The following are some frequently asked questions (“FAQs”) relating to a RIA compliance manual for an investment adviser registered with the United States Securities and Exchange Commission (“SEC”). The answers will focus primarily on the requirements of SEC Rule 206(4)-7.
Please note that although there is a certain level of similarity between the various state securities regulators and the SEC with respect to the regulation of investment advisors, there are significant variances among state securities regulators and the SEC. The answers listed below will not necessarily address such differences.
The information presented here is general in nature and not a substitute for consulting with an investment adviser compliance resource regarding your registered investment adviser’s unique circumstances and the requirements of the securities regulator(s) with jurisdiction over your investment adviser.
Click here to view and purchase our different RIA compliance manual drafting options.
On February 5, 2004, the United States Securities and Exchange Commission adopted SEC Rule 206(4)-7 of the Investment Advisers Act of 1940 requiring SEC registered investment adviser firms to adopt and implement a RIA compliance manual which outlines the investment adviser’s compliance policies and procedures and to designate a chief compliance officer to administer its compliance policies and procedures.
The requirement of whether a state registered investment adviser must maintain a RIA compliance manual varies from state to state. All investment advisors, without regard to SEC or state registration, are required to establish, maintain and enforce written policies and procedures that are reasonably designed to prevent the misuse of material non-public (“insider”) information. Many states have requirements for state registered investment advisers similar to the SEC’s requirements for federally registered investment advisers regarding a RIA compliance manual. A state registered investment adviser will need to review its state’s investment advisor rules and regulations to make this determination. However, regardless of your investment adviser’s state requirements, the maintenance of a RIA compliance manual is a good business practice. It helps to create a strong culture of compliance within your firm, which is something the regulators will analyze when conducting a regulatory examination of your investment adviser.
If your investment adviser is registered with the SEC or with a state securities regulator that requires written supervisory and compliance policies and procedures, your investment adviser is required to maintain such policies and procedures regardless of the number of employees or investment adviser representatives, if any, affiliated with the investment adviser. However, securities regulators have stated that these policies and procedures need to be written to cover the compliance considerations relevant to the operations of each particular registered investment adviser. It is expected that most smaller-sized registered investment advisers without conflicting business interests could utilize much simpler supervisory and compliance policies and procedures than larger-sized registered investment advisers that may have multiple conflicts of interest.
SEC Rule 206(4)-7 states that an SEC registered investment adviser’s chief compliance officer (“CCO”) should be competent and knowledgeable regarding the Investment Advisers Act of 1940 and should be empowered with full responsibility and authority to develop and enforce appropriate policies and procedures for the investment adviser. A registered investment adviser’s chief compliance officer should have a position of sufficient seniority and authority within an investment adviser’s organization to compel others to adhere to the supervisory and compliance policies and procedures. For SEC registered investment advisers, the designated chief compliance officer should be disclosed on the investment adviser’s Form ADV, Schedule A.
With respect to a state registered investment adviser, the individual designated as primarily responsible for compliance should be disclosed on Form ADV Part 1B. Similar to the SEC’s requirements of a chief compliance officer, an individual holding such a position with a state registered investment adviser should have sufficient experience, knowledge and authority to hold such a role.
SEC Rule 206(4)-7 indicates that a registered investment adviser’s compliance policies and procedures must be reasonably designed to prevent violation of the Investment Advisers Act of 1940 by the investment adviser or any of its supervised persons. A registered investment adviser must consider and incorporate its fiduciary and regulatory obligations. Each investment adviser must adopt policies and procedures that take into consideration the nature of the investment adviser’s operations. The compliance policies and procedures should be designed to prevent violation of the Investment Advisers Act of 1940 from occurring, detect violations that have occurred, and correct promptly any violations that have occurred.
