From first-hand experience, we’ve learned the primary area of focus for U.S. Securities and Exchange (“SEC”) examiners this year is protecting the retail investor, with an emphasis on those saving for retirement, aging clients, and cybersecurity.
When its annual list of priorities was released last March, the SEC’s Division of Examinations (EXAMS) said its staff would pay particular attention in 2021 exams to the appropriateness of recommendations and advice provided to four specific categories of retail investors – seniors, teachers, military personnel, and individuals saving for retirement.
As a case in point, I had a recent sweep exam where the EXAMS wasn’t interested only in traditional retirement accounts, but Thrift Savings Plans (TSPs), which are provided to government employees and military members. The SEC wants to understand how they’re being marketed, sold, and evaluated during a rollover process to investment advisory firms.
To help your firm prioritize and develop regulatory processes, here are key topics our team has been seeing during routine exams, sweep exams, and formal regulatory investigations.
EXAMS is keenly interested in how firms communicate with clients about retirement, as well as how they evaluate what’s in each client’s best interest and whether all options are made available. It’s not only important to comply, but also critical to clearly document practices, as deficiencies often arise when advisers fail to document their actions.
Common questions include whether training has been provided to financial advisers for servicing retirement accounts and what written disclosures and related information is provided to clients about available retirement options. EXAMS also has shown an interest in how advisers and clients communicated with each other within a COVID environment.
As more people are living longer, examiners want to learn how advisers are managing the associated responsibilities of serving aging clients. This includes diminished capacity (e.g., from the onset of dementia), and potential scenarios involving and protections for dealing with financial exploitation. To help protect vulnerable investors, examiners review a firm’s ability to identify financial exploitation as well as its supervisory internal controls.
Since a large part of an adviser’s assets under management business deals with the seniors (generally defined as someone 55 years of age or older), the SEC wants to see if registrants are focused on their duties of loyalty and duties of care. To satisfy this in part, EXAMS is looking at how policies and procedures are designed for such specifics as steps taken with client accounts upon death, handling client requests for changing beneficiaries, powers of attorney, trustees, and documenting the frequency of communication you’re having with aging clients.
Protecting clients against cybersecurity threats has become increasingly important and complex. In response, examiners increasingly ask advisers if they have established robust policies and procedures to respond to cyberattacks and protect their investors’ personally identifiable information. This has proven to be an area of weakness for some firms that have not demonstrated they have proper safeguarding protections in place and fall short in training employees on cybersecurity awareness.
EXAMS is looking at whether advisers have conducted periodic risk assessments to identify cybersecurity threats and vulnerabilities and related business consequences, and if so, what actions were taken to address these areas. Compliance should be prepared to identify what steps were taken to address remote working safeguards, how this was evaluated and documented. In addition, the SEC staff is examining whether firms have conducted adequate vendor due diligence on cyber controls and what resulted as a consequence of vendor responses.
Other Areas of Interest
While not an exhaustive list, here are a few other areas your firm should expect examiners to review.
- The growing popularity of Environmental, Social, and Governance (ESG) investing remains a focal point for the SEC. How a firm markets ESG and discloses its ESG investments is a primary examination area, as is the robustness of policies and procedures governing ESG. If your marketing disclosures are weak and/or the registrant’s controls and compliance programs are inadequate to maintain, monitor, and update clients’ ESG-related investing guidelines, mandates, and restrictions, there’s a high likelihood a deficiency letter could come your way.
- Examiners are keenly interested in how advisers are calculating their advisory fees, particularly whether they are disclosing revenue share and solicitor arrangements. Wrap fee accounts also have come under greater scrutiny.
- An SEC exam in 2021 can also be expected to cover business continuity plans, standards of conduct, best execution, supervision of remote employees, and policies and procedures in general.
Would your firm be confident to address all these areas of SEC interest when examiners arrive? Don’t wait for that to happen. By then, it will be too late. JLG conducts mock SEC exams to help registrants identify higher-risk areas. Act now to protect your firm and your clients. Contact us today at (619) 298-2880 or visit our website at www.jackolg.com.