Advisor Perspectives welcomes guest contributions. The views presented here do not necessarily represent those of Advisor Perspectives.
Many advisors suffer from the misconception that as long as their intentions aren’t malicious, they’re in compliance.
Sadly, this is not the case.
To catch the small number of bad actors in the industry, the rest of us must abide by the often-complex industry regulations. Failing to remain in compliance will lead to deficiencies, fines, and even enforcement action.
Here are the most common compliance concerns and how your firm can avoid them.
Recordkeeping and texting
Texting is the norm. It’s how we communicate with friends, family, and oftentimes even clients. The problem is that part of the obligation for an advisor's books and records is to record all communication with clients. This is why email archiving is necessary.
If an advisor communicates with a client on a channel that’s not archived, such as through a personal email account, WhatsApp, or text message, the record is not preserved, and the advisor is no longer in compliance.
This is an area where the SEC is cracking down. In December of 2021, JPMorgan paid $125 million to resolve SEC charges of recordkeeping failures related to communications with clients. How can you avoid a similar fate?
Essentially, you have two options. The first is to limit communication with clients to archived email accounts, phone calls, and in-person meetings. The second option is to archive text messages (or any other channel of client communication). If you go this route, you’ll need to use an archiving solution that has the capabilities you need to archive all your communication channels, including emails, SMS, WhatsApp, website, and social media.
Fee accuracy
Another recent area of focus for the SEC has been fee accuracy. In December of 2021, a private equity fund paid $4.5 million to settle SEC charges and another $5.4 million to clients to make them whole.
Most advisors have not overcharged millions in fees, but due to recordkeeping mistakes, agreements with fees that differ from what the advisor currently charges may exist. If you haven’t reviewed your existing agreements in a while (or ever), do so. If you review your records and find an issue, make sure to get a new agreement in place as soon as possible. If the fee in the new agreement is less than you currently charge the client, you may also need to consider refunding the client to make up for the error.
Beyond reviewing existing agreements to ensure they match current fees, review your procedures surrounding onboarding new clients and/or updating fees. The simplest way to avoid a compliance issue is to keep it from happening in the first place.
Cybersecurity and remote work
With the shift to more remote work in response to the pandemic, the SEC has highlighted a few specific areas of concern, as addressed in the Covid-19 Risk Alert from August 2020. While some concerns addressed the process of transitioning to remote work, others remain relevant, including protecting investor assets, personnel oversight, and protection of sensitive information.
Protecting investor assets
Phishing and other scams have become incredibly sophisticated. Your firm should have procedures that require confirming any distribution requests. Reminding advisors of these procedures and training them on how to spot, avoid, and handle scams will help them remain vigilant while working remotely.
Personnel oversight
Supervisory activities may become more difficult when the team is not onsite. If full or partial remote work has become the norm at your firm, you’ll want to ensure you:
-
-
- remain in contact with remote employees,
- fulfill your due diligence requirements (relating to any third-party vendors, investments, or portfolio holding companies), and that
- all company communication occurs in a compliant manner (see recordkeeping and texting section above for more details on how to accomplish this).
Protection of sensitive information
Advisors are required to protect the personally identifiable information (PII) of clients, but remote work may make PII more vulnerable. Specifically, the SEC has cited increased risk due to “among other things: (1) remote access to networks and the use of web-based applications; (2) increased use of personally owned devices; and (3) changes in controls over physical records, such as sensitive documents printed at remote locations.” While it may sound simple, training that includes reminders of how to protect PII is one of the best ways to keep these concerns front of mind and help protect your clients.
With almost two years to adjust to these new circumstances, the SEC may not give firms the leniency they may have in the first few months of the pandemic. Advisors would do well to ensure they remain vigilant, especially in times of high levels of market volatility.
Sol Hersh is the president at Presults, a leading archiving and compliance solution for Registered Investment Advisors. The Presults solution covers SEC and FINRA requirements for archiving emails, websites, and social media platforms – with an innovative approach to flagged keywords.
Read more articles by Sol Hersh
Advisor Perspectives welcomes guest contributions. The views presented here do not necessarily represent those of Advisor Perspectives.