A SEC registered investment adviser must identify conflicts and other compliance factors creating risk exposure for the investment adviser and its clients in light of the firm’s particular operations. An investment adviser must then design policies and procedures that address those risks. Although SEC Rule 206(4)-7 does not define everything that must be covered in a RIA compliance manual, SEC Rule 206(4)-7 states that an investment adviser’s compliance policies and procedures, at a minimum, should address all of the following issues to the extent that they are relevant to the investment adviser:
The first step to determine what areas should be covered in an investment adviser’s RIA compliance manual is to perform a risk analysis of the investment adviser. This means that the registered investment adviser should identify conflicts of interest, business practices, arrangements, and other compliance factors creating risk exposure for the investment adviser and its clients in relation to its operations. Once this has been done, the investment adviser should begin developing RIA compliance manual that specifically address those risks and conflicts of interests and the controls that the investment adviser will put in place to supervise and mitigate those areas of concern. In many regulatory audits of registered investment advisers, one of the first items that the securities regulator will ask for is the investment adviser’s risk analysis.
Off-the-shelf RIA compliance manuals are an excellent starting point for a registered investment adviser. However, a registered investment adviser cannot expect to just purchase an off-the-shelf compliance manual and assume that the investment adviser now has sufficient written compliance policies and procedures for the investment adviser. These documents are typically written at a very high level to cover many areas that the typical or average investment adviser must consider when developing its own manual customized to its unique business model and circumstances. For a registered investment adviser that is utilizing an off-the-shelf compliance manual, it is imperative that the investment adviser thoroughly review all of the content of the off-the-shelf version of the compliance manual and then revise the compliance manual so that it reflects the actual operation of the investment adviser and meets any unique rules or regulations of the applicable securities regulator(s).
The first step that should be taken after developing a RIA compliance manual is to provide all employees of the investment adviser with a copy or access to a copy. The investment adviser should require all investment adviser representatives (“IAR”) and employees to review the supervisory and compliance policies and procedures and have each investment adviser representative and employee sign an acknowledgement indicating that he or she has read this compliance manual, understands it and agrees to abide by the investment adviser’s written supervisory and compliance policies and procedures. (Although a signed acknowledgement is not a requirement, it is a good business practice.) A registered investment adviser should provide its investment adviser representatives and employees with on-going training of its supervisory and compliance policies and procedures. An investment adviser must also notify investment adviser representatives and employees when revisions are made to their policies and procedures and should require an acknowledgement on an annual basis.
An investment adviser and its supervised persons need to be aware that the compliance manual is a living document, and the compliance manual should not be treated as something that the investment adviser can assume is done and forget about by putting it in a drawer or on a shelf. At a minimum, an SEC registered investment adviser must conduct an annual assessment of its supervisory and compliance policies and procedures. This annual assessment must review the adequacy of the supervisory and compliance policies and procedures and the effectiveness of their implementation within the investment adviser. When conducting an assessment, an investment adviser should consider any violations, any regulatory deficiencies and any changes in the investment adviser’s business structures or manner in which business is conducted. An investment adviser must then review its supervisory and compliance policies and procedures to make any revisions to address these changes or areas of concern in order to prevent any future problems. Although SEC Rule 206(4)-7 only requires an annual assessment, a SEC registered investment adviser should consider reviewing its compliance policies and procedures and making revisions or developing new supervisory and compliance policies and procedures any time a violation, deficiency or change occurs rather than waiting to do so annually.
A SEC registered investment adviser is required to maintain those records documenting its annual assessment of its supervisory and compliance policies and procedures. Additionally, an SEC registered investment adviser must maintain current copies of its supervisory and compliance policies and procedures as well as any revised supervisory and compliance policies and procedures during the past 5 years.
Yes, RIA Compliance Consultants has an online software tool, RIA Express – Compliance Manual Drafter, which allows an investment adviser firm to self-customize a Code of Ethics and Compliance Manual. For additional details, please visit our RIA Compliance Manual Drafting Services webpage and RIA Express webpage.
*The information contained in this Frequently Asked Questions webpage is general in nature and intended for educational purposes only and is not intended to be a comprehensive analysis of the securities regulations applicable to registered investment advisers. It is not intended to constitute compliance consulting advice or apply to any particular investment adviser firm’s specific situation. For more information, please see our Disclosures.