On December 20, 2018, the staff of the Office of Compliance Inspections and Examinations (OCIE) of the SEC announced its 2019 examination priorities. The examination priorities covered six thematic areas: (i) compliance and risk at registrants responsible for critical market infrastructure; (ii) matters of importance to retail investors, including seniors and those saving for retirement; (iii) FINRA and MSRB; (iv) digital assets; (v) cybersecurity; and (vi) anti-money laundering programs. While the staff's attention to digital assets represents a new area of focus for 2019, the remainder of the topics are carried over from the 2018 examination priorities.
According to the 2019 publication, the agency oversees more than 13,200 registered investment advisers, an increase of 5% from 2017. Advisers to one or more private funds constituted 35% of this total. The publication also reported that approximately 17% of registered advisers were examined last year, up from 15% in 2017.
This year's edition of the exam priorities reflects the new format adopted by the staff in 2018 and recites several program accomplishments over the past year:
- In the agency's fiscal year 2018 (which ended on September 30, 2018), OCIE staff participated in or held more than 100 outreach events, including national and regional compliance seminars.
- OCIE published the following five risk alerts since the publication of the 2018 priorities on February 7, 2018:
- Most Frequent Best Execution Issues Cited in Adviser Exams
- Most Frequent Advisory Fee and Expense Compliance Issues Identified in Examinations of Investment Advisers
- Risk-Based Examination Initiatives Focused on Registered Investment Companies
- Investment Adviser Compliance Issues Related to the Cash Solicitation Rule
- Observations from Investment Adviser Examinations Relating to Electronic Messaging
- Examinations in fiscal year 2018 led to more than 160 enforcement referrals and resulted in firms returning more than $35 million to investors.
- Investment adviser examinations in fiscal year 2018 identified emerging risks at advisers selling or recommending digital assets, such as concerns related to custody and safekeeping of investor assets, valuation, omitted or misleading disclosures regarding the complexities of the products and technology, and the risks of dramatic price volatility.
The 2019 examination priorities reflect a continued focus on a number of issues identified in prior years, with a continuing emphasis from 2018 on both reviewing industry-wide risks and ensuring investor protections in the retail market. However, a few areas of noted interest are specifically applicable to advisers to private funds:
- Disclosure of Fees and Expenses – OCIE will select firms with practices or business models that may create increased risks of inadequately disclosed fees, expenses or other charges.
- Conflicts of Interest – OCIE will examine arrangements utilizing services or products provided by affiliated entities, focusing on the impact to clients and the related disclosures of conflicts of interest that may be present.
- Portfolio Management and Trading – OCIE will review firms' practices for executing investment transactions on behalf of clients, fairly allocating investment opportunities among clients, ensuring consistency of investments with the objectives obtained from clients, disclosing critical information to clients, and complying with other legal restrictions. OCIE will also examine investment adviser portfolio recommendations to assess, among other things, whether investment or trading strategies of advisers are:
- suitable for and in the best interests of investors based on their investment objectives and risk tolerance;
- contrary to, or have drifted from, disclosures to investors;
- venturing into new, risky investments or products without adequate risk disclosure; and
- appropriately monitored for attendant risks.
- Digital Assets – OCIE will continue to monitor the offer and sale, trading, and management of digital assets, and where the products are securities, examine for regulatory compliance. In particular, through high level inquiries, OCIE will take steps to identify market participants offering, selling, trading and managing these products or considering or actively seeking to offer these products and then assess the extent of their activities. For firms actively engaged in the digital asset market, OCIE will conduct examinations focused on, among other things, portfolio management of digital assets, trading, safety of client funds and assets, pricing of client portfolios, compliance and internal controls. OCIE is currently conducting a "sweep examination" of both registered and unregistered advisers that are or OCIE believes may be engaged in this market. In September, the SEC brought its first settled enforcement action against an asset manager sponsoring a fund investing in digital assets.
- Cybersecurity – OCIE examinations will focus on, among other things, proper configuration of network storage devices, information security governance generally, and policies and procedures related to retail trading information security. Specific to investment advisers, OCIE will emphasize cybersecurity practices at investment advisers with multiple branch offices, including those that have recently merged with other investment advisers, and continue to focus on, among other areas, governance and risk assessment, access rights and controls, data loss prevention, vendor management, training and incident response.
The 2019 examination priorities sets forth a helpful roadmap that advisers should use to anticipate and prepare for SEC exams. Registered advisers are well-advised to devote sufficient time and resources to maintain robust policies and procedures which, at a minimum, address the areas noted in the 2019 announcement (to the extent applicable to their operations).