May 15, 2023
Division of Examinations Releases 2023 Examination Priorities
On February 7, 2023, the Securities and Exchange Commission’s (the “SEC” or the “Commission”) Division of Examinations (the “Division”) announced its 2023 examination priorities (the “2023 Priorities”). Below is a summary of certain aspects of the 2023 Priorities.
Notable New and Significant Focus Areas
Compliance with Recently Adopted Rules Under the Investment Advisers Act of 1940 (the “Advisers Act”) and Investment Company Act of 1940 (the “Investment Company Act”). Referencing recent SEC rulemakings, the 2023 Priorities includes that the Division is prioritizing examining for compliance with recently adopted rules, including:
- Rule 206(4)-1 under the Advisers Act (the “Marketing Rule”). The 2023 Priorities note that the Division will assess whether RIAs have: (1) adopted and implemented written policies and procedures that are reasonably designed to prevent violations by the advisers and their supervised persons of the Marketing Rule; and (2) complied with the substantive requirements of the Marketing Rule, including the requirement that RIAs have a reasonable basis for believing they will be able to substantiate material statements of fact and requirements for performance advertising, testimonials, endorsements and third-party ratings.
- Rule 18f-4 under the Investment Company Act (the “Derivatives Rule”). Where a fund relies on the Derivatives rule, the Division will, among other items: (1) assess whether registered investment companies, including mutual funds (other than money market funds), exchange-traded funds (“ETFs”) and closed-end funds, as well as business development companies (“BDCs”), have adopted and implemented policies and procedures reasonably designed to manage derivatives risks and to prevent violations of the Derivatives Rule pursuant to Investment Company Act Rule 38a-1; and (2) review for compliance with Rule 18f-4, including the adoption and implementation of a derivatives risk management program, board oversight, and whether disclosures concerning the fund’s use of derivatives are incomplete, inaccurate or potentially misleading.
- Rule 2a-5 under the Investment Company Act (the “Fair Valuation Rule”). With respect to the Fair Valuation Rule, the Division will among other items: (1) assess funds’ and fund boards’ compliance with the Fair Valuation Rule’s requirements for determining fair value, implementing board oversight duties, setting recordkeeping and reporting requirements, and permitting the funds’ board to designate valuation designees to perform fair value determinations subject to oversight by the board; and (2) review whether adjustments have been made to valuation methodologies, compliance policies and procedures, governance practices, service provider oversight, and/or reporting and recordkeeping.
Registered Investment Advisers (“RIAs”) to Private Funds. Citing the growth in private fund assets in recent years, the 2023 Priorities include that the Division will focus on the following with respect to private fund RIAs: (1) conflicts of interest; (2) calculation and allocation of fees and expenses; (3) compliance with the new Marketing Rule, including performance advertising and compensated testimonials and endorsements, such as solicitations; (4) policies and practices regarding the use of alternative data and compliance with Advisers Act Section 204A; and (5) compliance with the Advisers Act Rule 206(4)-2 (Custody Rule), where applicable, including timely delivery of audited financials and selection of permissible auditors.
Standards of Conduct: Regulation Best Interest, Fiduciary Duty, and Form CRS. The Division will continue to prioritize examinations of broker-dealers and RIAs for compliance with their applicable standard of conduct. These and other examinations will continue to focus on: (1) investment advice and recommendations with regard to products, investment strategies, and account types; (2) disclosures made to investors and whether such disclosures include all material facts relating to the conflicts of interest associated with the advice and recommendations; (3) processes for making best interest evaluations, including those for reviewing reasonably available alternatives, evaluating costs and risks, and identifying and addressing conflicts of interest; and (4) factors considered in light of the investor’s investment profile, including investment goals and account characteristics.
With respect to Form CRS, the 2023 Priorities note that SEC rules require firms to deliver their relationship summaries to retail investors, file their relationship summary with the Commission, and post the summary on the firm’s website, if applicable. The 2023 Priorities state that the Division will continue to prioritize compliance with Form CRS in the Divisions examination of broker-dealers and RIAs.
