Client Alert
The Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) has released its 2019 National Exam Program Examination Priorities. Focus themes for the 2019 exam priorities include:
- Retail investor protection with an emphasis on seniors and retirement savings;
- Cybersecurity;
- Anti-money laundering programs;
- Compliance and risk in registrants responsible for critical market infrastructure;
- Digital assets including cryptocurrencies, coins and tokens; and
- Reviews of FINRA and the MSRB.
OCIE indicated that its examinations and analysis will remain grounded in four main pillars:
- Promoting compliance;
- Preventing fraud;
- Identifying and monitoring risk; and
- Informing SEC policy.
A more complete discussion of the exam priorities is included below. Firms should review their policies, procedures and business activities in light of OCIE’s 2019 priorities. A copy of the examination priorities publication is available here.
Retail Investor Protection
Protecting retail investors remains a priority for the OCIE in 2019, and it will likely continue to be a focus for the foreseeable future. In this respect, OCIE has indicated that it will focus on the following areas, among others, in conducting its 2019 examinations:
- Disclosures of the Costs of Investing: Examiners will continue to focus on whether fees and expenses are calculated and charged in line with disclosures to investors, applicable agreements and firms’ policies and procedures. Examiners will also continue to focus on firms with practices or business models that may increase risks that investors will pay inadequately disclosed fees, expenses and other charges.
- Senior Investors and Retirement Account Products:OCIE will review how broker-dealers oversee their interactions with senior investors including their ability to identify financial exploitation of seniors. OCIE will continue to scruitinize services and products offered to seniors and those saving for retirement.
- Conflicts of Interest: Examiners will review firms’ policies and procedures to ensure investment advisers are acting in a manner consistent with their fiduciary duty and meeting their contractual obligations including addressing:
• use of affiliated service providers and products;
• promotion by advisers, broker-dealers and their employees of loans and lines of credit where securities in their brokerage or advisory accounts are posted as collateral; and
• borrowing of funds from clients.
- Never-Before or Not Recently-Examined Investment Advisers:OCIE will continue to make examination determinations using risk-based assessments to identify firms with elevated risk profiles for review along with newly registered investment advisers that have yet to be examined and firms that have not recently been examined.
- Mutual Funds and Exchange Traded Funds (“ETFs”):OCIE will continue to prioritize examinations of mutual funds and ETFs, the activities of their advisers and oversight practices of their board of directors.
- Portfolio Management and Trading:Among other things, OCIE will review firms’ practices for trade execution, investment opportunity allocation, consistency with client investment objectives, adequacy of disclosures and compliance with legal restrictions.
- Municipal Advisors:OCIE will continue to conduct select examinations of municipal advisers that have never been examined concentrating on registration, professional qualification and continuing education compliance. Examinations will also focus on compliance with MSRB rules, fulfillment of fiduciary duties to municipal entities and adequacy of disclosures.
- Broker-Dealers Entrusted with Customer Assets:Where broker-dealers hold cash and securities, OCIE will examine for compliance with Securities Exchange Act of 1934 Rule 15c3-3 and other requirements relating to asset safeguarding and accurate reporting.
- Microcap Securities:OCIE will continue examinations of broker-dealers involved in selling of stocks of companies with market capitalizations of under $250 million.
Cybersecurity
Cybersecurity continues to be an SEC priority including by OCIE as part of all of its examination programs. Examinations will continue to focus on cybersecurity governance and risk assessment, access rights and controls, data loss prevention, vendor management, training and incident response. OCIE will also focus on proper configuration of network storage devices, information security governance generally and policies and procedures related to retail trading information security. OCIE will also emphasize cybersecurity practices at investment advisers with multiple branch offices including those that have recently merged with other investment advisers.
Anti-Money Laundering Programs
OCIE will continue to examine whether SEC regulated entities are establishing appropriate anti-money laundering programs including meeting Suspicious Activity Reports (“SARs”) filing obligations, implementation of all elements of their anti-money laundering programs and independent testing of anti-money laundering programs.
Compliance and Risks in Critical Market Infrastructure
OCIE will continue to focus on examining entities providing services critical to the proper functioning of capital markets including:
- Clearing Agencies:OCIE will continue annual examinations of clearing agencies designated as systematically important with a focus on compliance with SEC standards, responsiveness to comments received in prior examinations and other areas identified by the SEC’s Division of Trading and Markets and other regulators.
- Regulation Systems Compliance and Integrity (“SCI”) Entities:OCIE will continue to examine SCI entities to ensure compliance with applicable requirements and to ensure their systems’ capacity, integrity, resiliency, availability and security.
- Transfer Agents: Examinations will focus on transfers, recordkeeping and safeguarding of funds and securities. Examinations will also focus on the requirement for transfer agents to annually file a report by an independent accountant concerning the transfer agency’s system of internal accounting controls.
- National Securities Exchanges:Examinations will focus on exchanges’ internal audit and surveillance programs and funding for regulatory programs.
Digital Assets
OCIE will continue to monitor the offer and sale, trading and management of digital assets and where products are securities, examine for regulatory compliance. For firms actively engaged in the digital market, OCIE will conduct examinations focused on, among other things, portfolio management of digital assets, trading, safety of client funds and assets, pricing of client portfolios, compliance and internal controls.
FINRA and MSRB
OCIE will continue its oversight and examination of FINRA and the MSRB focusing on operations, regulatory programs, examination programs and internal policies, procedures and controls.
Conclusion
Firms should consider the SEC examination priorities as they conduct their annual reviews of policies, procedures and business activities. Where firms observe deficiencies in their own practices, adjustments should be made before they find themselves the subject of an SEC investigation, examination or enforcement action.