Post Madoff Regulatory Exams – Survival Of The Compliance Fittest

Since the Madoff scandal, the Securities and Exchange Commission (“SEC”) has evolved itself. In addition to issuing a number of important reforms and new regulations over the past 2+ years, the SEC has made changes to their internal structure, including the way they approach and perform examinations of investment advisers and other regulated entities. The goal: to prevent fraud, protect investors and restore the integrity of the financial marketplace.

The states, too, have not been idle. They have issued new regulations and are now gearing up for the inflow of investment advisers that would fall under their regime should the proposed Financial Services Reform bill get passed with the inclusion of the Investor Protection Act section, which requires investment advisers with assets under management of $100 million or less to be registered now with the appropriate state(s) instead of the SEC.

Given these changes, it is essential that advisers are: (i) prepared for and educated about the examination process, (ii) understand current focuses of the regulators, and (iii) have a robust compliance program in place to address fraud and protect investors. Below is a discussion on each of these steps:

Current Undertones of the Examination Process

There are three basic types of exams performed by the SEC:

  • Routine – These examinations are generally based on the SEC’s internal risk rating of the firm and the amount of time since the last audit
  • For Cause – Generally, these exams occur due to the SEC receiving a tip or investor complaint
  • Sweeps – These types of examinations primarily focus on one or two areas of business practice

While notice generally is provided for routine exams, it is more common in “For Cause” exams for the SEC to just show up and start the examination process. Advisers that are part of sweep exams generally receive a letter from the SEC requesting information on the firm’s processes regarding a specific issue or business practice.

What has Changed?

Subsequent to Madoff, regulators have been shifting the way they select advisers to examine and are delegating additional resources and man hours to examining firms that have had a complaint or other type of allegation filed against them.

In November 2008, the SEC issued a “Core Document Request List”1 that identifies the documents generally requested for review during an exam. Depending on the business model of the advisory firm, the products offered and the reason for the exam, the SEC generally requests additional information during their on-site visit and may ask firms to demonstrate certain internal controls.

What to Expect?

Typically, for small to medium size firms (determined by assets under management and number of employees), the exam team will probably be two to three people. For very large more complex firms, the team may consist of five or more examiners. In most cases there will be a team leader, who is usually a Branch Chief.

During the on-site visit, the examiners main focus is auditing the documents provided and interviewing key personnel, starting with the CEO and CCO on the first day of their visit. During this initial interview, it is important to explain the firm’s business model, products and services offered and types of clients to help ensure that the SEC has a clear understanding of the firm’s business so there is no misunderstanding later.


Start by compiling the firm’s books and records in accordance with the SEC’s Core Document Request List. Consider whether you and members of your team understand the request and provide additional training as necessary. Next, review conflicts, gap analysis and disclosures concurrently to ensure completeness and accuracy and compare to the firm’s written policies and procedures in accordance with requirements under Rule 206(4)-7 of the Investment Advisers Act of 1940 (“Advisers Act”).

Finally, provide employee training on how to handle an SEC interview. Employees should be courteous and responsive when asked questions. Ensure that employees are knowledgeable and able to converse about the firm’s risk management processes and specifically those that are applicable to the employee’s designated duties.

Throughout the process, the CCO should attend all employee interviews performed by the SEC and maintain detailed notes of questions asked. This helps keep track of what was discussed and also allows reflection on any items which may require clarification.

Current Focuses of the Regulators

Based on recent examinations, we are providing the following risk management tips to help guide you through responding to recent examination focus areas, which include among other things: performance advertising, social media, pay-to-play disclosure of higher risk products (e.g. use of derivatives, insider trading, due diligence and conflicts of interest).

Below are some additional tips to promote survival of an SEC exam:

  1. During the initial interview, provide a written presentation that includes information on affiliates, products and services offered and what types of risk controls the firm has in place.
  2. Always be able to demonstrate the effectiveness of the firm’s compliance program.
  3. Take any identified (and agreed upon) remedial action during the SEC exam – before a deficiency letter is sent.
  4. Provide requested documents in a prompt and organized manner.
  5. Maintain copies of all interview notes and documents provided, as part of the firm’s books and records.
  6. Have written procedures in place that outline steps the firm and its employees should take during regulatory examinations.

Collectively, this will help to achieve your overall objective: illustrating the firm’s allure of compliance.

Demonstrate the Robustness of Your Compliance Program

One of the SEC’s primary objectives during an examination is to determine the strength of a firm’s compliance program. In 2004, the SEC adopted rule 206(4)-7 under the Advisers Act that requires SEC registered advisory firms to have a named CCO, adopt specific written policies and procedures to prevent violations of the federal securities laws and to annually review those policies and procedures to ensure compliance.

The following characteristics generally help to formulate a solid backbone to a good compliance program:

  • Ability to identify and mitigate firm risks;
  • Identification and disclosure of all firm conflicts of interest;
  • Implementation of detailed policies, procedures and internal controls that help manage compliance and prevent violations of federal securities laws, and
  • Continual review of the program to ensure adequacy.


As we are about to enter the 3rd Quarter of 2010, this is an ideal time to reflect upon your readiness for an SEC or other regulatory examination. The key to survival is taking the time now, before examiners come in, to ensure the adequacy and effectiveness of the firm’s compliance program, and clear communication of the firm’s culture of compliance by senior management which should be embraced by all employees.

For more information, or to learn about how JLG may be of assistance, please do not hesitate to contact us at (619) 298-2880.

Author: Tina L. Mitchell, Senior Paralegal; Michelle L. Jacko, Esq., Managing Partner Jacko Law Group, PC (JLG). JLG works extensively with investment advisers, broker- dealers, investment companies, hedge funds and banks on legal and regulatory compliance matters.

For more information about this topic and other legal services, please contact us at (619) 298-2880, or visit Thank you.

This article is for information purposes and does not contain or convey legal advice. The information herein should not be relied upon in regard to any particular facts or circumstances without first consulting with a lawyer.

1 A copy of the list may be found on the SEC website at

Leave a Reply

Your email address will not be published. Required fields are marked *