Environmental, Social, and Governance (“ESG”) Investing. Noting competition among RIAs and registered funds for demand for ESG investments and strategies, the 2023 Priorities include that the Division will continue to focus on ESG-related advisory services and fund offerings, including whether ESG funds and funds that incorporate ESG criteria are operating in the manner described in their disclosures. The Division will also assess whether ESG products are appropriately labeled and whether recommendations of such products to retail investors are made in such investors’ best interest.
Information Security and Operational Resiliency
The 2023 Priorities also include risks related to information security and operational resiliency as an area of focus for the Division. The Division’s examinations will focus on firms’ policies and procedures, governance practices, cyber-related event responses (including to ransomware attacks), and compliance with Regulations S-P and S-ID, as applicable. With respect to policies and procedures, the Division will review whether such policies and procedures are designed to safeguard customer records and information, whether stored on registrants’ systems or with third-party providers. The Division will also focus on cybersecurity issues associated with firms’ use of third-party vendors.
Crypto Assets and Emerging Financial Technology
The 2023 Priorities include that examinations of registrants will focus on the offer, sale, or recommendation of, advice regarding and trading in crypto or crypto-related assets. More specifically, the 2023 Priorities state that Division staff will assess whether market participants involved with crypto or crypto-related assets: (1) met and followed their respective standards of care when making recommendations, referrals, or providing investment advice, to the extent required; and (2) routinely reviewed, updated, and enhanced their compliance, disclosure, and risk management practices. The Division also will focus on new or never before examined registrants offering crypto or crypto-related assets. Broker-dealer and RIA examinations will also focus on firms that employ digital engagement practices and the related tools and methods.
Investment Advisers and Investment Companies
Examinations of RIAs. The 2023 Priorities state that during a typical examination of and RIA, the Division reviews the firm’s compliance programs and related disclosures in certain core areas, such as custody and safekeeping of client assets, valuation, portfolio management, and brokerage and execution. Examinations also include a review for conflicts, compliance issues and the oversight and approval process related to RIA fees and expenses, including: (1) the calculation of fees; (2) alternative ways that RIAs may try to maximize revenue, including revenue earned on clients’ bank deposit sweep programs; and (3) excessive fees. In addition to reviewing these “core focus areas,” Division staff also will review RIA policies and procedures for retaining and monitoring electronic communications and selecting and using third-party service providers.
Registered Investment Companies, Including Mutual Funds and ETFs. The perennial focus areas for examinations of registered investment companies, include, among other topics, an assessment of registered investment companies’ compliance programs and governance practices, disclosures to investors, and accuracy of reporting to the SEC. The 2023 Priorities note that the Division will continue to evaluate boards’ processes for assessing and approving advisory and other fund fees, particularly for funds with weaker performance relative to their peers. In addition, the Division will assess the effectiveness of funds’ derivatives risk management programs and liquidity risk management programs, if applicable. The 2023 Priorities note that the Division will also focus on funds with specific characteristics, such as: (1) turnkey funds, to review their operations and assess effectiveness of their compliance programs; (2) mutual funds that converted to ETFs, to assess governance and disclosures associated with the conversion to an ETF; (3) non-transparent ETFs, to assess compliance with the conditions and other material terms of their exemptive relief; (4) loan-focused funds, such as leveraged loan funds and funds focused on collateralized loan obligations, for liquidity concerns and to review whether the funds have been significantly impacted by, and have adapted to, elevated interest rates; and (5) medium and small fund complexes that have experienced excessive staff attrition, to focus on whether such attrition has affected the funds’ controls and operations.
Division of Examinations Releases Observations From Examinations of Newly-Registered Advisers Risk Alert
On March 27, 2023, the Division released its observations from examinations of advisers that are newly-registered with the SEC (the “Risk Alert”). As stated in the Risk Alert, the Division’s examinations of newly-registered advisers often focus on whether these firms have: (1) identified and addressed conflicts of interest; (2) provided clients with full and fair disclosure such that clients can provide informed consent; and (3) adopted effective compliance programs.
