In this new environment of working from home during the COVID-19 pandemic, it’s important for investment adviser firms to remember to conduct initial and ongoing due diligence of the cybersecurity policies and practices (including incident response plans) of third-party vendors which maintain confidential information of your investment advisory clients and provide services through the cloud over the Internet.
SEC Risk Alert – Compliance Issues Related to Regulation S-P – Privacy Notices and Safeguard Policies
May 07, 2019
On April 16, 2019, the United States Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a risk alert about “Compliance Issues Related to Regulation S-P – Privacy Notices and Safeguard Policies” to encourage investment adviser firms to review their written policies and procedures to, “ensure compliance with the relevant regulatory requirements.”
July 16, 2012
There has been a lot of discussion over the last year on the different standards for broker-dealers and investment advisers. Under current regulatory requirements, broker-dealers do not have a fiduciary duty to their clients. Broker-dealers must abide by the anti-fraud provisions of the Securities Act of 1933 (“Securities Act”) and the Securities Exchange Act of 1934 (“Exchange Act”) and must follow rules instituted by exchanges they are members of and the rules of the Financial Industry Regulatory Authority (“FINRA”). Investment advisers are largely governed by the Investment Advisers Act of 1940 (“Investment Advisers Act”), rules promulgated under the Investment Advisers Act, and state laws. Pursuant to the Investment Advisers Act, investment advisers have a fiduciary duty to their clients. Having a fiduciary duty to clients means that by regulation investment advisers are held to a higher standard than the standard that applies to broker-dealers. A study conducted by the U.S. Securities and Exchange Commission (“SEC”) in 2011 found that the average investor did not understand the difference between a broker-dealer and an investment adviser.
Due diligence can be defined as the level of judgment and care a reasonable person would take before entering into an agreement or transaction. As part of an effective compliance program investment advisers must conduct due diligence not only when selecting investments for clients but also when outsourcing services to third-party service providers. The importance of outside service provider due diligence was discussed as an examination focus area by the U.S. Securities and Exchange Commission (“SEC”) during their 2009 CCOutreach Regional Seminars. During the seminar, the SEC noted that “advisers should review each service provider’s overall compliance program for compliance with the federal securities laws and should ensure that service providers are complying with the firm’s specific policies and procedures.” During a routine examination, SEC examiners will “review an adviser’s disclosures, contracts with clients, and contracts with service providers to determine whether the services and reporting obligations are consistent with disclosures and that all obligations are adequately addressed and overseen by the adviser.”
Due diligence needs to be an important component for any investment adviser compliance program. As we discussed earlier, due diligence should not be limited to recommending investments, but must also be employed when recommending or using third party service providers. In our opinion, one of the most important, if not the most important, outside service provider decisions made by investment advisers are the selection of a recommended broker/dealer. In fact, many investment advisers require clients to use a particular broker/dealer. However, far too many investment advisers fail to perform adequate due diligence on this important selection. We hear from many investment advisers that they fully understand broker/dealer best execution reviews are expected, but are not completed because of reasons such as (1) the broker/dealer they work with is large and reputable, (2) the investment adviser only selects mutual funds so best execution doesn’t matter or (3) the differences between broker/dealers are so slight that due diligence is unnecessary. Because of these reasons and others such as time and cost constraints, broker/dealer best execution reviews and due diligence is a matter often neglected by investment advisers.
June 28, 2012
Many investment advisers choose to engage third-party service providers to perform a number of important services for their firm and their advisory clients. There are third-party service providers offering a number of important services to investment advisers. Some of the services include client and portfolio management software systems, marketing of advisory services, referring clients to the investment adviser, calculating investment valuations, proxy voting, financial reporting, and maintaining required books and records. However, when a service provider is utilized, the investment adviser still retains its fiduciary responsibilities for the delegated services. As a result, investment advisers should develop strong compliance policies and procedures for performing due diligence when selecting and retaining third-party service providers.