitoring & Testing Policy: The Firm shall bill clients accounts on a quarterly basis and deduct the fees directly from clients accounts. Task: Review client accounts for billing errors. When: Review sample client files every quarter after the most recent billing cycle.
Annual Review CCO or person designated to conduct a review must assess the adequacy and effectiveness of the compliance program at least annually. • Adequacy • Has the firm updated its policies and procedures in response to changes in business practices or regulatory requirements? • Has the firm conducted risk assessment in response to any changes? Effectiveness • • Is the firm implementing policies and procedures as designed? Document the annual review and make changes as necessary.
RIA Examination Frequency What percentage of SEC-registered RIA firms are audited on an annual basis? A. B. C. D. 11% 18% 27% 43%
RIA Examination Frequency SEC Audit Statistics • Examined 30% of total assets under management (“AUM”) in 2014 • From 2001 to 2015, total aggregate SEC-registered RIA AUM increased approximately 210% from $21. 5 trillion to approximately $66. 8 trillion • As of February 28, 2017, there are 12, 286 SEC-registered RIA firms with a median AUM of $302 million and an average of $5. 459 billion AUM • SEC exam volume is up 25% in 2017 vs. 2016 Sources: 2014, 2015, 2016, and 2017 SEC Fiscal Year Congressional Budget Justifications
Exam Document Preparation • • Overview slide deck Org chart Joint ventures Client account information • • • Type Custodian E-delivery authorization Custody Value for advisory fees
Exam Document Preparation • • • Lost advisory clients Registration justification Service provider list Policies and Procedures Non-compliance records Review documentation Code of Ethics Trade errors Risk assessment Employee trade records
Exam Document Preparation • • Litigation records Security list Soft dollar arrangements Custodial agreements Financial statements Trade blotter Advertising materials Advisory agreement
Exam Deficiencies What percentage of SEC RIA audits result in a deficiency being cited? A. B. C. D. 34% 42% 63% 77%
Referrals to Enforcement Division What percentage of SEC RIA audits result in a referral to Enforcement? A. B. C. D. 7% 11% 26% 32%
Possible Referral to Enforcement SEC Enforcement Statistics Sources: 2014, 2015, 2016, and 2017 SEC Fiscal Year Congressional Budget Justifications
Deficiencies Source: 2015 North American Securities Administrators Association RIA Coordinated Examination Report
Evolving Audit Scope
Better Data and More Focus The Form ADV Part 1 changes taking effect October 1, 2017 further demonstrate this.
Best Practices Accurate Form ADV documents and disclosures Customized policies and procedures Proper documentation Periodic review of client files and marketing Know relevant requirements
Efforts to Increase Audit Frequency • 3 rd party self regulatory organization (SRO) • Congressional bill introduced by Spencer Bachus (formerly R-AL) in April 2012 • User fees • Congressional bill introduced by Maxine Waters (D-CA) in April 2013 • 3 rd party audits • Introduced in May 2014 by former SEC Commissioner Daniel Gallagher at a Financial Industry Regulatory Authority (FINRA) event • Increased SEC focus on RIA firms • Shift of 100 broker-dealers to adviser exams • Hiring more adviser examiners • Changing AUM registration threshold • Previously raised from $30 to $100 million as part of Dodd-Frank • Raising to $300 million would shift around ½ of SEC-registered firms to state level
About RIA in a Box n We support RIA firms with industry-leading registration and compliance services n Experience & Expertise n 30+ employees including former regulators, advisors, and technologists n Have helped register over 3, 000 new RIA firms n My. RIACompliance. TM n Proprietary RIA compliance management software n Provide compliance software and ongoing consulting support to over 1, 500 RIA firms www. riainabox. com @riainabox