In recent years, the Division has prioritized examining newly-registered advisers within a reasonable period after the adviser’s SEC registration has become effective. Generally, such examinations involve document requests and interviews of advisory personnel that address: (1) business and investment activities; (2) organizational affiliations; (3) compliance policies and procedures; and (4) disclosures to clients. As stated in the Risk Alert, Division staff requests information and documents to assess compliance with the Advisers Act and to determine whether the advisers representations and disclosures to clients in filings with the SEC are consistent with the adviser’s actual practices. The Risk Alert notes the following as examples of information the Division staff typically requests:
General information to provide the staff with an understanding of the adviser’s business and operations, such as: (1) organizational charts; (2) documentation to support eligibility for SEC registration; (3) information about ownership and control of the adviser and its affiliates; (4) information about current and former advisory personnel; (5) financial information; and (6) information about litigation or arbitration involving the adviser or any of its supervised persons.
Demographic and other specific data regarding each advisory client account, including information about: (1) advisory services provided, such as portfolio management, financial planning, and/or bundled wrap fee arrangements; (2) types of client accounts serviced; (3) advisory authority to trade in the account, such as whether it has discretionary authority; (4) advisory personnel servicing and overseeing the account; (5) assets under management advised by the firm; (6) third-party service providers; and (7) investment strategies. The staff often also requests documents supporting the adviser’s representations, such as copies of certain contracts, agreements, or third-party account statements.
Information regarding the adviser’s compliance program, risk management practices and framework, and internal controls, including written compliance policies and procedures and the adviser’s code of ethics.
- Information to facilitate the staff testing for regulatory compliance in certain areas, including portfolio management and trading activities, such as a record of specific information for advisory clients’ securities holdings and transactions.
- Communication used by the adviser to inform or solicit new and existing clients, including disclosure documents and advertising, such as pamphlets, social media, mass mailings, websites, and blogs.
Staff Observations from Recent Newly-Registered Adviser Examinations
The Risk Alert identifies staff observations in the following areas:
Compliance Policies and Procedures. Division staff observed compliance policies and procedures that: (1) did not adequately address certain risk areas applicable to the firm, such as portfolio management and fee billing; (2) omitted procedures to enforce stated policies, such as stating the advisers’ policy is to seek best execution, but not having any procedures to evaluate periodically and systematically the execution quality of the broker-dealers executing their clients’ transactions; and/or (3) were not followed by advisory personnel, typically because the personnel were not aware of the policies or procedures or the policies or procedures were not consistent with their businesses or operations. Additionally, the staff observed advisers’ annual compliance reviews that did not address the adequacy of the advisers’ policies and procedures and the effectiveness of their implementation. For example, Division staff observed advisers that:
- Used off-the-shelf compliance manuals that were not tailored for consistency with the advisers’ operations and business.
- May not have devoted sufficient resources to comply with regulatory requirements and their own policies and procedures (e.g., advisers may have assigned additional and unrelated responsibilities to the chief compliance officer (“CCO”), resulting in limited time for the CCO to dedicate to compliance), or to ensure compliance personnel understood actual business practices.
- Had undisclosed conflicts of interest created by the multiple roles and responsibilities of advisory personnel carrying out the assigned duties, and these conflicts were not mitigated.
- Outsourced certain business and compliance functions without assessing how outsourced responsibilities were being performed or whether they were consistent with the advisers’ compliance policies and procedures.
- Did not have adequate business continuity plans, including succession plans.
Disclosure Documents and Filings. As noted in the Risk Alert, Division staff observed disclosure documents with omissions or inaccurate information and untimely filings related advisers’: (1) fees and compensation; (2) business or operations (including affiliates, other relationships, number of clients, and assets under management); (3) services offered to clients, such as disclosure regarding advisers’ investment strategy (including the use of models), aggregate trading, and account reviews; (4) disciplinary information; (5) websites and social media accounts; and (6) conflicts of interest.
Marketing. According to the Risk Alert, Division staff observed adviser marketing materials that appeared to contain false or misleading information, including inaccurate information about advisory personnel professional experience or credentials, third-party rankings, and performance. The Risk Alert also stated that advisers were also unable to substantiate certain factual claims.
SEC Adopts Final Rule Shortening the Securities Transaction Settlement Cycle
On February 15, 2023, the SEC Commissioners voted to adopt final amendments to Rule 15c6-1(a) under the Securities Exchange Act of 1934 (the “Exchange Act”) to shorten the standard settlement cycle for most securities transactions from two business days after the trade date (T+2) to one business day after the trade date (T+1). The Commissioners also adopted amendments to Exchange Act Rule 15c6-1(c) to shorten the separate standard settlement cycle for firm commitment offerings priced after 4 30 p.m. ET, from four business days after the trade date (T+4) to T+2. The amended Exchange Act rules do not alter the existing ability of underwriters and the parties to a transaction to vary the standard settlement cycle specified in paragraphs (a) and (c) of Rule 15c6-1 under Rule 15c6-1(d) by express agreement in advance of the transaction. The SEC also amended Rule 15c6-1(b) to exclude security-based swaps from the scope of the securities T+1 settlement cycle under Rule 15c6-1(a).
In connection with the shortened settlement timelines, the SEC adopted a new Rule 15c6-2 under the Exchange Act. As explained in the Adopting Release, new Rule 15c6-2 is intended to improve the processing of institutional trades through new requirements for broker-dealers and registered investment advisers related to same-day affirmations. For transactions that require completion of the allocation, confirmation, or affirmation process, broker-dealers must either: (i) enter into written agreements with the relevant parties or (ii) establish, maintain, and enforce written policies and procedures reasonably designed to ensure completion of allocations, confirmations and affirmations “as soon as technologically practicable” and no later than the end of the day on trade date. In addition, in connection with new Rule 15c6-2, the SEC amended Rule 204-2 under the Advisers Act to require investment advisers who are parties to a contract under Rule 15c6-2 maintain records of each confirmation received.
Lastly, the SEC adopted a new Rule 17Ad-27 to require clearing agencies acting as central matching service providers (“CMSPs”) and their users to facilitate straight-through processing (“STP”) through new policies and procedures and ongoing assessments of STP processes and annual reporting to the Commission via EDGAR.
The Commission’s move to shorten the settlement cycle was partly informed by the increased market volatility resulting from the COVID-19 pandemic and heightened interest in certain “meme” stocks that highlighted potential vulnerabilities in the U.S. securities markets. As explained in the Adopting Release, the Commission’s intention behind shortening the settlement cycle from T+2 to T+1 was to promote investor protection, reduce risk, and increase operational and capital efficiency. The SEC has shortened the settlement timelines twice in recent history, from five business days after the trade date (T+5) to three business days after the trade date (T+3) in 1993 and from T+3 to T+2 in 2017 in response to changes in technology, markets, trading practices, and participant’s operations. As mentioned in the Adopting Release, the SEC readily observed that the industry and market participants have already taken significant steps to operate in a T+1 environment. Accordingly, the SEC is “actively assessing” the feasibility of an eventual shift to a “same-day settlement” (T+0) standard cycle.
The amendments and new rules will be effective 60 days after publication in the Federal Register, and the compliance date is Tuesday, May 28, 2024.
SEC Proposes Amendments to the Custody Rule
On February 15, 2023, the SEC Commissioners voted to propose new rules and amendments (the “Proposal” or Proposed Rule”) to Rule 206(4)-2 (known as the “Custody Rule”) under the Advisers Act. As proposed, new Rule 223-1 (the “Safeguarding Rule”) would redesignate the Custody Rule and enhance the scope of custodial requirements on all registered investment advisers and their qualified custodians. The SEC Proposal also includes complementary amendments to the Advisers Act books and records rule (Rule 204-2) and Form ADV (namely, to amend Item 9 of Part 1A to require new information corresponding to proposed Rule 223-1). The proposed Safeguarding Rule would significantly change the scope and requirements of the Custody Rule and would seek to enhance the vitality of the role of qualified custodians and auditors in many ways.
The Custody Rule, first adopted in 1962 and last amended by the SEC in 2009, is intended to protect advisory clients from the misuse or misappropriation of their funds and securities over which the adviser has “custody.” Currently, a registered investment adviser (and any of its related persons) with “custody” of “client funds or securities” is required by Rule 206(4)-2 to establish a set of controls to safeguard those client assets. Under the current Rule, “custody” means “holding, directly or indirectly, client funds or securities, or having any authority to obtain possession of them.” With very limited exceptions, the current Rule 206(4)-2(a)(1) requires that an adviser with custody must maintain client funds and securities with “qualified custodians” either under the client’s name or under the adviser’s name as agent or trustee for its clients. “Qualified custodians” are defined generally as broker-dealers, banks, savings associations, futures commission merchants, and non-U.S. financial institutions that customarily hold financial assets for their customers if the institutions keep the advisory assets separate from their own.
Scope of Client Assets and Expanded Coverage of Custody
The Safeguarding Rule would change the Custody Rule’s definition and scope in two critical ways. First, the proposed Safeguarding Rule would extend the coverage beyond client “funds and securities” to client “assets,” including additional investments held in a client’s account. Consequently, the proposed rule’s definition of assets covers a broader array of client assets and investment activities. For example, it would include investments such as all crypto assets (even in the instances where such assets are neither funds nor securities), financial contracts held for investment purposes, collateral posted in connection with a swap contract on behalf of the client, and physical assets, including artwork, real estate, precious metals, or physical commodities (e.g., wheat or lumber). Second, the proposed rule would make explicit that the current rule’s defined term “custody” includes discretionary authority. Under the current Rule 206(4)-2(d)(2) definition of “Custody,” three prongs serve as examples of custody: (i) physical possession of client funds or securities; (ii) any arrangement under which the adviser is authorized or permitted to withdraw client funds or securities maintained with a custodian upon the adviser’s instruction to the custodian; and (iii) any capacity that gives the adviser or its supervised person legal ownership of or access to client funds or securities. The Safeguarding Rule would retain these three prongs but would amend prong (ii), the “arrangement category,” to state explicitly that discretionary trading authority is an arrangement that triggers the rule.
Qualified Custodians Written Arrangements, Reasonable Assurances, and Qualifications
Like the Custody Rule, the Safeguarding Rule would continue with the qualified custodian requirement but would add new conditions governing the relationship between advisers and their qualified custodians. Specifically, an institution may serve as an adviser’s qualified custodian only if they have “possession or control” of client assets pursuant to a written agreement between the qualified custodian and the investment adviser. “Possession or control” would be defined to mean holding assets such that the qualified custodian is required to participate in any change in beneficial ownership of those assets, the qualified custodian’s participation would effectuate the transaction involved in the change in beneficial ownership, and the qualified custodian’s involvement is a condition precedent to the change in beneficial ownership.
Moreover, under the Proposal, a qualified custodian and adviser would be required to enter into a written agreement containing certain contractual provisions addressing recordkeeping, client account statements, internal control reports, and the adviser’s agreed-upon level authority to effect transactions in the account. It would further require the adviser to obtain “reasonable assurances” in writing from the custodian regarding certain vital protections for the safeguarding of client assets, including, among others, that the custodian: (i) will exercise due care in accordance with reasonable commercial standards; (ii) will indemnify the client against losses caused by its own negligence, recklessness or willful misconduct; (iii) the custodian will not be relieved of its responsibilities to an advisory client as a result of sub-custodial arrangements; and (iv) the custodian will identify and segregate client assets from the custodian’s assets and liabilities. In the Proposal, the SEC acknowledged that a written agreement between an adviser and its custodian would be a “substantial departure from current industry practice” as under existing market practices, advisers are rarely parties to the custodial agreement, which is generally between an advisory client and a qualified custodian.
The proposed Safeguarding Rule would require a more robust set of qualification requirements for banks, savings associations, and foreign financial institutions to serve as qualified custodians. Specifically, under the proposed Safeguarding Rule, to serve as a qualified custodian, a bank or a savings association would be required to hold client assets “in an account designed to protect such assets from creditors of the bank or savings association in the event of the insolvency or failure of the bank or savings association.” Likewise, to serve as a qualified custodian, a foreign financial institution would have to satisfy seven new conditions, one of which is for the foreign financial institution to comply with anti-money laundering and related provisions similar to those of the U.S. Bank Secrecy Act.
Exceptions for Privately Offered Securities and Physical Assets
The Proposed Rule would also modify the current Custody Rule’s limited exception from the obligation to maintain client assets with a qualified custodian for certain “privately offered securities,” including expanding the exception to include certain physical assets. As explained in the Proposed Rule Release, the Commission “believe[s] that the bulk of advisory client assets are able to be maintained by qualified custodians; however, we understand that is not universally the case, particularly for two types of assets: certain physical assets and certain privately offered securities.” The safeguarding rule’s definition of “privately offered securities” would retain the core elements of the current definition (i.e., un-certificated securities acquired in a private placement that are recorded in the name of the client only on the books of the issuer or its transfer agent and transferrable only with the consent of the issuer or holders of the securities) but amends the second prong of the definition to provide the securities be capable of only being recorded on the non-public books of the issuer or its transfer agent in the name of the client as it appears in the records the adviser is required to keep under Rule 204-2, the books and records rule. As proposed, advisers can utilize the exception provided they meet the following conditions: (1) the adviser reasonably determines documents in writing that ownership cannot be recorded and maintained by a qualified custodian; (2) the adviser reasonably safeguards the assets from loss, theft, misuse, misappropriation, or the adviser’s financial reverses, including the adviser’s insolvency; (3) under a written agreement between an independent public accountant and the adviser, the accountant, upon receipt of notice from the adviser, who in turn is obligated to give notice within one business day of such transfer, performs verification of any asset transfers and notifies the Division within one business day upon finding any material discrepancies; and (4) the existence and ownership of the assets are verified during a surprise examination or as part of a financial statement audit by an independent public accountant.
Surprise Exam and Annual Audit Exemption
Finally, the proposed Safeguarding Rule would amend the surprise exam requirement of the Custody Rule and the audited financial statement exception.
Under the Proposal, the surprise examination requirement would be amended to state that the adviser must reasonably believe that a written agreement has been implemented. The current Custody Rule requires a written agreement between the adviser and the accountant. However, it does not expressly require an investment adviser to have a reasonable belief about implementing the written agreement between the adviser and the accountant.
The Custody Rule’s annual audit exception would also be modified by expanding its availability to “any other entity” (i.e., not just pooled investment vehicles). For single-purpose vehicles established to hold investments of a pooled investment vehicle (“SPV”), an adviser would have the choice of whether to treat the SPV as a separate client or treat the SPV’s assets as the pooled investment vehicle’s assets, which it has custody indirectly. However, if the SPV has third-party investors, the adviser would be required to treat the SPV’s assets as a separate client for purposes of the Safeguarding Rule. As is the case with the current Custody Rule, the proposed Safeguarding Rule would require all audited financial statements to be prepared in accordance with U.S. GAAP and be distributed within 120 days of fiscal year end but would extend the delivery deadline to 180 days in the case of a fund of funds or 260 days in the case of a fund of funds of funds of the entity’s fiscal year-end. The Safeguarding Rule would, however, add a new requirement for the auditor’s engagement letter to require the auditor to notify the SEC upon the auditor’s termination or the issuance of a modified opinion.
Timing and Comment Period on the Proposal
The SEC proposed a one-year transition period, with a more extended 18-month period for advisers with up to $1 billion in regulatory assets under management following the Proposals’ effective date. The comment period will remain open until 60 days after the publication of the Proposal release in the Federal Register.